How Internet Service Providers Can Use DNSSEC to Provide Security for Customers
|
|
- Suzanna Byrd
- 8 years ago
- Views:
Transcription
1 How Internet Service Providers Can Use DNSSEC to Provide Security for Customers A White Paper Prepared by Rob Ayoub, CISSP Global Program Director
2 TABLE OF CONTENTS The Changing Role of the ISP... 3 The Changing Threat Landscape... 4 Primary Vectors for DNS Attacks... 4 Man-in-the-Middle Attacks... 4 DNS Cache Poisoning... 5 Some Real-World Examples of Cache Poisoning... 6 DNS Offers ISP Potential Opportunities... 6 Driving the Decision for DNSSEC... 7 Factors to Build into the Decision Process... 8 Cost of Liability in Case of Failure... 8 Cost of Lost Subscribers... 9 Competitive Threat... 9 Potential for Higher Margins... 9 Stepwise Deployment of DNSSEC for an ISP... 9 Evaluate Current Capabilities... 9 Determine Where DNSSEC Fits Into Service Offerings Develop an Incremental Plan for Deployment Test and Document How VeriSign Can Help Expertise and Experience Resources Conclusion About
3 EXECUTIVE SUMMARY The role of the ISP is changing in today s Internet-dependent world. The modern ISP is providing a mix of services to their end-users that allow for increased connectivity and efficiency. This increase in service level, while demanded by end-users, puts additional liabilities back on the ISP. Many ISPs have responded responsibly to the risk, deploying Internet security software suites to their end-users at no cost. Unfortunately, the end-user s computer is no longer the only threat vector that criminals are targeting. The highlight of a critical DNS flaw in 2008 made it clear that some elements of the Internet infrastructure were at risk, and, if compromised, could be used in a manner that was undetectable at the endpoint. Given the increasing regulation around data security, it is no surprise that some ISPs have been looking at implementing additional security measures. DNSSEC (Domain Name System Security Extensions) is a suite of Internet Engineering Task Force (IETF) specifications for securing certain kinds of information provided by the Domain Name System (DNS), as used on Internet Protocol (IP) networks, and meant to protect online activity against Man-in-the-Middle or cache poisoning attacks. This paper will introduce DNSSEC and describe the manner in which ISPs can begin deployment. This paper will also present the resources available to ISPs as they ensure their infrastructure is properly configured to handle and process DNSSEC. THE CHANGING ROLE OF THE INTERNET SERVICE PROVIDER Internet Service Providers (ISPs) have traditionally been concerned primarily with providing data access. In the dial-up days, that s exactly what ISPs provided access to the Internet. This is still a core competency of ISPs, but the role of the ISP has expanded to hosting the Web presence of its clients, providing access to end-users, and ultimately providing more data services to both end-user and enterprise clients. As the number of Internet-enabled devices continues to increase into the trillions, ISPs will again find their roles expanding. The key challenge for ISPs today is exactly the same as for any other business to increase margins, total revenue and number of customers. The traditional access business, while a key component of the ISP offering, is a declining margin business. Increased competition from cable and satellite providers means more dollars spent to lure and retain customers. Most consumers see broadband access as a commodity and will pursue the lowest-priced alternative. This puts ISPs in the position of seeking technology and service offerings that will allow them to not only meet, but exceed their business goals. Many of these new service offerings revolve around hosted service offerings such as Unified Communications (UC) and video conferencing. In the consumer arena ISPs are feeling competition from traditional and new competitors to offer triple- and quad-play solutions on the service delivery side, enabling bundling of solutions that help decrease churn and drive enhanced average revenue per user (ARPU). As these services gain in popularity and deployment, security will be a key component and competitive differentiator. 3
4 THE CHANGING THREAT LANDSCAPE The original model of network security was focused on protecting the network from the outside using firewalls and other traditional perimeter security devices. But modern threats have added to the complexity and challenge, and require new methods to address them. For example, links that direct users to a malicious website or attachments embedded in a blog post with malicious code are primarily enabled by client-side infections and can elude network perimeter security devices. Malware can then exploit vulnerabilities in applications and download malicious programs, such as key loggers, to steal user names, passwords and other private data. Despite years of research and awareness, the number of software vulnerabilities continues to stay steady with a constant stream of new vulnerabilities reported each quarter. The number of unique malcode signatures has increased hyper-exponentially over the past five years, with nearly 3 million unique malcode signatures reported in 2009 alone 1. Up until 2008, DNS had not been a major target for malware, and the number of vulnerabilities found each year was insignificant. In 2008, the demonstration of a critical DNS-based flaw by security researcher Dan Kaminsky raised the awareness of a flaw that affected the vast majority of DNS servers. This flaw prompted organizations to seriously evaluate the state of the DNS infrastructure. Primary Vectors for DNS Attacks There are several key vectors for DNS attacks on the operational infrastructure. Two of them are Man-in-the-Middle (MITM) and cache poisoning attacks. Both attacks involve the transmission of forged data that could re-direct users to another location on the Internet or result in a persistent Denial of Service (DoS) condition. Unsuspecting users and devices that access a fraudulent site are susceptible to a number of attacks such as malware and eavesdropping. In addition, cyber criminals can extract confidential data such as user information and credentials (e.g., credit card data and passwords) or may choose to deface the website to tarnish the brand or mislead users. This threat is magnified considering that a single DNS server is the address resolution point for thousands or even millions of users. Consequently, man-in-the-middle attacks or cache poisoning attacks based on a DNS vulnerability represent a threat that is an order of magnitude greater than other attacks. Man-in-the-Middle Attacks As the name implies, a MITM attack is an attack in which a third party is able to intercept and view the traffic between two parties without the two parties having knowledge that their transmission was intercepted. The two parties believe they are having a private conversation, and it is very difficult to detect that a third party was listening in or perhaps 1 Symantec Global Internet Security Threat Report: Trends for
