2 Security and Privacy

Security is the top priority for the Oracle® Intelligent Communications Orchestration Network from design to implementation following Oracle's Oracle Software Security Assurance (OSSA) requirements. Oracle provides this guide to ensure you that the Oracle® Intelligent Communications Orchestration Network is configured securely and its features are delivered securely.

Topics:

About Oracle® Intelligent Communications Orchestration Network

The Oracle® Intelligent Communications Orchestration Network enables Enterprises and Managed Service Providers to connect Unified Communications (UC) and Contact Centers (CC) because the service supports connecting to both on-premises and SaaS-based UC and CC solutions. The Oracle® Intelligent Communications Orchestration Network focuses on bringing voice communications services together in one place to relieve you from managing Carrier Service compatibility issues.

Security Recommendations

Oracle builds security into the Oracle® Intelligent Communications Orchestration Network with the following recommendations for you to note.

  • The Oracle® Intelligent Communications Orchestration Network User Interface allows only TLS1.2 connections. Ensure that only secured ciphers are allowed from your browsers: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 and TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256.
  • The Oracle® Intelligent Communications Orchestration Network server certificate is signed by Oracle's Digit CERT Certificate Authorities. Ensure that your browsers trust Oracle Certificate Authorities: Digicert SHA2 Secure Server CA2 (Signing CA) and Digicert Global ROOT CA (root CA).
  • For Session Border Controller interfaces that interconnect with Oracle® Intelligent Communications Orchestration Network service points by way of TLS, ensure to add Oracle Root CA to its trusted certificate list. The root CA "Digicert Global Root G2" can be downloaded from https://knowledge.digicert.com/general-information/digicert-trusted-root-authority-certificates.
  • Account management: Oracle recommends that you add accounts on a minimum privileges needed basis, where more permissions can be added as needed. When an account is no longer needed, suspend and remove it as soon as possible.

Security Operations

All Oracle® Intelligent Communications Orchestration Network communications are secured (TLS1.2+ with secured ciphers). Data at rest (customer configuration and operation data) is protected with secured ciphers and key lengths.

Oracle also monitors the Oracle® Intelligent Communications Orchestration Network with a secure SIEM program for real time threat detection. All Oracle® Intelligent Communications Orchestration Network deployments and environments are scanned and monitored for any threat intrusion and supply chain risks.

RTP and SIP Security

The Oracle® Intelligent Communications Orchestration Network does not protect SIP signaling traffic and RTP media traffic with encryption. Oracle recommends that you use SRTP and TLS to protect media and signaling data in transit.

Supported sRTP Crypto Suites:
  • AES_CM_128_HMAC_SHA1_80
  • AES_CM_128_HMAC_SHA1_32
  • AES_256_CM_HMAC_SHA1_80
  • AES_256_CM_HMAC_SHA1_32

RTP Addresses

The Oracle® Intelligent Communications Orchestration Network uses the following IPv4 Real-time Transport Protocol (RTP) addresses to anchor media in each supported region.

Note:

Oracle sends RTP traffic over media ports 30000-50000.

Table 2-1 RTP Addresses

  United States US1 (Ashburn) United Kingdom UK1 (London) Europe EU1 (Frankfurt)
RTP Addresses
  • 152.70.194.115
  • 129.158.41.18
  • 129.80.0.17
  • 141.148.65.154
  • 129.80.168.72
  • 129.153.11.4
  • 145.241.255.210
  • 145.241.215.174
  • 141.147.86.5
  • 141.147.72.109
  • 193.123.190.92
  • 141.147.108.181
  • 92.5.74.51
  • 92.5.81.148
  • 89.168.85.244
  • 89.168.101.27
  • 129.159.31.17
  • 138.2.190.141

SIP Addresses

The Oracle® Intelligent Communications Orchestration Network sends Session Initiation Protocol (SIP) traffic from the following IP addresses according to the region of origin.

Table 2-2 SIP Addresses

  United States US1 (Ashburn) United Kingdom UK1 (London) Europe EU1 (Frankfurt)
Carrier SIP Addresses
  • 157.151.185.240
  • 129.80.163.26
  • 129.80.237.143
  • 141.147.93.137
  • 79.72.90.134
  • 79.72.74.167
  • 141.144.252.12
  • 152.70.25.132
  • 92.5.21.254
Generic SIP Addresses
  • 141.148.94.123
  • 141.148.19.91
  • 141.148.19.207
  • 132.226.133.10
  • 141.147.102.157
  • 130.162.174.170
  • 158.180.40.23
  • 79.76.125.226
  • 92.5.45.176

Privacy Policy

The Oracle® Intelligent Communications Orchestration Network collects and uses your information to administer, support, improve, and obtain feedback on our services, to detect and prevent faults, breaches of our network security, the law, or our contractual terms. Oracle will not sell or rent your personal data to others outside Oracle® Intelligent Communications Orchestration Network , except where the law permits or unless you specifically agree.

Information collected by Oracle® Intelligent Communications Orchestration Network may be transferred and disclosed to any of the following parties:
  • Companies related to Oracle
  • Lawyers, auditors, or advisers to Oracle
  • Agents acting on behalf of Oracle
  • Oracle business partners
  • Agents, affiliates, contractors, and third-party service providers who provide administrative, telecommunications, computer, payment, and other services to Oracle in relation to Oracle's business operations
  • Any persons and corporate entities to whom Oracle is obliged to disclose under the requirements of law relating to Oracle or any of its affiliates or partners
  • Governmental and judicial bodies and regulators

Access Your Information

You can request access to your personal data information retained by Oracle, make corrections to it, ask us more generally about the kind of personal data we hold, and what our policies and practices are in relation to the information.