ORACLE BRIEF
A Secure Platform for Delivering
Innovative Communications and
Collaboration Services
The Oracle Unified Communications and Collaboration Solution provides a
secure, highly scalable, integrated application, platform, and network
architecture for delivering advanced communications and collaboration
services to the enterprise on premises or via the cloud.
Security Hurdles and Challenges
KEY BENEFITS.
•
Secure data in transmission and
storage across all communications
messaging types: voice, video, email,
chat
The explosive growth in Unified Communications and Collaboration has led to the rapid
deployment of IP-based unified communications and collaboration solutions that
improve user productivity, provide seamless collaboration, and reduce cost. They do so
by replacing the more expensive traditional PBX switches and PSTN networks and
getting rid of silos that inhibit collaboration. Providing an all IP solution capable of
•
Improves user productivity through
seamless presence enabled
applications
•
Lowers total cost of ownership
contrast to traditional voice and video networks which were purpose-built to have
•
Scalability and high availability from
hundreds to millions of users in a
single deployment
stringent reliability and latency characteristics, IP-based unified communications
Multi-tenanted solution supports cloud
and on premises deployment models
range of threats and service quality problems from eavesdropping, to denial of service
•
delivering real-time and near real-time communication and collaboration capabilities
over a single network introduces a variety of operational and deployment challenges. In
networks transport many data types over networks that are inherently open. This
exposes the IP communications infrastructure, services, and applications to a wide
attacks. Not only must IT organizations provide a reliable network capable of supporting
low latency voice and video communications, they must also address other security and
privacy concerns including secure access to data both in transmission and at rest and
secure archival of a user’s communications to meet compliance and regulatory needs.
KEY FEATURES
•
Secure access to mail, calendar,
instant messaging, voice, and video.
•
Secure archival of communications
data including instant messaging
communications
•
•
•
•
The Oracle Solution
Oracle’s Unified Communications and Collaboration Solution delivers innovative
communication services including email, calendaring, instant messaging, presence,
voice, and video securely and reliably. For most enterprises, email is a mission critical
Provides superior virus/spam
protection through integration with
best-of-breed anti-virus and anti-spam
technology
application and the ability to blend more real-time voice and video capabilities with
Web UI and embedded presence offer
seamless collaboration from the
desktop
Oracle Communications WebRTC Session Controller and Oracle Communications
Supports hardware based encryption
for ultimate scalability
Rich set of APIs for integration with
other services
traditional email services has become increasingly desirable. The Oracle solution
delivers this capability while guaranteeing low latency required by voice and video
networks. The solution brings together Oracle Enterprise Session Border Controller,
Unified Communications Suite. Oracle Enterprise Session Border Controller enables
trusted interactive communications across IP network borders. Oracle Communications
WebRTC Session Controller enables interoperability between any WebRTC device and
any SIP network and includes secure authentication, encryption, and attack mitigation.
Oracle Communications Unified Communications Suite delivers a rich set of secure and
cost-effective communication and collaboration real-time and near real-time capabilities
ORACLE BRIEF
•
Standards-based architecture
to any device, anywhere. Together, these deliver on the promise of highly secure data
transmission and storage while protecting user identity and data privacy.
RELAT ED PRODUCTS
Oracle Communications Unified
Communications Suite
Oracle Communications WebRTC
Session Controller
Oracle Enterprise Session Border
Controller
Figure 1. Oracle’s Unified Communications and Collaboration Solution – Functional View
A solution must address security concerns on multiple layers.

At the application layer, security concerns include end-to-end encryption,
authentication, anti-virus, and anti-spam prevention.

At the network layer, security concerns include addressing denial of service attacks,
spoofing, intercepts, and more.