5 proxying and modification data is exchanged between the two systems. A successful MITM attack can result in an array of threats, including: Hijacked s Tapped VoIP calls Spoofed websites Compromised passwords or other credentials Banking data re-rendered to conceal theft Figure 1 Illustration of a MITM Attack DNS Cache Poisoning DNS cache poisoning is a result of changing or adding records to the DNS cached data, either on the client or the recursive name server, so that a DNS query for a domain returns an IP address for another domain instead of the intended domain. The most dangerous component to DNS cache poisoning is that the end-user may have no idea that they are visiting a spoofed site because the address of the site was resolved before it was returned to the end-user. Once the cache has been poisoned, the attacker can redirect the user to a spoof of real sites and perform an array of nefarious activities, to include the following malicious activities: Identity Theft After being directed to a compromised site, users may be encouraged to enter credentials or information that can be used later. The compromised site may look exactly like the legitimate website it is impersonating, and may even proxy transactions from the legitimate site (e.g., such as a modified current account balance). When the user connects using the Internet address derived from the poisoned DNS cache information, they might be fooled into entering information about themselves through apparently legitimate requests for name, date of birth, Social Security or other national identity numbers, address, etc. 5
6 Distribution of Malware Another objective of attackers using cache poisoning is the automatic distribution of malware. Instead of releasing noisy auto-propagating malicious code into the Internet and realizing random results, the use of rogue IP addresses to redirect unsuspecting users to the attacker s site can be a more focused attack vector, enabling targeted attacks that intentionally compromise victims within a known demographic. Once a workstation initiates a session with the malicious site, malware is uploaded to the workstation without intervention by or the knowledge of the user. The biggest concern around cache poisoning and man-in-the-middle attacks is that they can be global or topologically localized, but are extremely difficult to detect by the end-user. Since the redirection comes from the DNS, no amount of endpoint security can protect against these kinds of attacks. The protection against these attacks has to come from the ISPs and network operators providing the infrastructure and DNS services that users utilize to connect in the first place. Some Real-World Examples of Cache Poisoning There are many examples of the havoc that cache poisoning can create. The following are examples that illustrate attacks that have reached public attention. In particular, these examples show just how difficult MITM and cache poisoning attacks can be to detect. In June 2008, a well-known security researcher, HD Moore, and his company BreakingPoint fell victim to a cache poisoning attack that was launched against the company s ISP. Even being security-minded, BreakingPoint, as a security research company, did not detect the attack and most employees did not even recognize that an attack had occurred. In fact, the only indication that employees had that there was a problem at all was complaints that Google was acting weird. 2 In 2009, reports began to circulate that one of Brazil's largest banks had suffered an attack that redirected its customers to fraudulent websites that attempted to steal passwords and install malware. Although the bank itself never did admit to the attack, subsequent reports suggest that as many as 1 percent of the bank s customers were affected 3. DNSSEC OFFERS ISP POTENTIAL OPPORTUNITIES DNS security can also drive opportunity for the ISP. This opportunity derives from the fact that ISP customers, especially enterprise customers, are becoming hyper-sensitive to data security and data loss prevention (DLP). Three key factors are driving enterprises to take data loss seriously: Loss of business through lost consumer trust and brand damage Fines levied through regulatory compliance violations Loss of intellectual property
7 Each of these factors can cost organizations a significant amount of money. According to the latest CSI/FBI (Computer Security Institute/Federal Bureau of Investigation) survey, each data loss incident can cost organizations more than $200,000 per incident 4. In 2007, the large retailer TJX discovered it was a victim of a widespread data breach that could eventually cost well over $1 billion in fines, legal fees, credit monitoring, third-party claims, and notification and remediation costs 5. These numbers illustrate just how significant the price tag for a data breach can be. End-users have also become more sensitive to data loss. A survey conducted by RSA showed that 95 percent of end-users felt there was no excuse for a company to expose a customer's confidential information. Eighty-five percent of those respondents said they would prefer to do business with a company that has never experienced a data breach, and 82 percent of respondents said they would warn others from doing business with a company that exposed its customers' personal information 6. In order to minimize these costs, organizations are looking to their service providers to help provide the necessary end-to-end expertise required to keep consumers secure. And, wherever there is sufficient concern, the ISP, armed with the appropriate technology, can address that concern with enhanced infrastructure capabilities and value-added services. In addition to the above mentioned costs and attitudes, ISPs can expect the following from implementing a more secure infrastructure: Customers appreciate data security enhancements and may be willing to pay extra for additional services Minimizing the cost of data loss incidents can translate into reduced operational costs Gain additional business by helping organizations and users maintain compliance with regulatory requirements. Driving the Decision for DNSSEC DNSSEC refers to the hardening of the DNS infrastructure in order to prevent MITM and cache poisoning attacks. Any of these DNS attacks can lead to fraud, identity theft, or generally making a target unavailable. It is foolish to think that ISPs or any business would implement wholesale changes to technology as mission critical as DNS without tangible benefits or a demonstrable return on investment. With DNSSEC, ISPs can offer enhanced data integrity and source authentication, which are required to ensure the authenticity of domain name information and to maintain the integrity of that information in transit and provide verifiability upon receipt. This gives confidence to end-users and businesses that transactions conducted on the ISP networks are immune from cache poisoning and man-inthe-middle DNS attacks
