January 23-26, 2007 Ft. Lauderdale, Florida IP Communications, Secure – By Design Roger W. Farnsworth.

Slides:

Advertisements

Similar presentations

Unified Communications Bill Palmer ADNET Technologies, Inc.

Advertisements

Copyright © 2007 Telcordia Technologies Challenges in Securing Converged Networks Prepared for : Telcordia Contact: John F. Kimmins Executive Director.

Encrypting Wireless Data with VPN Techniques

U M T S F o r u m © UMTS 2002 UMTS Security aspects UMTS Forum ICTG Chair Bosco Fernandes Siemens AG

Colombo, Sri Lanka, 7-10 April 2009 Preferential Telecommunications Service Access Networks Lakshmi Raman, Senior Staff Engineer Intellectual Ventures.

Internet Protocol Security (IP Sec)

Voice and Data Encryption over mobile networks July 2012 IN-NOVA TECNOLOGIC IN-ARG SA MESH VOIP.

Addressing Security Issues IT Expo East Addressing Security Issues Unified Communications SIP Communications in a UC Environment.

Securing Emerging Mobile Technology JOHN G. LEVINE PH.D. D/CHIEF ARCHITECTURE GROUP 13 SEP

Introduction to z/OS Security Lesson 4: There’s more to it than RACF

Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.

1 Voice over Internet Protocol (VoIP) Security Affects on the IP Network Architecture Conference ICS – Wireless Group Meeting Tempe, Arizona.

1.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 1: Introducing Windows Server.

Solutions for SIP The SIP enabler We enable SIP communication for business What the E-SBC can do for you.

Internet, Intranet and Extranets

16254_08_2002 © 2002, Cisco Systems, Inc. All rights reserved. Cisco’s Security Vision Mario Mazzola Chief Development Officer August 29, 2002.

IS Network and Telecommunications Risks

A Security Pattern for a Virtual Private Network Ajoy Kumar and Eduardo B. Fernandez Dept. of Computer Science and Eng. Florida Atlantic University Boca.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

In this section, we'll cover one of the foundations of network security issues, It talks about VPN (Virtual Private Networks). What..,Why..,and How….?

NETWORKS Lauren Hickman Patrick McCamy Morgan Pace Noah Ryder.

1 VOIP Network Threats Let the subscribers beware Gerard Wilkes October 24, 2006.

5/3/2006 tlpham VOIP/Security 1 Voice Over IP and Security By Thao L. Pham CS 525.

Secure Telephony Enabled Middle-box (STEM) Maggie Nguyen Dr. Mark Stamp SJSU - CS 265 Spring 2003 STEM is proposed as a solution to network vulnerabilities,

Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.

Data Centers and IP PBXs LAN Structures Private Clouds IP PBX Architecture IP PBX Hosting.

Network Topology. Cisco 2921 Integrated Services Router Security Embedded hardware-accelerated VPN encryption Secure collaborative communications with.

Copyright Microsoft Corp Ramnish Singh IT Advisor Microsoft Corporation Secure Remote Access Challenges, Choices, Best Practices.

1 © 2005 Cisco Systems, Inc. All rights reserved. JP_GSA _08_2005_c1 Making Your IP Communications Implementation Secure and Resilient Kevin Flynn.

CISCO CONFIDENTIAL – DO NOT DUPLICATE OR COPY Protecting the Business Network and Resources with CiscoWorks VMS Security Management Software Girish Patel,

IT Expo SECURITY Scott Beer Director, Product Support Ingate

Health IT RESTful Application Programming Interface (API) Security Considerations Transport & Security Standards Workgroup March 18, 2015.

1 Chapter 6 Network Security Threats. 2 Objectives In this chapter, you will: Learn how to defend against packet sniffers Understand the TCP, UDP, and.

VoIP security : Not an Afterthought. OVERVIEW What is VoIP? Difference between PSTN and VoIP. Why VoIP? VoIP Security threats Security concerns Design.

