Embed Size (px)
Citation preview
IP Telephony
Contact Centers
Mobility
WHITE PAPER
Services
March 2005
Converged Communications Security
avaya.com
Table of Contents
Converged Communications Security ............................................................................. 1
The Evolution to Converged Communications ............................................................... 2
The move to convergence ...................................................................................................... 2
Converged Networks Require Converged Security ....................................................... 2
Converged security for converged networks ............................................................................. 2
Security — a major concern .................................................................................................. 3
The Avaya Trusted Communication Framework ............................................................. 4
Avaya Communication Architecture ........................................................................................ 4
Avaya´s Trusted Communication Framework ............................................................................ 5
Security By Design ............................................................................................................. 7
Security by Default ............................................................................................................ 8
Secure Communication ..................................................................................................... 9
Are you prepared? What would your organisation do? ............................................................... 9
Securing Communication End to End ................................................................................... 10
Security Management ...................................................................................................... 11
Mitigate Risks & Manage Costs Effectively ............................................................................ 11
Conclusion ........................................................................................................................ 11
1
avaya.com
Converged Communications Security
With the increasing deployment of IP telephony systems, attacks against IT systems that threaten business operations and the privacy of corporate and personal data no longer have an impact only on the data world. The growth in security vulnerabilities and the resulting number of security incidents are rising and their nature evolving. According to agencies that track Internet security — like the CERT Coordination Center1, security incidents have increased from 10,000 in 1999 to 137,000 in 2003. Tracking the volume of breaches only hints at the scale of the financial loss since most companies will not declare the number or size of breaches they experience. In the telecoms industry alone, the value of fraud during the same four year period (1999 – 2003) increased by 300 percent (from $12 billion to $35-40 billion).
Coverage of security issues tends to focus on the type of attack and the estimated loss — be it immediate financial damage, negative impact on a company’s reputation or loss of customer confidence. What’s missing in the analysis is the root cause of virtually all security problems — fallible software design coupled with the reduced time between the announcement of a ‘vulnerability’ and the appearance of associated exploitative code.
Hackers don’t create security holes they simply find and exploit them. This endeavour tends to be a team effort. The community of hackers often creates and distributes sophisticated software tools to exploit weaknesses in network or computer operating systems. Less experienced hackers are then able to use these tools to help them carry out malicious attacks against networks and applications that they wouldn’t normally be able to. When a security problem is uncovered, companies have on average less than a week to protect the systems on which the vulnerable application is running. Recent widespread worms have illustrated the dangers of the narrow ‘vulnerability to exploit’ window. For example, the Witty worm was discovered only two days after the vulnerability it exploited was made public2.
In an IP or converged network, the business eco system shares a common IT infrastructure with communication applications and services based on IP protocol. This allows previously discrete and isolated communication systems to interact with business systems. However, this benefit of convergence is threatened by security breaches and malicious attacks — such as the above-mentioned worm — and incidents that can now affect not only traditional business systems but also communication applications and services such as a call server. Consequently, enterprises could lose voice service for an unforeseeable amount of time, resulting in customer defection and revenue losses in the hundreds of thousands of dollars.
Yet the growth of external threats is only part of the security picture. Internal security issues and changes to working patterns enabled by mobile technology must also concern companies. In terms of financial damage, internal security threats exceed external attacks. Respondents to the 2004 CSI/FBI Computer Crime and Security Survey cited a higher percentage of significant attacks from disgruntled employees than from hackers. Furthermore the most damaging attacks on enterprise security systems often come with inside help.
A survey conducted by Avaya3 in 2004 showed that 57% of employers were falling short of meeting workers’ mobility needs e.g. PDAs, and 38% of employees were aware of people in their enterprises connecting to the network with unapproved devices or software. Enterprises need to monitor such behavior and trends and decide which offer boosts in productivity and should be encouraged and which are security concerns that should be halted.
The implementation of mobile working infrastructures is also creating new challenges. As more and more content goes ‘mobile’ the threat of data crime increases. Devices are becoming smaller and smaller, yet functionality and storage capacity is increasing. While the aesthetics improve, the devices are also become easier to misplace or steal and provide a high-powered Trojan Horse with access to corporate networks.
If you had an
outage caused
by a security
disruption. . .
• How much money would you lose per hour or day?
• Would you be non-compliant with a regulation?