8 As shown in Figure 2, any major technology decision has to consider both the potential reward, in terms of revenues to the ISP, as well as the costs associated with deploying that technology. Regardless of how technologically advanced the ISP is, coordinating, testing, and deploying DNSSEC is going to require targeted engineering and investment. In addition, there is the potential cost of doing nothing. Such liability costs, in terms of lost business or litigation, can easily exceed the costs of implementing the technology, yet are more difficult to estimate. The key for ISPs is to balance the risks associated with not deploying DNSSEC as well as the market differentiators and other incentives enabled by DNSSEC. As discussed below, these liabilities can be quite costly to the ISP. Figure 2 The Decision Process for an ISP Factors to Build into the Decision Process Direct costs that an organization will incur while deploying DNSSEC may seem straightforward and include the cost of hardware and software plus any labor and training, etc., required to implement the technology. However, these direct costs pale in comparison to the potential costs of not deploying technology enabled by DNSSEC. The liability costs associated with a catastrophic security breach could significantly impact the ISP s business: as noted above, either through litigation, reputation and brand damage, or immediate and residual resulting loss of business. As noted below, such liability costs can be daunting. Cost of Liability in Case of Failure As described previously, MITM and cache poisoning attacks made against ISPs operating recursive DNS services are virtually undetectable to the end-user. ISPs are not wholly responsible for securing the complex ecosystem that is DNS. For example, domain names themselves have to be signed by domain name registrants, while registrars and registries 8
9 alike have to accept DNSSEC records. Never the less, ISPs play an important part in driving the adoption of DNSSEC. DNSSEC provides a considerable security improvement for the customers that ISP s serve. That improvement in security helps decrease the liability that ISPs would have in any attacks against their DNS infrastructure. Cost of Lost Subscribers Lost subscribers could be another concern of ISPs who do not deploy DNSSEC. As MITM and cache poisoning attacks become better known, end-users are likely to become frustrated with data loss, identity theft and infection of their machines. ISPs that are late to deploy DNSSEC and address security threats proactively stand to lose subscribers who seek safer alternatives. Competitive Threat ISPs are constantly looking for new competitive factors and market differentiators in an environment that s quickly being commoditized with an array of access technologies. By failing to implement DNSSEC, ISPs lose ground to their more agile competitors who will claim more secure data services enabled by a more secure network and DNS infrastructure substrate. An ISP who does not actively engage in the deployment of DNSSEC stands to lose competitively. Potential for Higher Margins Many organizations treat security like an insurance policy and are willing to pay higher premiums on the basis of better loss protection. By offering a more secure infrastructure, deployment of DNSSEC gives ISPs justification to charge higher premiums on services that sit on top of the DNSSEC foundation, which encompasses virtually any IP-based network transaction function. These higher margins alone should ultimately cover the costs required to deploy DNSSEC, with additional minimized subscriber churn as a result of a more trustworthy network infrastructure equally augmenting the return from such an investment. STEPWISE DEPLOYMENT OF DNSSEC FOR AN ISP has conducted in-depth research into the deployment of DNSSEC for ISPs, based on interviews with U.S. market-leading ISPs and businesses, and has developed a stepwise deployment strategy for ISPs to consider as they develop an implementation plan. The following steps, based on the experiences of ISPs that have taken the steps to deploy DNSSEC in their organization, will ensure a smooth transition. Evaluate Current Capabilities Obviously evaluating current capabilities is the very first step that should be conducted by an ISP preparing to deploy DNSSEC. An ISP needs to review (conduct assessment) its network and inform its technical staff on what is needed to upgrade and manage the DNS recursive services. 9
10 Additionally, hardware and software across the entire organization needs to be evaluated. DNSSEC requires more processing power than traditional DNS and is only supported by certain software builds. Additionally, the packet sizes are considerably larger (could be up to two-and-a-half times larger) in DNSSEC and may require updates to security policies or packet forwarding devices throughout the organizations. Larger packets may also result in more transmission control protocol (TCP) transactions rather than user datagram protocol (UDP) transactions, and consideration should be given to this as well, particularly when evaluating implications on firewall and other middlebox policies. An ISP has to deploy DNSSEC with care. The average help desk cost is between $12 and $40 per incident 7. A haphazard DNSSEC deployment could cause disruptions to customers, and help desk staff has to be prepared to handle any incidents that come in. Conversely, costs avoided through subscriber compromise or other incidents that drive help desk call volume will be minimized once DNSSEC is deployed. A phased model that allows ISPs to deploy DNSSEC at the recursive layer before subscribers are utilizing it at home or within the enterprise will ease operational complexities that may arise if customer deployment DNSSEC validation functions before their ISPs. Additionally, it may keep subscribers from migrating away from ISP DNS resolvers to globally open or internal-only DNS resolvers. Evaluations of current capability will require detailed assessments and will be very specific to the ISP s automation and organization. Companies that have already been through this exercise recommend obtaining the services of a capable consultant if your in-house expertise is marginal. Determine Where DNSSEC Fits Into Service Offerings DNSSEC will be the cornerstone of additional service offerings that require security guarantees. ISPs need to consider where DNSSEC fits into the deployment of larger service offerings. By understanding which future service offerings will incorporate DNSSEC as part of the underlying messaging, ISPs can better determine the required timeline for DNSSEC deployment. ISPs have to ask themselves who the target of DNSSEC-based services will be and how these services will be priced. ISPs have the opportunity to position DNSSEC as a competitive advantage as DNSSEC can improve adherence to regulatory requirements for ISP customers. Once customers understand the value that DNSSEC provides them in terms of protection against cache poisoning, those same customers will be more willing to pay a premium for services that utilize DNSSEC. Develop an Incremental Plan for Deployment ISPs should carefully evaluate their existing infrastructure and upgrade plans as they develop their deployment plans. New equipment purchases should handle DNSSEC traffic. 7 Cut-Help-Desk-Costs-Without-Sacrificing-Service/ 10
