1 Voice over Internet Protocol (VoIP) Security Affects on the IP Network Architecture Conference ICS – Wireless Group Meeting Tempe, Arizona.

Slides:

Advertisements

Similar presentations

Saif Bin Ghelaita Director of Technologies & Standards TRA UAE

Advertisements

Addressing Security Issues IT Expo East Addressing Security Issues Unified Communications SIP Communications in a UC Environment.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 1: Exploring the Network Network Basics.

Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.

1 © 2004, Cisco Systems, Inc. All rights reserved IP Telephony Security Cisco Systems.

1 Network Architecture and Design Advanced Issues in Internet Protocol (IP) IPv4 Network Address Translation (NAT) IPV6 IP Security (IPsec) Mobile IP IP.

Quality of Service(QoS). Outline Why QoS is important? What is QoS? QoS approach. Conclusion.

Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.

January 23-26, 2007 Ft. Lauderdale, Florida IP Communications, Secure – By Design Roger W. Farnsworth.

Firewall Planning and Design Chapter 1. Learning Objectives Understand the misconceptions about firewalls Realize that a firewall is dependent on an effective.

Emerging Technologies in Wireless LANs. Replacement for traditional Ethernet LANs Several Municipalities Portland, OR Philadelphia, PA San Francisco,

Business Data Communications, Fourth Edition Chapter 10: Network Security.

SIP vs H323 Over Wireless networks Presented by Srikar Reddy Yeruva Instructor Chin Chin Chang.

Henric Johnson1 Network Security /. 2 Outline Attacks, services and mechanisms Security attacks Security services Methods of Defense A model for Internetwork.

NENA Development Conference | October 2014 | Orlando, Florida ESIND working group Jim Lockard, Joel McCamley Co-Chairs.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 1: Exploring the Network Introduction to Networks.

Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.

Chapter 3 Application Level Security in Wireless Network IWD2243 : Zuraidy Adnan : Sept 2012.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 1: Exploring the Network Introduction to Networks.

By: Christopher Henderson.  What is VoIP?  How is it being used?  VoIP’s main Security Threats.  Availability of Service  Integrity of Service 

Wireless Network Security. Wireless Security Overview concerns for wireless security are similar to those found in a wired environment concerns for wireless.

Voice & Data Convergence Network Services January 11, 2001.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Introducing Routing and Switching in the Enterprise – Chapter 1 Networking.

Securing Information Systems

Shared success Outline What is network security? Why do we need security? Who is vulnerable? Common security attacks and countermeasures. How to secure.

Agenda Voice Security Architecture VoIP Risk VoIP threats Service disruption Design Consideration Attacks.

VoIP security : Not an Afterthought. OVERVIEW What is VoIP? Difference between PSTN and VoIP. Why VoIP? VoIP Security threats Security concerns Design.

Chapter 1 Intro to Routing & Switching.  Networks have changed how we communicate  Everyone can connect & share  How have networks changed the way…

Introduction to Multimedia Networking (2) Advanced Multimedia University of Palestine University of Palestine Eng. Wisam Zaqoot Eng. Wisam Zaqoot October.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 1: Exploring the Network Introduction to Networks.

Support Services & IP Multimedia Subsystem (IMS)

Exploring the Network.

Applied Communications Technology Voice Over IP (VOIP) nas1, April 2012 How does VOIP work? Why are we interested? What components does it have? What standards.

VoIP Security in Service Provider Environment Bogdan Materna Chief Technology Officer Yariba Systems.

OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.

Module CT1040N: Networking Basics Lecture Week 1.

Chapter 4 Application Level Security in Cellular Networks.

ACM 511 Introduction to Computer Networks. Computer Networks.

Voice over IP by Rahul varikuti course instructor: Vicky Hsu.

11 SECURING NETWORK COMMUNICATION Chapter 9. Chapter 9: SECURING NETWORK COMMUNICATION2 OVERVIEW  List the major threats to network communications. 

Network Security Chapter 11 powered by DJ 1. Chapter Objectives  Describe today's increasing network security threats and explain the need to implement.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Living in a Network Centric World Network Fundamentals – Chapter 1.

Enterprise-Class Telephony on Wireless LANs Tom Alexander CTO VeriWave, Inc.

Presents H.323 Forum ITU-T SG16 With Focus on H.323 Activities Presented by Paul E. Jones Rapporteur ITU-T Q2/16 Cisco Systems.

CS460 Final Project Service Provider Scenario David Bergman Dong Jin Richard Bae Scott Greene Suraj Nellikar Wee Hong Yeo Virtual Customer: Mark Scifres.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Living in a Network Centric World Network Fundamentals – Chapter 1.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Living in a Network Centric World Network Fundamentals – Chapter 1.

Lecture 24 Wireless Network Security

IT Security. What is Information Security? Information security describes efforts to protect computer and non computer equipment, facilities, data, and.

Voice Over IP (VoIP): Internet Telephony Dr. Najla Al-nabhan 1.

Infrastructure Consolidation Cloud/SaaS Web 2.0 Converged Communications Virtualization Mobile Devices.

CSE5803 Advanced Internet Protocols and Applications (14) Introduction Developed in recent years, for low cost phone calls (long distance in particular).

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Living in a Network Centric World Network Fundamentals – Chapter 1.