CHAPTER 2 PCs on the Internet Suraya Alias. The TCP/IP Suite of Protocols Internet applications – client/server applications The client requested data.

Module 9: Planning Network Access. Overview Introducing Network Access Selecting Network Access Connection Methods Selecting a Remote Access Policy Strategy.

Copyright © 2006 CyberRAVE LLC. All rights reserved. 1 Virtual Private Network Service Grid A Fixed-to-Mobile Secure Communications Framework Managed Security.

1 A high grade secure VoIP using the TEA Encryption Algorithm By Ashraf D. Elbayoumy 2005 International Symposium on Advanced Radio Technologies Boulder,

Applied Communications Technology Voice Over IP (VOIP) nas1, April 2012 How does VOIP work? Why are we interested? What components does it have? What standards.

Module 8: Designing Network Access Solutions. Module Overview Securing and Controlling Network Access Designing Remote Access Services Designing RADIUS.

VoIP Security in Service Provider Environment Bogdan Materna Chief Technology Officer Yariba Systems.

ECEN “Internet Protocols and Modeling”, Spring 2012 Slide 2.

September 15, 2003FG3 Report FOCUS GROUP 3 Interoperability Report to NRIC VI Council September 15, 2003 Cliff Naughton (Boeing)

Chapter 9 Networking & Distributed Security. csci5233 computer security & integrity (Chap. 9) 2 Outline Overview of Networking Threats Wiretapping, impersonation,

1 Presentation_ID © 1999, Cisco Systems, Inc. Cisco All-IP Mobile Wireless Network Reference Model Presentation_ID.

Focus On Bluetooth Security Presented by Kanij Fatema Sharme.

DICOMwebTM 2015 Conference & Hands-on Workshop University of Pennsylvania, Philadelphia, PA September 10-11, 2015 Keeping it Safe – Securing DICOM Robert.

Need for Security Control access to servicesControl access to services Ensure confidentialityEnsure confidentiality Guard against attacksGuard against.

Network Reliability and Interoperability Council VII NRIC Council Meeting Focus Group 1B Network Architectures for Emergency Communications in 2010 September.

Fostering worldwide interoperabilityGeneva, July 2009 The Home Network: Where Convergence Takes Hold Tim Jeffries, VP Technology and Business Development,

Understand Network Isolation Part 2 LESSON 3.3_B Security Fundamentals.

1 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public © 2003, Cisco Systems, Inc. All rights reserved. Cisco Unified Communications Model RFP.

1 © 2005 Cisco Systems, Inc. All rights reserved. Think Secure IP Communications, Think Cisco Danelle Au Product Manager, Access Technology Group.

IPSec is a suite of protocols defined by the Internet Engineering Task Force (IETF) to provide security services at the network layer. standard protocol.

“End to End VoIP“ The Challenges of VoIP Access to the Enterprise Charles Rutledge VP Marketing Quintum Technologies

IS3220 Information Technology Infrastructure Security

Analysis of SIP security Ashwini Sanap ( ) Deepti Agashe ( )

SIP & How It Relates To YOUR Business. Jeff S. Olson Director of Marco Carrier Services David Bailey-Aldrich Technology.

Lecture 7 (Chapter 17) Wireless Network Security Prepared by Dr. Lamiaa M. Elshenawy 1.

Securing Interconnect Networks By: Bryan Roberts.

January 23-26, 2007 Ft. Lauderdale, Florida Services Transformation New Approaches to Delivering Blended Services Over IP Networks Keith Chappell Alcatel-Lucent.

Chapter 1: Explore the Network

Internet, Intranet and Extranets

Internet, Intranet and Extranets

Configuring and Troubleshooting Routing and Remote Access

Internet, Intranet and Extranets

Unit 27: Network Operating Systems

Goals Introduce the Windows Server 2003 family of operating systems

Cengage Learning: Computer Networking from LANs to WANs

Introduction to Networking Security

Presentation transcript:

January 23-26, 2007 Ft. Lauderdale, Florida IP Communications, Secure – By Design Roger W. Farnsworth

January 23-26, 2007 Ft. Lauderdale, Florida A Bit of Hyperbole?