11 Software builds should be evaluated and tested for DNSSEC support. Additionally, coordination with primary equipment vendors will be critical as ISPs move to deploy DNSSEC in their organization. Test and Document Test and document is the final step of a DNSSEC rollout. With comprehensive testing, verification and documentation, an ISP can be secure in its knowledge that the solution operates as designed. For many ISPs, testing only involves the building of a test bed, allowing DNSSEC to be tested in isolation from the production network. Being able to tweak a configuration without impacting real traffic or customers is essential to building a robust DNSSEC environment prior to rolling it out. HOW VENDORS CAN HELP DNSSEC is not effective if only operating at the root level of the Internet. In order to provide a secure infrastructure, DNSSEC must be in place throughout the system, supported by all domains and validation functions enabled on all recursive name servers. ISPs are key to DNSSEC rollout, and numerous vendors are committed to helping ISPs make the transition to DNSSEC in a timely and efficient manner. There are a variety of vendors and consultants well-positioned to be trusted advisors in this role, having the expertise, experience and resources to help ISPs make sense of this new technology and adapt accordingly for their specific operating environment. Expertise and Experience Many vendors and consultants have worked to create a methodical deployment strategy to minimize potential disruptions to organizations deploying DNSSEC. ISPs can look toward these experienced vendors and consultants to ensure a smooth transition from DNS to DNSSEC. Resources Many vendors are taking multiple steps to drive DNSSEC adoption and simplify implementation for domain name registrars, ISPs, registrants, and other members of the DNS ecosystem. These steps include publishing technical resources; providing test environments for implementers and vendors to evaluate the compatibility of their equipment with DNSSEC; leading educational sessions for registrars, ISPs, and other communities; and developing tools to simplify DNSSEC management. CONCLUSION The Internet has evolved from its origins as test of concept for computer communications to one of the key public infrastructures relied on globally by billions of users. Despite its effectiveness up to now, some of the key components of the Internet were simply not 11
12 designed securely enough to handle the critical and sensitive nature of information traveling across it today. DNSSEC addresses some of the security challenges inherent to DNS today and provides a foundation for the era of hyper-connectedness we are entering. Ultimately, DNSSEC implementation increases security for the Internet and users of ISP services, which will allow for improved services to the end-user and ensure a more reliable and secure network into the future. 12
13 CONTACT US Silicon Valley 331 E. Evelyn Ave. Suite 100 Mountain View, CA Tel Fax San Antonio 7550 West Interstate 10, Suite 400, San Antonio, Texas Tel Fax Auckland Bangkok Beijing Bengaluru Bogotá Buenos Aires Cape Town Chennai Colombo Delhi / NCR Dhaka Dubai Frankfurt Hong Kong Istanbul Jakarta Kolkata Kuala Lumpur London Mexico City Milan Moscow Mumbai Manhattan Oxford Paris Rockville Centre San Antonio São Paulo Seoul Shanghai Silicon Valley Singapore Sophia Antipolis Sydney Taipei Tel Aviv Tokyo Toronto Warsaw ABOUT FROST & SULLIVAN London 4, Grosvenor Gardens, London SWIW ODH,UK Tel 44(0) Fax 44(0) GoFrost myfrost@frost.com Based in Mountain View, California, is a global leader in strategic growth consulting. This white paper is part of s ongoing strategic research into the Information Technology industries. regularly publishes strategic analyses of the major markets for products that encompass storage, management, and security of data. Frost & Sullivan also provides custom growth consulting to a variety of national and international companies. The information presented in this publication is based on research and interviews conducted solely by and, therefore, is subject to fluctuation. takes no responsibility for any incorrect information supplied to us by manufacturers or end-users. All copyright and other proprietary notices must be retained. No license to publish, communicate, modify, commercialize or alter this document is granted. For information regarding permission, write: 331 E. Evelyn Ave. Suite 100 Mountain View, CA
An Overview and Competitive Analysis of the One-Time Password (OTP) Market
An Overview and Competitive Analysis of the One-Time Password (OTP) Market A White Paper Prepared by Martha Vazquez, Research Analyst TABLE OF CONTENTS Introduction... 3 Brief Overview of the OTP Market...
More informationUnified Communications Can Change Your Outlook - Making Your Business Better
Unified Communications Can Change Your Outlook - Making Your Business Better We are now Unify. Formerly known as Siemens Enterprise Communications, Unify continues to be one of the world s largest communications
More informationPreparing Your Infrastructure for Enterprise Social Software: Strategies for Success
Preparing Your Infrastructure for Enterprise Social Software: Strategies for Success A Frost & Sullivan White Paper By Melanie Turek Industry Director EXECUTIVE SUMMARY As organizations navigate through
More informationHow Mid-market Companies Can Optimize their Technology Investments through Managed IT Solutions
How Mid-market Companies Can Optimize their Technology Investments through Managed IT Solutions An Executive Brief Sponsored by DSS www.frost.com Stratecast Frost & Sullivan HOW MID-MARKET COMPANIES CAN
More informationBUILDING A SUCCESSFUL ROADMAP TO THE CLOUD
BUILDING A SUCCESSFUL ROADMAP TO THE CLOUD INTRODUCTION Chances are your company has dabbled in the cloud. Perhaps you have moved the company Website to an on-demand cloud-based infrastructure service.
More informationThe Changing Role of Mobile Communications in the Workplace
The Changing Role of Mobile Communications in the Workplace A Frost & Sullivan White Paper TABLE OF CONTENTS Introduction... 3 The Changing Nature of Business Communications... 3 Redefining Mobile Workers...
More informationPremise vs. Hosted Contact Center: Total Cost of Ownership Analysis
vs. Contact Center: Total Cost of Ownership Analysis A White Paper Sponsored By TABLE OF CONTENTS Introduction... 3 TCO Analysis... 4 Background... 4 Systems and Applications... 4 Implementation... 4 Maintenance
More informationTips for Choosing a Cloud Service Provider
Tips for Choosing a Cloud Service Provider An Executive Brief Sponsored by IBM march 2011 www.frost.com Stratecast Frost & Sullivan TIPS FOR CHOOSING A CLOUD SERVICE PROVIDER The biggest myth in technology
More informationLeveraging Specialized Hardware and Expertise in a Mid-Market Cloud
Leveraging Specialized Hardware and Expertise in a Mid-Market Cloud September 2014 Karyn Price Industry Analyst Cloud Computing Leveraging Specialized Hardware and Expertise in a Mid-Market Cloud INTRODUCTION
More informationExtending the Value of IP Communications Investments with SIP Trunking
50 Years of Growth, Innovation and Leadership Extending the Value of IP Communications Investments with SIP Trunking SIP Trunking Enables a Next-Generation Communications Environment A Frost & Sullivan
More informationDemystifying Unified Communications: Best Practices for Maximum ROI
50 Years of Growth, Innovation and Leadership Demystifying Unified Communications: Best Practices for Maximum ROI A Frost & Sullivan White Paper www. Frost & Sullivan Demystifying UC... 4 UC is a Migration...
More informationOnline Learning 2.0: The Technologies and Trends Revolutionizing the Classroom
50 Years of Growth, Innovation and Leadership Online Learning 2.0: The Technologies and Trends Revolutionizing the Classroom Sponsored by www.frost.com Frost & Sullivan Online Learning 2.0: The Technologies
More informationMeeting the Future with a Converged Infrastructure:
50 Years of Growth, Innovation and Leadership Meeting the Future with a Converged Infrastructure: Delivering Applications for the 21st Century A Frost & Sullivan White Paper www. Frost & Sullivan Introduction...