• Would you lose business to a competitor?
• Would you lose market share?
• Would your biggest customer drop you?
• Would you receive bad publicity?
• Might sharehold-ers sue?
2
COMMUNICATIONS AT THE HEART OF BUSINESS
To protect against these threats, Avaya has devised its Unified Communication Center (UCC) that provides mobile employees with speech access to relevant information on a converged infrastructure using multiple layers of security. To further protect corporate data, when a user initiates a mobile session, the UCC ensures that the device simply “borrows” a copy of the information required by the employee. With this approach, no data leaves a company’s network to reside in the memory of a remote device. Along with a high level of authentication, the threat of data crime when a PDA or smart phone is stolen becomes negligible.
The Evolution to Converged Communications
The move to convergence
Driven by the need to become more virtual and global, enterprises are evolving through three phases of increasing the business value of their network - from separate voice and data infrastructures, to converged networks and finally to converged communications. Converged communications exceeds the common approach of migrating to a converged network, which solely integrated data, voice and video solutions onto a single IP based infrastructure. Converged, IP based communications provide demonstrable value to business.
Employees, whether in the office or on the move, can access the same range of previously disparate applications including business enabled communication applications that provide access to any part of the business process over any network. This drives timely decision making through access to greater information and connectivity to the right person, using the right medium, at the right place, and the right time. Converged communications provides the capability for businesses to introduce a greater level of flexibility into communications to increase agility, enhance customer satisfaction and ultimately improve revenues. But the move to a boundary-less converged infrastructure also raises issues of security.
Converged Networks Require Converged Security
Converged security for converged networks
Figure 1 Graphic depiction of security weaknesses and network points of attack
People are more
productive;
Processes are
more intelligent;
Customers are
more satisfied
3
avaya.com
Converged communications, which embed voice applications in the very fabric of business processes enabling employees to access business and communications applications from anywhere, fundamentally changes the concept of network security. In this powerful new environment, reducing business risk is a much broader challenge than simply protecting a Local Area Network (LAN). It means protecting companies’ ability to communicate at any time, over any network, from any device. Systems designed to prevent malicious intrusion must embrace both voice and data while not impeding the performance of critical real time applications to protect the network from hackers and other security threats. In addition, due to the increased number of protocols and applications running on a converged network, new vulnerabilities are emerging and therefore new opportunities to break into the network can present themselves, proving highly attractive to hackers. In addition, the overlap between the enterprise core network and its extensions could be a potential point of attacks. Traditionally IT security has been focused on the data network. But voice and data — through operating in a single environment — are now equally in jeopardy and must be addressed together. Voice networks however have very different security concerns to data networks and so have specific security demands.
Communication applications such as unified messaging, multimedia contact centres and Interactive Voice Response (IVR) need to be addressed and protected. Security in an IP telephony environment builds on the security features of traditional telephony systems, which in effect are firewalls to the Public Switched Telephony Network (PSTN). Missing out the functionality to lock a phone during out of office hours, bypassing routing restrictions or the abuse of remote call forwarding, direct inward access and other advanced telephony features could result in toll fraud if there is insufficient protection. Misuse of call transfer capabilities through IVR and messaging systems or the compromising of voice mail subscribers are typical security issues for communication applications.
Physical security, i.e. maintaining equipment within a locked room, is a significant part of the traditional voice network. In converged networks all devices are connected across the IP network. As a result, communication devices are increasingly open to attacks to gain unauthorised access. What needs to be understood is that threats and weaknesses from the voice world may now endanger the data world and could transition from the data world into the voice world.
Worryingly, according to research conducted by Avaya4 in Europe in 2004, companies’ security policies are often either outdated or are not adhered to. Up to 85% have clearly defined, formal policies for IT and legacy telephony security. But only 46% of the enterprises questioned had actually attempted to secure their IP telephony solution by encrypting phone calls via the IP network.
Security — a major concern
Whilst nearly all companies have a security policy, few review it on an ongoing basis — a fact that Avaya sees as a large security threat. Fortunately, although the management of security policies is not keeping up with the evolution in corporate networks, IT managers are very concerned about network integrity, as evidenced by the IDC (International Data Corporation) research below. This concern reflects both the on-going threats of hackers and ‘malware’, as well as increased interest from senior managers who are dealing with an up-swing in related regulations following recent high-profile business failures.