Finally, platform level security involves providing a flexible, agile environment through
the provision of developer APIs capable of addressing new threats as they arise.
Security at the platform level spans multiple applications and concerns itself with higher
level functions that meet regulatory needs such as data retention, archiving, and legal
intercept. The Oracle solution addresses security concerns on all these layers.
Secure Network
Conventional IP security devices such as firewalls, intrusion detection and prevention
systems, and anti-malware solutions were not designed to control real-time
communications sessions and do not address the unique security or service quality
concerns associated with unified communications. Some of these conventional security
devices actually introduce additional latency into the network, possibly breaking realtime communications altogether. The Oracle Enterprise Session Border Controller (ESBC) is purpose-built to enable highly secure, reliable and scalable real-time
communications. It leverages a unique multiprocessor design that delivers industryleading performance, supports hardware-based encryption for ultimate scalability, and
can be deployed in a redundant fashion to enable high availability. Furthermore, the
platform provides extensive management security features and capabilities to restrict
administrative access and prevent management attacks.
The Oracle Enterprise Session Border Controller provides Denial of Service protection
functionality that protects enterprise network elements against DoS and DDoS attacks.
2 |
ORACLE BRIEF
The E-SBC itself is protected from signaling and media overload but more importantly, it
allows legitimate, trusted devices to continue receiving service even during an attack.
The Oracle E-SBC also performs client certificate authentication and supports optional
Network Interface Units that offload processor-intensive tasks, thereby enabling highcapacity transmission encryption and eliminating the possibility of eavesdropping,
tampering, and man-in-the-middle attacks. As a result of these innovations, the E-SBC
provides a means for delivering real-time communications throughout the enterprise in a
secure and reliable manner.
Secure Authentication and Data Transmission
At the application layer, enterprises not only need to secure their real-time traffic but
they also need to protect the transmission and data integrity of their traditional
communications traffic such as email, calendar, and instant messaging. The Oracle
solution was built with security in mind and deploys a wide range of mechanisms to
protect the data in both transmission and at rest. Such mechanisms include the use of
Secure Socket Layer (SSL) and Transport Layer Security (TLS) encryption and the use
of SMIME to sign and encrypt messages in transmission and in the message store itself.
Secure transmission occurs across any channel, real-time or near real-time including
instant messaging communications. Support for WebRTC delivers on the promise of
secure communications to browsers that run on a variety of devices. Enterprises can
take advantage of WebRTC to better manage their BYOD initiatives while keeping their
communications secure. The Oracle solution provides multiple means to secure user
authentication. For instance, it supports client certificate authentication, pluggable
authentication modules and the Simple Authentication and Security Layer (SASL).
Data Privacy and Identity
However, security not only involves providing access to the application but also
providing the right level of access based on the user's identity and role. The Oracle
solution supports roles and delegation of responsibilities based on these roles in order
to define access permissions for both users and administrators. Secure authentication
prevents unauthorized users from accessing a given user's data. End-to-End encryption
prevents hackers from eavesdropping and scanning a user's data while in transit. Users
can assign access control privileges to others including delegation access, manager
access, read-only access, no access and more. Proper access control coupled with
encryption and secure authentication insures the desired level of data privacy.
Security against attacks and malware
Extensive anti-spam and anti-virus protection features also help protect information
assets and prevent lost productivity due to spam distraction or virus disruption. The
Oracle solution supports Real-time Black Hole Lists to flag known spammers, address
verification to help insure that messages are sent from valid domains, and relay blocking
to prevent the use of the server as a spam relay. Support for server-side rules enables
system administrators as well as end users to configure spam or virus filters.
Additionally, the Oracle solution is pre-integrated with best-of-breed anti-spam and antivirus technology in order to leverage products from the leading AS/AV vendors. The
solution provides its own conversion channel for facilitating integration with other thirdparty content-filtering software. Custom conversion channels may be written for
additional spam and virus protection as well as integration with archiving and reporting
tools for regulatory compliance. Finally, the Oracle solution provides a built-in throttling
3 |
ORACLE BRIEF
mechanism to prevent denial-of-service attacks.
Recording and Archiving
An important consideration in selecting a UC&C platform is its support for operational
and compliance archiving. The Oracle solution supports the Microsoft Exchange
Journaling Format that enables the messaging server to interoperate with a host of
archiving providers. Additionally, instant messaging communications utilizes an email
archive provider that leverages the existing store and archive capabilities of the
messaging server. As a result, IM communications can be securely recorded and
archived for internal auditing and to support legal discovery for both individual
communications and group chat communications.
A Secure Solution for Enterprises
Through the combination of border control and secure session management at multiple
layers, Oracle’s Unified Communications and Collaboration Solution delivers a cost
effective communications and collaboration solution that protects data in motion and at
rest. The solution is comprehensive and covers the network, authentication, data
transmission, data privacy, identity, security against attacks and malware, and
communications archiving. Security permeates the architecture and the solution is
available for both on premises and cloud deployments. As a result, enterprises are now
able to overcome the challenges of integrating a diverse set of communications services
and delivering them securely over a single IP network while meeting legal and
regulatory requirements.
Contact Us
For more information about the Oracle Unified Communications and Collaboration
Solution and to get a free trial, visit us at oracle.com/goto/unifiedcommunications or call
+1.800.ORACLE1 to speak to an Oracle representative.
CONNECT W ITH US
blogs.oracle.com/oracle
facebook.com/oracle
twitter.com/oracle
oracle.com
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. This document is provided for information purposes only, and the
contents hereof are subject to change without notice. This document is not warranted to be error-free, nor subject to any other
warranties or conditions, whether expressed orally or implied in law, including implied warranties and conditions of merchantability or
fitness for a particular purpose. We specifically disclaim any liability with respect to this document, and no contractual obligations are
formed either directly or indirectly by this document. This document may not be reproduced or transmitted in any form or by any
means, electronic or mechanical, for any purpose, without our prior written permission.
Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners.
Intel and Intel Xeon are trademarks or registered trademarks of Intel Corporation. All SPARC trademarks are used under license and
are trademarks or registered trademarks of SPARC International, Inc. AMD, Opteron, the AMD logo, and the AMD Opteron logo are
trademarks or registered trademarks of Advanced Micro Devices. UNIX is a registered trademark of The Open Group. 1115
4 |