More informationCloud Contact Center Market Trends:
50 Years of Growth, Innovation and Leadership Cloud Contact Center Market Trends: Movement from Best-of-Breed to Suites A Frost & Sullivan Executive Brief www. Frost & Sullivan INTRODUCTION The cloud model
More informationBest Practices for Managing Teleworkers: Changing Attitudes, Changing Ways
Best Practices for Managing Teleworkers: Changing Attitudes, Changing Ways Compared to nonteleworkers, employees who telework: Are more clear about work expectations Have a greater sense of control Have
More informationCustomer Perspectives Series: Law Firm Herbert Smith Freehills Uses BrightTALK to Provide High-Value Client Training
Customer Perspectives Series: Law Firm Herbert Smith Freehills Uses BrightTALK to Provide High-Value Client Training Featured Company: A Frost & Sullivan Case Study frost.com HSF Customer Education and
More informationWebinars Drive Lead Generation:
50 Years of Growth, Innovation and Leadership Webinars Drive Lead Generation: Trada Uses ReadyTalk Web Conferencing for Thought Leadership, Qualified Leads A Frost & Sullivan Case Study www. Frost & Sullivan
More informationVideo-enabled unified communications
Video-enabled unified communications We are now Unify. Unify continues to be one of the world s largest communications software and services firms. This document contains third-party content that refers
More informationVisual Collaboration: Boost Employee Productivity and Drive Customer Interaction
50 Years of Growth, Innovation and Leadership Visual Collaboration: Boost Employee Productivity and Drive Customer Interaction A Frost & Sullivan White Paper www. Visual Collaboration: Boost Employee
More informationDEVELOPING COMMUNICATION AND COLLABORATION IN BANKING AND FINANCIAL SERVICES FOR INCREASED BUSINESS VALUE
DEVELOPING COMMUNICATION AND COLLABORATION IN BANKING AND FINANCIAL SERVICES FOR INCREASED BUSINESS VALUE A White Paper TABLE OF CONTENTS TABLE OF CONTENTS Introduction 3 Overview of Communication and
More informationGetting the Most from Your Cloud Implementation: How Hardware and Software Integration Provides a Competitive Advantage
Getting the Most from Your Cloud Implementation: How Hardware and Software Integration Provides a Competitive Advantage An Executive Brief Sponsored by Hewlett-Packard www.frost.com Stratecast Frost &
More informationChanging Perceptions about Managed Services:
50 Years of Growth, Innovation and Leadership Changing Perceptions about Managed Services: The Managed Service Provider (MSP) as a Partner A Frost & Sullivan White Paper Robert Worden, M.A. www.frost.com
More informationTruly Powerful Collaboration Deployments Do Not End at Lync:
Truly Powerful Collaboration Deployments Do Not End at Lync: Considerations to Extend the Value of Lync A Frost & Sullivan Market Insight Sponsored by Acano frost.com Introduction... 3 Adoption Trends
More informationAiming to Increase UC Adoption? Look to Video.
50 Years of Growth, Innovation and Leadership Aiming to Increase UC Adoption? Look to Video. Pervasive Video Users Embrace UC by 30 Percent More A Frost & Sullivan White Paper www.frost.com Frost & Sullivan
More informationGetting a Handle on Big Data Doesn t Have to be a Big Headache
50 Years of Growth, Innovation and Leadership Getting a Handle on Big Data Doesn t Have to be a Big Headache A Frost & Sullivan White Paper www.frost.com Frost & Sullivan Big Data is a Big Problem... 3
More informationBENEFITS OF SERVERLESS COMPUTING
BENEFITS OF SERVERLESS COMPUTING A Frost & Sullivan Market Insight INTRODUCTION TO SERVERLESS COMPUTING Serverless Computing is an integrated NVR/SAN platform that runs video management software directly
More informationAn Executive Brief Sponsored by IBM. Lynda Stadtmueller Program Director, Cloud Computing
An Executive Brief Sponsored by IBM Lynda Stadtmueller Program Director, Cloud Computing February 2014 Building a Successful Roadmap to the Cloud Chances are your company has dabbled in the cloud. Perhaps
More informationVideo Collaboration in the Financial Services Industry
Video Collaboration in the Financial Services Industry Navigating a Complex Environment with Greater Productivity A Frost & Sullivan White Paper Roopam Jain www.frost.com Frost & Sullivan INTRODUCTION
More informationSHAREPOINT IN HEALTHCARE Collaboration and Information Sharing in a Secure Environment
SHAREPOINT IN HEALTHCARE Collaboration and Information Sharing in a Secure Environment A Frost & Sullivan White Paper Prepared by Robert Ayoub, CISSP and Martha Valazquez TABLE OF CONTENTS Introduction...