And there’s no doubt in the Avaya view that these concerns must translate to a focus on designing security policies that embrace both voice and data. As a leader in converged communications, Avaya is keenly aware of growing security concerns regarding the move to converged communications. The company has focused on expanding its security capabilities to ensure confidentially of information well beyond the voice domain and into the fabric of converged network security. At the heart of the Avaya security strategy is the secure integration of multi-media communications applications and services necessary for the evolution to next
IP Telephony
should be a
key business
enabler and
not a key risk:
Lower Risk;
Grow Revenue;
Reduce Cost
4
COMMUNICATIONS AT THE HEART OF BUSINESS
generation networks. The Avaya cross-product security standards demonstrate the impressive measures the company has taken to lower the risks of exposure for its customers. These formalised internal standards for secure product architecture, design, development, secure programming and best practice are applied across all solutions. They contain not just a more far-reaching offering in its security line, but also link all of its security initiatives into a comprehensive and integrated portfolio. In short, Avaya has built an extensive suite of security offerings that address both the need for layered security elements and the need for a systematic approach to overall security.
The Avaya Trusted Communication Framework
At the core of the security issue is a dichotomy that on the one hand focuses on the need for an overall integration of security components into a manageable overall system, and on the other hand on creating multiple layers and segments of defence.
To bridge the divide, and avoid the difficultly of integrating proprietary components into an overall security system while providing multiple layers of defence, Avaya builds standards-based components that can be seamlessly connected into an existing multivendor network infrastructure and the applications that run on it.
Avaya Communication Architecture
To optimise benefits, an enterprise’s technology solution must function within any given customer network eco-system. To meet this need, Avaya has designed its Communication Architecture, which uses open standards to converge disparate elements of the infrastructure while leveraging existing IT investments.
This innovative, flexible framework gives businesses a quick way to organise, optimise and personalise their multivendor networks, applications and portals in support of their business processes. The Avaya architecture also provides a consistent and modular framework for evolving networks toward converged communications. This three-layered model disaggregates enterprise communication needs into:
5
avaya.com
Figure 2 Graphical depiction of the Avaya Communication Architecture
• Intelligent access
• Business applications and communication services
• Network infrastructure
Avaya´s Trusted Communication Framework
The Avaya Trusted Communications Framework reflects the Communications Architecture from the security point of view. This means that there is in fact only a difference in the functional elements of each layer. IT managers can pick and choose the functionality defined by each layer as needed to build a custom solution that will suit their enterprise needs.
The objective of enterprise security architecture is to provide a conceptual design for the security infrastructure and related security functions. The architecture links the components of the security infrastructure as one cohesive unit to protect sensitive information.
The Avaya Trusted Communications Framework encompasses the applications, systems and servers required to minimise risk to operations. The architecture provides a roadmap for increasingly complex business needs by separating security functions into three layers: access, applications and network functions, and can help to secure communications across each of these layers.
Figure 3 Graphical depiction of the Avaya Trusted Communications Framework
6
COMMUNICATIONS AT THE HEART OF BUSINESS
Access SecurityIdentity • Authentication • Directories
• User authentication, single sign-on support, non-repudiation
• Media encryption, signalling security, protected management sessions VPN clients for PDA and desktops
• Standards: X509.3 digital certificates, TLS, RADIUS, secure LDAP.
Application SecuritySecurity Policy • Roles • Privacy • Hardened Architecture
• Malicious call trace, multi-level precedence & pre-emption (MLPP), crisis alerts
• Class of restrictions, class of service, toll list
• Backup data encryption, password management
• Application role-based access, speech self service, secure customer contact,
• Hardened Linux OS.
Infrastructure SecurityServices • Gateways • Network • Wireless
• Intrusion detection and prevention, network isolation
• VPN, firewall, DoS protection, network device authentication
• Standards: IPSec, IKE, 802.1X, H.323, H.235.
Security ManagementConfiguration • Proactive Monitoring • Reporting
• LDAP directory integration, comprehensive reporting, call records
• Centralized VPN and firewall security policy management
• Signed software updates, certificates, secure provisioning, login control
• Standards: SSH/SCP/SSL, SNMP3.
