Here are descriptions of the more relevant changes in EVSS 20.1
Enterprise Voice Security Suite
Call Hold for PrivateWave Professional
During a PrivateWave conversation it is now possible to answer a native GSM/3G/4G call putting automatically On-Hold the VoIP call. An information Pop-Up will notify the other user that the conversation is suspended waiting for the ending of the native call.
Apple Push Notification support
It is no longer necessary to keep the iOS client open and connected (it is better to close it when not used). Recipients are reachable even if the application is closed.
SSL Certificate Pinning
In order to detect and block man-in-the-middle attacks, clients adds an extra step beyond the normal X.509 certificate validation. After obtaining the server's certificate in the standard TLS handshake, the client checks the public key in the server's certificate chain against a hash of public key for the server name. Available optionally only for on-premise solution.
Mutual authentication with X.509 certificate
Clients can be authenticated by PrivateServer through X.509 certificates. The private key is securely stored on the device and can not be exported. PrivateServer can periodically acquire and manage the list of certificate revocation (CRL), safely and through secure protocol (HTTPS). Available optionally only for on-premise solution.
Two-factor authentication for client activation (Email & SMS)
At the time of provisioning, client is authenticated by providing a secure link for activation in which a PIN, sent on another channel (e.g. email), must be specified. Available optionally only for on-premise solution.
Each call made by a PrivateWave client produces encrypted traffic based on the recipient of the secure call:
- if the call recipient is another PrivateWave client, the call is made using the ZRTP protocol for key exchange
- if the recipient of the call is not a PrivateWave client, the call is made using the SDES protocol
Available optionally only for on-premise solution.
Advenced conference room service
Conference administrator is able to send an invitation link by SMS/email to extend the conference to participants that can access the conference clicking on the received link. For each conference room, the administrator is able to see a full list of participants in the conference call, with the possibility of taking actions on them (mute - unmute - kick). Available optionally only for on-premise solution.
On-line presence masking
Known contacts are now shown with a blue icon regardless of the on-line state.
Automatic expire of Secure Messages
Even if application PIN is set, PrivateServer administrator can configure an expire time out of read messages. Available optionally only for on-premise solution.
Secure message maximum length is now 1000 characters.
New contact adding
User can add a new phone number to the phone address book directly from PrivateWave application.
GrandStream VoIP phone support
Support of Android based GrandStream GXV3275 IP phone.
Kamailio SIP proxy integration
Integration of Kamailio SIP proxy as SIP front-end. Kamailio is an open source, secure, reliable and flexible SIP server with an anti-flooding embedded module capable of IP banning storing the list of banned IP and forbid traffic from it for a period of time.