IS3220 Information Technology Infrastructure Security

Version 4.0 Living in a Network Centric World Network Fundamentals – Chapter 1.

SIP & How It Relates To YOUR Business. Jeff S. Olson Director of Marco Carrier Services David Bailey-Aldrich Technology.

Juniper Networks Mobile Security Solution Nosipho Masilela COSC 356.

Unit 2 Personal Cyber Security and Social Engineering Part 2.

Cisco Exam Questions IMPLEMENTING CISCO IOS NETWORK SECURITY (IINS V2.0) VERSION: Presents: 1.

1 © 2007 Cisco Systems, Inc. All rights reserved.Cisco Public Network Architecture Characteristics  Explain four characteristics that are addressed by.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 1: Exploring the Network Introduction to Networks.

Cisco Discovery 3 Chapter 1 Networking in the Enterprise JEOPARDY.

Chapter 1: Explore the Network

Instructor Materials Chapter 1: Explore the Network

IT443 – Network Security Administration Instructor: Bo Sheng

Chapter 1: Explore the Network

Lecture 5: Voice Over IP (VoIP): Internet Telephony

Introduction to Course

Presentation transcript:

1 Voice over Internet Protocol (VoIP) Security Affects on the IP Network Architecture Conference ICS – Wireless Group Meeting Tempe, Arizona February 6, 2005 Jose J. Valdes, Jr. Colorado State University

2 Convergence  “Today’s networks are being architected with converged, real time, voice, data, and video applications in mind.” (1)  “It is this ability to integrate voice, data, and video applications using a single network infrastructure that makes deployment of IP telephony platform a essential step toward creating a next-generation network.” (1)  The next-generation network has different and extended architectural requirements, in part because of VoIP, e.g., security.

3 VoIP Security  “Security must prevent theft of service, authenticate users, and repel a range of attacks from outside and inside the firewall.” (2)  “With the introduction of VOIP, the need for security is compounded because now we must protect two invaluable assets, our data and our voice.” (3) (video and mobile).  “The key to securing VOIP is to use the security mechanisms like those deployed in the data networks (firewall, encryption, anti- virus, pop-up protection, O.S. updates,etc.).” (3)

4 VoIP Security Challenges  Quality of Service (QoS)  Latency  Jitter  Packet loss  Security Breaches  Access  Disruption  Confidentiality and privacy  Network Elements  Denial of Service (DoS)  Power failure  Viruses, Trojan Horse  Physical security  Operating System  Life and Safety (E-911)   Protocols  H.323  SIP

5 Quality of Service (QoS)  “Quality of Service (QoS) refers to the capacity of a network to provide better service to selected network traffic over various technologies …, and IP routed networks …” (4)  Latency is the time it takes for data to get from the source to the destination and is introduced from various network and VoIP components, e.g., encryption encoding and decoding.  Jitter is introduced when data packets have different latency and packets become out of sequence.  Packet loss is when data packets do not arrive at the destination or arrive too late to be processed. (4)

6 QOS  “The key to conquering QoS issues like latency and bandwidth congestion is speed.” (3)  “…every facet of network traversal must be completed quickly in VoIP.” (3)  Firewalls/NAT traversal and traffic encryption/decryption are latency producers and network congestion generators, but must effective means to secure a network. The “good and bad news”.

7 Security Breaches  Access  Unauthentication - intrusion detection and application access control  Protection and updating of administrative passwords  Disruption  Denial of Service (DoS) – VLAN, firewall, routers, digital certificates  Network congestion – QoS, increased bandwidth  Confidentiality and Privacy  Eavesdropping & IP spoofing

8 Network Elements  Denial of Service (DoS) – see slide # 7  Power failure – UPS, generators  Viruses, Trojan Horse – application and O.S. patches and updates, security policies  Physical security – access controls, policies  Operating System – patches, updates  Life and Safety (E-911) – static IP address, relocation policies  evolving IP mobile devices or dual mode with cellular

9 IP Security Profiles  ITU – T H.234 v2 & v3 defines different security profiles for product interoperability under the H.323 suite of protocols’ Annex D, E, and F. Suite designed for real time audio, video, multimedia, and data.  SIP security features described in RFC 3261 (IETF). Designed for VoIP and updated for video and messaging.  Some will argue that these protocols were designed from different perspectives.

10 Bottom Line and Discussion  Expectations for VoIP will be based on the performance and availability of legacy telephony systems!!  How will VoIP affect the IP network architecture?  Will “traditional” IP security mechanisms and policies be effective or detrimental to VoIP on a convergent network?  How to identify the accommodations or “trade offs” that will be acceptable in support of VoIP on a convergent network?

11 References (1) Broadcom. “Critical Steps for Successful VoIP Deployment.” White Paper October 2004 Broadcom Corporation Irvine, CA. (2) Shore, Joel. “IP Telephony Security: An Overview.” NetworkWorld URL: (3) Kuhn, R.D., Walsh, T.J., & Fries, S., “Security Considerations for Voice Over IP Systems: Recommendations of the National Institute of Standards and Technology.” National Institute of Standards and Technology, Gaithersburg, MD. January (4) Cisco. “Internetworking Technology Handbook.” URL: (26 October 2004) (5) Tucker, G.S., “Voice Over Internet Protocol (VoIP) and Security.” GIAC Security Essentials Certification (GSEC), v1.4c, option 1, 26 October 2004