It is crucial to blend business requirements with the need to ensure protection, stability and reliability within the infrastructure to deliver a single, cohesive, adaptive and integrated topology where the physical and procedural components at each layer work together and interoperate in a “defence in depth” concept that describes multiple layers of defence. The key strategies from the Avaya security in depth concept include: “Security by Design”, “Security by Default” and “Secure Communication”. When combined with automated monitoring and alert mechanisms within security management, this layered approach, while providing multiple levels of protection, also helps ensure that any compromise to the security architecture remains localised.
Secure Communication
Security Managem
ent
Security by Default
Security by Design
7
avaya.com
As a result, the Trusted Communication framework provides secure access from any device, to any process or any information, via any network protocol.
Security By Design
Security is a trade-off the higher the levels of security, unsurprisingly, the higher the associated costs. However, the Avaya concept of ‘security by design’ provides a holistic approach to the security of its IP Telephony solution. It encompasses a secure deployment strategy and separates media servers accommodating communication services from the enterprise production network. Media gateways protect and isolate the mission critical ‘heart’ of the Avaya flagship communication solution Communication Manager — from viruses, worms, denial of service (DOS) and malicious attacks.
Figure 4 Diagram of How Architecture Affects Trusted Security
As can be seen in the diagram below, the architecture is related to the trusted communication framework infrastructure security layer and allows the design of dedicated security zones for:
• Administration
• Gateway control network
• Enterprise network
• Adjuncts
The design is built specifically for secure and highly available communication. The Avaya approach of isolating mission critical assets means each of the secure zones is not accessible from the enterprise or branch office zones. The zones are like dedicated networks for particular functions or services. They do not need to have access from or to any other zones because they purely accommodate the data they are built for. This provides protection against attacks from within the enterprise and branch office zone. The diagram above shows that the only access into the red Media Server zone is from the range of endpoints and branch office gateways intended for signaling traffic.
8
COMMUNICATIONS AT THE HEART OF BUSINESS
Gateways with dedicated gatekeeper front end interfaces (CLAN) inspect the traffic and protect the Media Server zone from flooding attacks, malformed IP packets, and attempts to gain unauthorised administrative access of the Media Server via the Gateways.
This solution can be easily enhanced with separate security zones for adjunct links like CDR, to connect via a dedicated link to the call accounting system. A separate zone for Avaya CTI Server and multi-channel contact centre applications or the connection to the Communication Manager API server interface provides access to the telephony feature set via a range of open standards like XML, Java or web services. This helps enterprises to improve interactions within the business and allows the integration of communication services with business applications and process flows while maintaining a high level of security.
This architecture and framework can also flexibly enhance the virtual enterprise and integrate branch offices into the main corporate network. The security zone from the branch office can terminate at the central Media Gateway interfaces, again protecting the heart of Communication Manager.
In the Avaya view, security by design is the first line of defence: if a solution is not designed for security from the outset, it is extremely complicated and expensive to later make it secure.
Security by Default
The Avaya second line of defence relates to the Trusted Communication Framework application security layer, which incorporates a hardened Linux operating system with inherent security features for its core platform (Avaya Media Servers with Communication Manager). This hardened operating system provides only the functionality necessary to support the core applications — key for securing mission-critical call processing applications and protecting the customer from toll fraud and other malicious attacks. Avaya does not use the ‘off-the-shelf’ Linux kernel. Because the Linux kernel is Open Source, it provides great flexibility for hardening, whilst at the same time security functionalities can be easily added. The Avaya kernel is based on the Linux-community offering, but has been fine-tuned for the demands of secure, real-time telephony processing.
The operating system hardening process removes unnecessary services and applications packages and configures the remaining services to provide only the necessary functionalities to support the core application. This approach limits the number of access ports, services and executables to protect the system from typical modes of attack. At the same time, the amount of mandatory security patches needed is clearly reduced, because of the smaller number of installed applications and services on the operating system, which reduces the patching effort and the risk of the narrow ‘vulnerability-to-exploit’ time window. Furthermore, Avaya provides a broad range of in-built additional security services and functionalities around this operating system ‘on a diet’, as can be seen in the diagram below.
9
avaya.com
Figure 5 Diagram highlighting the range of Avaya Security Services offered
The viruses and worms that make the headlines are mostly targeted at Microsoft Windows operating systems, in particular Microsoft application software such as IIS. According to Symantec Corporation5, more than 4,000 viruses and other forms of malicious code were launched against Windows in 2004. Symantec has seen limited malicious code activity in the Linux community. Most large organisations do run mission-critical applications on Linux. However, these figures do not mean that they should be any less vigilant.