January 23-26, 2007 Ft. Lauderdale, Florida The IP Conundrum The same IP technology that enables IP Communications solutions to: –Boost productivity –Increase mobility –Enhance flexibility Also creates additional MANAGEABLE security challenges These new challenges exist whether the IP upgrade is incremental or total

January 23-26, 2007 Ft. Lauderdale, Florida The Challenge of Securing IP Voice The threats are familiar to both voice and data professionals: –Eavesdropping –Impersonation –Toll fraud –Denial of service Both “phreakers” and “hackers” are lurking The protection of both voice and data communication is critical to the business 55

January 23-26, 2007 Ft. Lauderdale, Florida Reality Check After Before

January 23-26, 2007 Ft. Lauderdale, Florida Evaluate the Threats Objectively Understand the costs of security incidents: –Measurable: fraud, downtime, man-hours, physical destruction, intellectual property, lawsuits –Non-measurable: reputation, customer privacy, medical information, loss of life Assign risk and quantify the costs Determine appropriate levels of protection

January 23-26, 2007 Ft. Lauderdale, Florida The Paradigm Must Change: A Network-Based Systems Approach An automated security system is required to address unknown (or “Day Zero”) threats Security must be applied at multiple layers of the system to address sophisticated blended threats and defend against multiple avenues of attack All elements of the security system must be integrated to initiate a coordinated response

January 23-26, 2007 Ft. Lauderdale, Florida Protect All Levels of IP Communications INFRASTRUCTURE ENDPOINTS CALL CONTROL APPLICATIONS IP COMMUNICATIONS SYSTEM TRANSPORT Secure, Reliable Communications that Connects All of the Other Components VALUE-ADDED COMPONENTS Messaging, Customer Care, and Other Application Software SYSTEM CONFIG AND OPERATION Infrastructure and Protocols for Call Management and Operation IP Phones, Video Terminals, and Other Delivery Devices USER INTERFACES

January 23-26, 2007 Ft. Lauderdale, Florida Security Preparation - Only as Strong as the Weakest Link A measured approach to securing the entire network is critical XXX Infrastructure X X X Call Control XXX Endpoints XXX Applications CONTROLPROTECTIONPRIVACY

January 23-26, 2007 Ft. Lauderdale, Florida Intranet Internet Secure IP Communications Systems Approach in Action Infrastructure VLAN segmentation Layer 2 protection Firewall / IDS QoS and thresholds Secure VPN Wireless security Gateway SRTP Call Management Hardened Windows OS Digital certificates Signed software images TLS signaling Integrated CSA SSL enabled directory Applications Secure voice messaging LDAP Multi-level admin Toll fraud protection https management Hardened platforms h.323 and SIP signaling Endpoints Digital certificates Authenticated phones GARP protection TLS protected signaling SRTP media encryption Centralized management

January 23-26, 2007 Ft. Lauderdale, Florida Standards Bodies in Action Identity Media authorization Keying protocols Firewall transit Identity Media authorization Keying protocols Firewall transit H.235 framework Signaling protection Protocol streams H.235 framework Signaling protection Protocol streams IETF ITU SIP Forum SIPit Security interoperability SIP over TLS Interconnection SIPit Security interoperability SIP over TLS Interconnection

January 23-26, 2007 Ft. Lauderdale, Florida There is Nothing to Fear Except Fear Itself IP Communications solutions can be as secure, or more secure, than traditional PBX systems –Security remains a top issue of IP Communications customers –A comprehensive, systems approach is best –The industry is committed to delivering the most secure, reliable solutions possible –The future holds great promise for new applications

January 23-26, 2007 Ft. Lauderdale, Florida More Information Your vendor or partner