More informationNexidia and Blue Cross and Blue Shield of North Carolina Voice of the Customer (VoC) Analytics to Increase Clarity and Ease of Use for Customers
50 Years of Growth, Innovation and Leadership Nexidia and Blue Cross and Blue Shield of North Carolina Voice of the Customer (VoC) Analytics to Increase Clarity and Ease of Use for Customers A Frost &
More informationTaking Control by Letting Go: Optimizing Your SAP Environment via the Cloud
Taking Control by Letting Go: Optimizing Your SAP Environment via the Cloud An Executive Brief Sponsored by Symmetry Corporation www.frost.com TABLE OF CONTENTS TAKING CONTROL BY LETTING GO: OPTIMIZING
More informationBeyondTrust PowerBroker Password Safe
BeyondTrust PowerBroker Password Safe A Frost & Sullivan Product Review frost.com BEYONDTRUST POWERBROKER PASSWORD SAFE From small businesses to enterprises, the security of information, applications,
More informationWebinars Help the American Marketing Association Boost Revenues, Keep Members
Webinars Help the American Marketing Association Boost Revenues, Keep Members The American Marketing Association (AMA) has been using webinars for almost 10 years to deliver information and training to
More informationProtect Customers with PCI Compliance Lowering Data Breach Risks for Customer Contact Centers
50 Years of Growth, Innovation and Leadership Protect Customers with PCI Compliance Lowering Data Breach Risks for Customer Contact Centers A Frost & Sullivan White Paper www.frost.com Frost & Sullivan
More informationJOURNEY TO IT AS A SERVICE POWERED BY SOFTWARE-DEFINED DATA CENTERS
JOURNEY TO IT AS A SERVICE POWERED BY SOFTWARE-DEFINED DATA CENTERS INTRODUCTION Modern business is an around-the-clock proposition. Better connectivity, enhanced global transport capabilities, and increasingly
More informationWHY LINUX VIRTUALIZATION IS READY FOR PRIME TIME
WHY LINUX VIRTUALIZATION IS READY FOR PRIME TIME INTRODUCTION Virtualization technologies have gained a strong footing in enterprise data centers in recent years. According to Frost & Sullivan research,
More informationOvercoming the Challenges of Mobile Video Conferencing
50 Years of Growth, Innovation and Leadership Overcoming the Challenges of Mobile Video Conferencing A Frost & Sullivan White Paper www.frost.com Frost & Sullivan Executive Summary... 3 The Value of Mobile
More informationUnified Communications as a Service: The Quality of Service Imperative
Unified Communications as a Service: The Quality of Service Imperative A Frost & Sullivan Technical Brief frost.com Introduction: Delivering Enterprise Communications in the Cloud Era... 3 Communications
More informationVideoconferencing-as-a-Service:
50 Years of Growth, Innovation and Leadership Videoconferencing-as-a-Service: Making Video Simple and Affordable A Frost & Sullivan White Paper www. Frost & Sullivan Introduction... 3 Videoconferencing
More informationBusiness-Grade Video Conferencing for SMBs: Enhance Your Employees Productivity Today
Business-Grade Video Conferencing for SMBs: Enhance Your Employees Productivity Today A Frost & Sullivan White Paper TABLE OF CONTENTS Introduction... 3 The Value of Video Conferencing for SMBs... 4 Communicate
More informationBig Data Applications in the Contact Center: Opportunities and Challenges
Big Data Applications in the Contact Center: Opportunities and Challenges A Frost & Sullivan Case Study frost.com Big Data in Action: TalkTalk and Nexidia... 3 The Situation... 3 The Solution... 3 Adding
More informationAn Overview and Competitive Analysis of the One-Time Password (OTP) Market
50 Years of Growth, Innovation and Leadership An Overview and Competitive Analysis of the One-Time Password (OTP) Market A Frost & Sullivan White Paper Richard Martinez Research Analyst www.frost.com Frost
More informationOutsourcing IT Resource Management to Third-Party Providers:
Outsourcing IT Resource Management to Third-Party Providers: Freeing Transportation Organizations to Focus on Their Core Business A Frost & Sullivan White Paper Nandini Tare, Industry Analyst frost.com
More informationThe Impact of the Google Apps Marketplace on the Success and Adoption of Google Apps
50 Years of Growth, Innovation and Leadership The Impact of the Google Apps Marketplace on the Success and Adoption of Google Apps A Frost & Sullivan White Paper We accelerate growth www.frost.com Frost
More informationUnified Communications:
A Frost & Sullivan White Paper 2014 Frost & Sullivan India ICT Awards: Unified Communications Application Vendor of the Year SIGNIFICANCE OF UNIFIED COMMUNICATIONS The business landscape in India has changed
More informationTAKING A FRESH LOOK AT DATA CENTER VIRTUALIZATION
TAKING A FRESH LOOK AT DATA CENTER VIRTUALIZATION INTRODUCTION It is impossible to talk about the cloud-enabled future without focusing on virtualization. All cloud infrastructure whether private, public,
More informationEnable Ubiquitous Visual Collaboration without Breaking the Bank
50 Years of Growth, Innovation and Leadership Enable Ubiquitous Visual Collaboration without Breaking the Bank How to Address the Key Challenges of Video Conferencing Deployments in Meeting Rooms A Frost
More informationSecure Video Collaboration:
Secure Video Collaboration: How to Ensure Security of Your Cloud Video Conferencing Solution A Frost & Sullivan White Paper Sponsored by Lifesize frost.com Introduction... 3 The Security Challenge... 3
More informationAn Overview and Competitive Analysis of the One-Time Password (OTP) Market
50 Years of Growth, Innovation and Leadership An Overview and Competitive Analysis of the One-Time Password (OTP) Market A Frost & Sullivan Executive Summary Jean-Noël Georges Program Director www.frost.com
More informationVideo Conferencing Connects Teams and Customers for Greater Productivity
Video Conferencing Connects Teams and Customers for Greater Productivity A Frost & Sullivan White Paper Sponsored by: frost.com What to Look for in a Provider... 3 The Value of Visual Interaction... 3
More informationBoosting the Value of Conferencing through Peripherals:
50 Years of Growth, Innovation and Leadership Boosting the Value of Conferencing through Peripherals: Choosing the Right Webcam and Headset Can Make All the Difference A Frost & Sullivan White Paper www.
More informationCustomize Your UC Solution for Business Agility
50 Years of Growth, Innovation and Leadership Customize Your UC Solution for Business Agility Reduce Costs and Drive Efficiencies A Frost & Sullivan Executive Brief www. Frost & Sullivan Unified Communications
More informationLeveraging the Power of Video Conferencing for Business:
50 Years of Growth, Innovation and Leadership Leveraging the Power of Video Conferencing for Business: Best Practices for Supporting Collaboration in the 21st Century A Frost & Sullivan White Paper www.frost.com
More informationVideo Conferencing: Pervasive Collaboration leading to end-user productivity. A Frost & Sullivan White Paper
A Frost & Sullivan White Paper 2014 Frost & Sullivan India ICT Awards: Video Conferencing Equipment Vendor of the Year VIDEO CONFERENCING - GROWING NEED FOR EFFECTIVE ENTERPRISE COMMUNICATION In the current
More informationNot All Enterprise Social Networking Solutions are Created Equal
50 Years of Growth, Innovation and Leadership Not All Enterprise Social Networking Solutions are Created Equal IT Considerations have Direct Impact on ROI A Frost & Sullivan White Paper Robert Arnold www.frost.com
More informationCommunity Marketing: Focusing Your Webinar Strategy to Achieve Dramatic Results
50 Years of Growth, Innovation and Leadership Community Marketing: Focusing Your Webinar Strategy to Achieve Dramatic Results A Frost & Sullivan White Paper www.frost.com Frost & Sullivan Introduction...