Avaya has also responded to this issue and has taken several steps to address the threats posed by malicious software by providing a range of in-built functionality within the Communications Manager platform itself. This functionality also minimises the need for co-resident anti-virus software, which can interfere with mission critical call processing and requirements and continuous administrative attention to ensure anti-virus databases are current.
Secure Communication
Threats of disclosure include eavesdropping on conversations that would otherwise be private. In the data world eavesdropping involves ‘sniffing’ for data that can be interpreted in real-time or saved for later analysis or playback. In the converged world, eavesdropping includes hackers trying to listen in on voice conversations. Vulnerability to such attacks increases as voice applications move to converged networks because shared IP networks are directly accessible with wider user access. VoIP traffic can be captured and played through various well-documented methods using user-friendly tools, freely downloadable from the Internet.
Are you prepared? What would your organisation do?
The nature of private business conversations means that just a single network security breach could be devastating. It could lead to the disclosure of confidential financial information, new product details or restructuring plans. Such a breach would create the perception that the business is not secure, whether or not the captured conversation was confidential — a view that could severely impact reputation, market capitalisation and future revenues. With a converged network is that even more confidential data is transmitted across the corporate network. Think of how much more sensitive information is discussed on a voice network, as opposed to e-mail.
10
COMMUNICATIONS AT THE HEART OF BUSINESS
Securing Communication End to End
Media encryption provides privacy for the voice stream. Alongside media encryption, integrated signalling security protects and authenticates messages to all connected Media Gateways and IP telephones and avoids tampering with confidential call information. These features protect sensitive information like caller and called party numbers, user authorisation, barrier codes, sensitive credit card numbers and other personal information which is dialled during calls to banks or automated retailers. Avaya is committed to media privacy and has taken the lead in offering media privacy today, via the access security layer from the Trusted Communication Framework.
Avaya was, in fact, the first company to develop and implement the concept of media encryption nearly three years ago. Since then it has devised secure authentication and media encryption for the full range of Avaya IP endpoints including all softphone variants in every possible call situation even conference calls, bridging and call transfer. In addition, if a call is trans-coded or if it goes outside the private network through a Media Gateway the voice traffic remains secure the whole time on the IP network. When trunking calls between two media servers via IP or running a branch gateway in Local Survival Processor (LSP) mode, voice streams are still secure. Critical adjunct connections, for example the CTI link, which can be separated in a dedicated security zone, can be encrypted. This provides additional protection against tampering with confidential information.
Figure 6 Avaya Converged Communications solution provides end-to-end security features
Avaya IP endpoints can additionally authenticate to the network infrastructure, by supporting supplicant 802.1X. Network infrastructure devices like gateways or data switches act as an authenticator and forward this authentication request to a customer authentication service. This provides further device authentication on the infrastructure layer, rather than only user, authentication on the access layer of the Trusted Communication Framework.
The bottom line is that customers can have confidence in the Avaya converged communications solution. Communications are secured from end-to-end using standard encryption and authentication algorithms and this capability is incorporated as a fundamental part of the standard product offering for no additional costs.
11
avaya.com
Security Management
Mitigate Risks & Manage Costs Effectively
Security’s worst enemy is complexity, therefore as well as being in-built, security must also be easy to deploy and manage. This will ensure that ongoing security costs are reduced and that all the security functionalities and features are used. The Avaya approach — that important security functionalities are enabled by default or could be easily enabled — allows customers to reach a high level of security without having to be security experts themselves. It also means that no additional resources are needed to reach a baseline of security. The need to rapidly address vulnerabilities must be balanced with the need to ensure that vendor patches do not adversely impact call processing capabilities “Self Denial of Service”. Avaya closely monitors security mailing lists, CERT advisories, and vendor announcements to quickly apprise and react to newly announced vulnerabilities. Vendor patches and software updates are thoroughly tested by Avaya Labs to minimize any impacts these patches and updates may have to the real-time nature of the Avaya Communications Manager Software. Vulnerability workarounds and recommendations are posted to the http://support.avaya.com/security website in a timely manner. Within the Avaya Communication Manager, most software patches and release version upgrades are ‘call-preserving’. This gives the customer greater flexibility to react and patch their systems without disrupting network service at all.