More informationCLOUD MONITORING AND SERVICE MANAGEMENT Helping CIOs maximize their IT services and investments
50 Years of Growth, Innovation and Leadership CLOUD MONITORING AND SERVICE MANAGEMENT Helping CIOs maximize their IT services and investments A White paper by Frost & Sullivan in collaboration with CA
More informationSelecting a Cloud Service Provider: Which one is Right for You?
50 Years of Growth, Innovation and Leadership Selecting a Cloud Service Provider: Which one is Right for You? A White paper by Frost & Sullivan in collaboration with Macquarie Telecom www. SELECTING A
More informationWhy Anti-DDoS Products and Services are Critical for Today s Business Environment
50 Years of Growth, Innovation and Leadership Why Anti-DDoS Products and Services are Critical for Today s Business Environment Protecting Against Modern DDoS Threats A Frost & Sullivan White Paper www.frost.com
More informationStraight Talk: How to Cut Through Cloud Complexity and Implement Successful Cloud Solutions in your Company
50 Years of Growth, Innovation and Leadership Straight Talk: How to Cut Through Cloud Complexity and Implement Successful Cloud Solutions in your Company An Executive Brief Sponsored by Fujitsu www.frost.com
More informationThe Case For Converged Systems
Driving Business Value from IT Optimization: The Case for Converged Systems A Executive Brief Sponsored by Hewlett-Packard www.frost.com Frost & Sullivan DRIVING BUSINESS VALUE FROM IT OPTIMIZATION: THE
More informationMobile Handset Protection A Win-Win for Carriers and Consumers
50 Years of Growth, Innovation and Leadership Mobile Handset Protection A Win-Win for Carriers and Consumers A Frost & Sullivan Market Insight www.frost.com Stratecast Frost & Sullivan INTRODUCTION Smartphones
More informationThe Business Value of IT Organization s Transformation to an Internal Service Provider
The Business Value of IT Organization s Transformation to an Internal Service Provider An Executive Brief Sponsored by Hewlett-Packard May 2015 Roopashree (Roopa) Honnachari Industry Director Cloud Computing
More informationHow the Right Security Can Help Justify and Accelerate Your VDI Investments:
50 Years of Growth, Innovation and Leadership How the Right Security Can Help Justify and Accelerate Your VDI Investments: Using Solutions from VMware and Trend Micro to Secure VDI Deployments A Frost
More informationENTERPRISE VIDEO DISTRIBUTION: SIMPLIFY THE COMPLEX WEB
ENTERPRISE VIDEO DISTRIBUTION: SIMPLIFY THE COMPLEX WEB A White Paper The use of video in the enterprise segment is very different from that of traditional media and entertainment delivery. It is most
More informationFind a Data Center Management Services Provider that Thinks Like an Enterprise
Find a Data Center Management Services Provider that Thinks Like an Enterprise An Executive Brief Sponsored by Hewlett Packard Lynda Stadtmueller Vice President Cloud Services March 2015 Find a Data Center
More informationComparing CDN Performance: Amazon CloudFront s Last Mile Testing Results
50 Years of Growth, Innovation and Leadership Comparing CDN Performance: Amazon CloudFront s Last Mile Testing Results A Frost & Sullivan White Paper Sponsored by Amazon Web Services Dan Rayburn, Principal,
More informationBusiness Intelligence and Voice Communications - Taking Technology Investments to the Next Level
Applying BI to Voice Communications: Taking Technology Investments to the Next Level A Frost & Sullivan White Paper Rob Arnold, Author frost.com Introduction... 3 The Voice and Data Disconnect... 3 Bringing
More informationEmpowering Real-Time Customer Engagement: Fishing for a Prized Catch
50 Years of Growth, Innovation and Leadership Empowering Real-Time Customer Engagement: Fishing for a Prized Catch A Frost & Sullivan White Paper www.frost.com Frost & Sullivan A New World Reality... 3
More informationHP WFO: A New Position for a Brand you Trust
HP WFO: A New Position for a Brand you Trust Frost & Sullivan Analyst Opinion Nancy Jamison, Principal Analyst, Customer Contact frost.com When HP went through its restructuring exercise several years
More informationDemand More from Data Center Management Services: Find a Provider that Brings Flexibility, Innovation, and Cloud-Like Cost Efficiencies
Demand More from Data Center Management Services: Find a Provider that Brings Flexibility, Innovation, and Cloud-Like Cost Efficiencies An Executive Brief Sponsored by Hewlett-Packard Lynda Stadtmueller
More informationINFORMATION SECURITY REVIEW
INFORMATION SECURITY REVIEW 14.10.2008 CERT-FI Information Security Review 3/2008 In the summer, information about a vulnerability in the internet domain name service (DNS) was released. If left unpatched,
More informationHOW YOUR VIRTUALIZATION PLATFORM CAN MEET YOUR NEEDS TODAY AND IN YOUR CLOUD-ENABLED FUTURE
HOW YOUR VIRTUALIZATION PLATFORM CAN MEET YOUR NEEDS TODAY AND IN YOUR CLOUD-ENABLED FUTURE INTRODUCTION In companies large and small, IT leaders are facing tremendous opportunities and challenges. The
More informationCompetitive Analysis of the Global Software License Management Market, 2011
50 Years of Growth, Innovation and Leadership Competitive Analysis of the Global Software License Management Market, 2011 SafeNet Remains the Clear Market Leader A Frost & Sullivan White Paper www.frost.com
More informationEntering the Next Phase of DDoS Defense
Entering the Next Phase of DDoS Defense Stratecast Executive Brief April 2012 www.frost.com Stratecast Frost & Sullivan ENTERING THE NEXT PHASE OF DDOS DEFENSE Stratecast s assessment is that the adoption
More informationA Guide To Deploying Communications Devices In The Contact Center:
50 Years of Growth, Innovation and Leadership A Guide To Deploying Communications Devices In The Contact Center: A Structured Approach Nets the Best Results Commissioned by: A Frost & Sullivan Business
More informationThe Compelling Business Drivers for the Hosted Contact Center Approach