Security management is a vertical component in the Trusted Communications Framework which provides secure and signed delivery of software updates, a seamless directory-based integration for the management and configuration of communications applications with monitoring and reporting functionalities to all layers of the Framework.
System security monitoring plays a critical role in a customer’s overall security. By monitoring system security, customers can react quickly to any potential threat detected. Using Security Violation Notification (SVN), Avaya reduces exposure time in the event of suspicious activity or an internal security breach by immediately alerting a designated destination e.g. the mobile phone from the person in charge during the weekend. This provides a quick response towards corrective actions, preventing damage to business reputation and finances.
In today’s enterprise, security logging, monitoring and reporting is not a choice, but a necessity. Regulations mandate that corporations collect and store security data. Auditing functionalities track irrevocable changes to the Avaya Communication Manager configuration, while a range of reports can be provided to document security violations and administrative changes.
Conclusion
In the world of 2005, security is more important than ever before due to a myriad of reasons. Based on its experience, its technical knowledge and its understanding of its customers, Avaya believes that end-to-end, secure and continuous communications can be achieved if the right approach is taken. This involves starting with an architecture designed with security in mind to which in-built, easy to manage security functionality is added, protecting applications and assuring the confidentiality and privacy of multimedia user information such as speech or Instant Messaging that are delivered over the converged network. By following this approach, customers are able to purchase secure products and services, rather than just the products and then be faced with the headache of securing them. In addition, the Avaya standards-based approach means integrating communication applications in multi-vendor environments and ensures security and reliability functions also on a higher layer than the underlying infrastructure. In short, the tried and tested Avaya approach means its customers are able to communicate at any time, across any network and from any device. Users are also able to trust that the integration of communication into business applications and processes is securely making their employees more productive and improving their bottom line.
Trust a
Convergence
Leader — Avaya
can help you:
• Minimise Risks and Protect Assets
• Protect Information Privacy
• Make the right security decisions
• Devote more time to your core business concerns
12
COMMUNICATIONS AT THE HEART OF BUSINESS
For more information on how Avaya can take your enterprise from where it is to where it needs to be, contact your Avaya Client Executive or Authorized Avaya BusinessPartner, or visit us at www.avaya.com
1 CERT® Coordination Center (CERT/CC) is a center of Internet security expertise, located at the Software Engineering Institute,2 Source: Symantec Internet Security Report 20043 The research was commissioned across four countries by The Avaya Enterprise Security Practice to assess the European markets preparedness for
handling IT and telephony security threats. The research polled over 120 senior IT decision-makers about their knowledge and personal prepared-ness to meet the new and existing security threats, which they face.
4 The research was commissioned across four countries by the Avaya Enterprise Security Practice to assess the European markets preparedness for handling IT and telephony security threats. The research polled over 120 senior IT decision-makers about their knowledge and personal prepared-ness to meet the new and existing security threats, which they face.
5 Source: Symantec Internet Security Report 2004
Protecting our
customer’s ability
to communicate
at any time,
across any
network, from
any device
. . . resilient
communications
that lowers
business risk
© 2005 Avaya Inc.All Rights Reserved. Avaya and the Avaya Logo are trademarks of Avaya Inc. and may be registered incertain jurisdictions. All trademarks identified by the ®, SM or TM are registered trademarks, service marksor trademarks, respectively, of Avaya Inc., with the exception of FORTUNE 500 which is a registeredtrademark of Time Inc. All other trademarks are the property of their respective owners.Printed in the U.S.A.04/05 • EF-LB2699
About AvayaAvaya enables businesses to achieve superior
results by designing, building and managing their
communications infrastructure and solutions. For
over one million businesses worldwide, including
more than 90 percent of the FORTUNE 500®, Avaya’s
embedded solutions help businesses enhance
value, improve productivity and create competitive
advantage by allowing people to be more productive
and create more intelligent processes that satisfy
customers.
For businesses large and small, Avaya is a world
leader in secure, reliable IP telephony systems,
communications applications and full life-cycle
services. Driving the convergence of embedded
voice and data communications with business
applications, Avaya is distinguished by its
combination of comprehensive, world-class
products and services. Avaya helps customers
across the globe leverage existing and new
networks to achieve superior business results.
COMMUNICATIONS AT THE HEART OF BUSINESS
avaya.com