The Compelling Business Drivers for the Hosted Contact Center Approach A White Paper Sponsored by: 1 INTRODUCTION AND PURPOSE This research paper discusses industry trends, business benefits and the value
More informationVIRTUALIZATION FOR VIDEO SURVEILLANCE ENVIRONMENTS
VIRTUALIZATION FOR VIDEO SURVEILLANCE ENVIRONMENTS P IVOT3 SERVERLESS C OMPUTING OFFERS A NEW WAY TO R EDUCE P OWER, COOLING, AND R ACKSPACE A White Paper Prepared by: Dilip Sarangan, Industry Analyst,
More informationHow To Get A Cloud Based Service In Australia
50 Years of Growth, Innovation and Leadership Embracing Cloud Computing The Business Benefits that the Cloud is Offering A White paper by Frost & Sullivan www.frost.com ABOUT THIS WHITE PAPER Australia
More informationDOMAIN NAME SECURITY EXTENSIONS
DOMAIN NAME SECURITY EXTENSIONS The aim of this paper is to provide information with regards to the current status of Domain Name System (DNS) and its evolution into Domain Name System Security Extensions
More informationMarketing Automation:
Marketing Automation: Wiring the Telecommunications Industry for Marketing Success A Frost & Sullivan White Paper frost.com Customer Churn: The Bane of the Telecommunications Industry... 3 The Need to
More informationHuddle Spaces: Bridging the Gap Between Desktops and Large Conference Rooms
Huddle Spaces: Bridging the Gap Between Desktops and Large Conference Rooms A Frost & Sullivan White Paper frost.com Introduction... 3 Collaboration Drives Business Success... 3 Huddle Spaces: Extending
More informationEmerging Trends in Web Conferencing: Consumerization and Convergence Reshape the Market
Emerging Trends in Web Conferencing: Consumerization and Convergence Reshape the Market A Frost & Sullivan Executive Summary Based on Analysis of the Global Web Conferencing Market, December 2014 Sponsored
More informationContact Center Modernization:
Contact Center Modernization: A Cloud-Based Approach Delivers Clear Value for Mid-Size Organizations A Frost & Sullivan White Paper frost.com Introduction... 3 A Steady Move to the Cloud... 3 Spotlight
More informationGaining the Competitive Edge
50 Years of Growth, Innovation and Leadership Gaining the Competitive Edge How VoIP and SIP Trunking are Changing the Communications Landscape A Frost & Sullivan White Paper www. Frost & Sullivan Introduction...
More informationA Best Practices Guide to Fingerprint Biometrics
50 Years of Growth, Innovation and Leadership A Best Practices Guide to Fingerprint Biometrics Ensuring a Successful Biometrics Implementation A Frost & Sullivan White Paper Rob Ayoub, CISSP Global Program
More informationAPPLICATION DELIVERY CONTROLLERS: MAKING THE CLOUD BETTER
APPLICATION DELIVERY CONTROLLERS: MAKING THE CLOUD BETTER INTRODUCTION 1 It is an online world. Whether for internal business operations, business -to-business engagements (B2B), or business-to-consumer
More informationHow Can I Help You? Using Headsets to Improve Agent Performance and Customer Satisfaction. 50 Years of Growth, Innovation and Leadership
50 Years of Growth, Innovation and Leadership How Can I Help You? Using Headsets to Improve Agent Performance and Customer Satisfaction Commissioned by: A Frost & Sullivan White Paper www.frost.com December
More informationHow Data Migration Services Can Help You Maximize ROI While Minimizing Business Risk
How Data Migration Services Can Help You Maximize ROI While Minimizing Business Risk An Executive Brief Sponsored by Hewlett-Packard Lynda Stadtmueller Program Director, Cloud Computing February 2014 How
More informationVoIP Trunking Services - 3 Opportunities and Challenges
Optimizing VoIP Deployments with Adaptable Customer Premises Equipment: Considerations for Service Providers to Accelerate SIP Deployments A Frost & Sullivan White Paper Michael Brandenburg, Industry Analyst
More informationApplication Security in the Software Development Lifecycle
Application Security in the Software Development Lifecycle Issues, Challenges and Solutions www.quotium.com 1/15 Table of Contents EXECUTIVE SUMMARY... 3 INTRODUCTION... 4 IMPACT OF SECURITY BREACHES TO
More informationCASE STUDY: NORTHSIDE INDEPENDENT SCHOOL DISTRICT SAN ANTONIO, TX
CASE STUDY: NORTHSIDE INDEPENDENT SCHOOL DISTRICT SAN ANTONIO, TX CASE STUDY: NORTHSIDE INDEPENDENT SCHOOL DISTRICT San Antonio, TX 1. Client Profile Northside Independent School District is the premier
More informationMaximizing Return on Communications Infrastructure Investments through Managed Services
Maximizing Return on Communications Infrastructure Investments through Managed Services A White Paper TABLE OF CONTENTS Executive Summary... Investing in Advanced IT and Communications Technologies: Benefits
More informationDISASTER PLANNING AND RECOVERY
PLANNING IS THE KEY TO SUCCESSFUL DISASTER RECOVERY Source: US State Government Disaster Recovery Markets by Frost & Sullivan, A Global Growth Consulting Company DISASTER PLANNING AND RECOVERY In the aftermath
More informationIntroduction 3. A VoIP Solution to Meet Every Need 3. The Right VoIP Solution 6. The Savings Begin with Integrated Access 7
INCREASING BUSINESS VALUE WITH VOIP A Frost & Sullivan Whitepaper Sponsored by Covad Communications TABLE OF CONTENTS TABLE OF CONTENTS Introduction 3 A VoIP Solution to Meet Every Need 3 Hosted VoIP 4
More informationCreating the Foundation for Financial Health in 21st Century Healthcare Provision:
50 Years of Growth, Innovation and Leadership Creating the Foundation for Financial Health in 21st Century Healthcare Provision: Leveraging IT and Best Practices Via Business Process Outsourcing A Frost
More informationVIDEO Intypedia013en LESSON 13: DNS SECURITY. AUTHOR: Javier Osuna García-Malo de Molina. GMV Head of Security and Process Consulting Division
VIDEO Intypedia013en LESSON 13: DNS SECURITY AUTHOR: Javier Osuna García-Malo de Molina GMV Head of Security and Process Consulting Division Welcome to Intypedia. In this lesson we will study the DNS domain
More information