Common Misconceptions Alan D. Percy Director of Market Development The Truth of Enterprise SIP Security.

Slides:



Advertisements
Similar presentations
The leader in session border control for trusted, first class interactive communications.
Advertisements

Copyright © 2007 Telcordia Technologies Challenges in Securing Converged Networks Prepared for : Telcordia Contact: John F. Kimmins Executive Director.
Voice Security Interop 2009 Mark D. Collier SecureLogix Corporation
Addressing Security Issues IT Expo East Addressing Security Issues Unified Communications SIP Communications in a UC Environment.
Building Applications with SIP Conferencing / Collaboration Alan D. Percy Director, Market Development AudioCodes.
Tom Behrens Adam Muniz. Overview What is VoIP SIP Sessions H.323 Examples Problems.
Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.
The study and demonstration on SIP security vulnerabilities Mahidhar Penigi Vamsi Krishna Karnati.
SIP Security & the Future of VoIP Nate Klingenstein APAN 26 Queenstown August 5, ~ndk/apanSIP.pdf.
Solutions for SIP The SIP enabler We enable SIP communication for business What the E-SBC can do for you.
Enabling SIP to the Enterprise Steve Johnson, Ingate Systems Security: How SIP Improves Telephony.
Chapter 14 Wireless Attacks, Intrusion Monitoring and Policy
Securing Unified Communications Mor Hezi VP Unified Communications AudioCodes.
September 19, 2006speermint interim1 VoIP Threats and Attacks Alan Johnston.
Software Security Threats Threats have been an issue since computers began to be used widely by the general public.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.
Firewalls Presented by: Sarah Castro Karen Correa Kelley Gates.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Secure Telephony Enabled Middle-box (STEM) Maggie Nguyen Dr. Mark Stamp SJSU - CS 265 Spring 2003 STEM is proposed as a solution to network vulnerabilities,
Rajeev Bevara CS-555 Security Threats in VoIP. What is VoIP ? ➔ VOIP - Voice Over Internet Protocol. ➔ Delivery of voice communications and multimedia.
Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.
VoIP Security Sanjay Kalra Juniper Networks September 10-12, 2007 Los Angeles Convention Center Los Angeles, California 3 VoIP Issues.
Improving Customer Satisfaction Through Advances in Remote Management Technology Greg Michel Product Manager Quintum Technologies Inc.
IT Expo SECURITY Scott Beer Director, Product Support Ingate
Version 1.0 by Simon HarrisonJune 14th 2013 VIRTUAL CONTACT CENTER in the Cloud Vocalcom High Availability Voice Mediant 4000 SBC Configuration.
© 2008 AudioCodes Ltd. All rights reserved. Advanced Topologies for Microsoft Unified Communications Networks Haim Melamed Director, Corporate & Channel.
© 2009 AudioCodes Ltd. All rights reserved. AudioCodes CPE Carrier Applications.
© 2010 AudioCodes Ltd. All rights reserved. AudioCodes Confidential Proprietary AudioCodes Solutions for Microsoft Unified Communications 2010 Bruno PEUCH.
1Cisco Security NOW © 2003, Cisco Systems, Inc. All rights reserved. THIS IS THE POWER OF CISCO SECURITY. now.
1 Chapter 6 Network Security Threats. 2 Objectives In this chapter, you will: Learn how to defend against packet sniffers Understand the TCP, UDP, and.
The Voice Security Company Kirk Vaughan Product Director –VoIP SIP Application Security.
Copyright Security-Assessment.com 2005 VoIP 2 Is free too Expensive? by Darren Bilby and Nick von Dadelszen.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Ingate & Dialogic Technical Presentation SIP Trunking Focused.
PART 2: Product Line. Tenor Switches & Gateways Tenor AX Series Solution For Medium to Large Enterprises  Available in 8, 16, 24 and 48 port Available.
VoIP security : Not an Afterthought. OVERVIEW What is VoIP? Difference between PSTN and VoIP. Why VoIP? VoIP Security threats Security concerns Design.
Towards a Scalable and Secure VoIP Infrastructure Towards a Scalable and Secure VoIP Infrastructure Lab for Advanced Networking Systems Director: David.
Version 1.0June 11th 2013 VIRTUAL CONTACT CENTER in the Cloud Cloud Contact Center Global Infrastructure for Aditya Birla Minacs.
Protecting VoIP networks against denial of service and service theft Henning Schulzrinne with Gaston Ormazabal (Verizon) and IRT graduate students Dept.
FIREWALLS Vivek Srinivasan. Contents Introduction Need for firewalls Different types of firewalls Conclusion.
Quintum Confidential and Proprietary 1 Quintum Technologies, Inc. Session Border Controller and VoIP Devices Behind Firewalls Tim Thornton, CTO.
VoIP Security in Service Provider Environment Bogdan Materna Chief Technology Officer Yariba Systems.
بسم الله الرحمن الرحيم Islamic University of Gaza Electrical & Computer Engineering Department Prepared By : Eman Khaled El-mashharawi Miriam Mofeed El-Mukhallalati.
Firewall Technologies Prepared by: Dalia Al Dabbagh Manar Abd Al- Rhman University of Palestine
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Basic Security Networking for Home and Small Businesses – Chapter 8.
1 Topic 2: Lesson 3 Intro to Firewalls Summary. 2 Basic questions What is a firewall? What is a firewall? What can a firewall do? What can a firewall.
© 2006 Cisco Systems, Inc. All rights reserved. Cisco IOS Threat Defense Features.
Attack and Malicious Code Andrew Anaruk. Security Threats Denial of Service (DoS) Attacks Spoofing Social Engineering Attacks on Encrypted Data Software.
SIP Trunking As a Managed Service Why an E-SBC Matters By: Alon Cohen, CTO Phone.com.
Softswitch SIP Proxy Server Call Manager IP Telephony Router Tablet PC IP PBX Class 5 Switch Class 4 Switch PBX Access Gateway Broadband Router Voice Gateway.
“End to End VoIP“ The Challenges of VoIP Access to the Enterprise Charles Rutledge VP Marketing Quintum Technologies
Mr C Johnston ICT Teacher BTEC IT Unit 09 - Lesson 11 Network Security.
SYSTEM ADMINISTRATION Chapter 10 Public vs. Private Networks.
© 2011 AudioCodes Ltd. All rights reserved. AudioCodes Confidential Proprietary Avaya DevConnect Certified Enterprise Session Border Controllers April.
MediantTM 1000 Multi Service Business Gateway
SIP & How It Relates To YOUR Business. Jeff S. Olson Director of Marco Carrier Services David Bailey-Aldrich Technology.
March 2009 Sipera Overview. 2 © 2009 Sipera Systems, Inc. All Rights Reserved. About Sipera  Leader in real-time Unified Communications (UC) security.
1Security for Service Providers – Dave Gladwin – Newport Networks – SIP ’04 – 22-Jan-04 Security for Service Providers Protecting Service Infrastructure.
Securing Information Systems
Network Security Marshall Leitem 11/30/04
The study and demonstration on SIP security vulnerabilities
Securing Information Systems
Networking for Home and Small Businesses – Chapter 8
Networking for Home and Small Businesses – Chapter 8
Networking for Home and Small Businesses – Chapter 8
Presentation transcript:

Common Misconceptions Alan D. Percy Director of Market Development The Truth of Enterprise SIP Security

3 Threat is widely recognized “Security Is IP Networking's Downside” Gartner Report, 2006 “SIP is not an easy protocol to secure.” RFC 3261 “T.J. Max theft is believed largest hack ever” AP Newswire, March 30, 2007 “…SIP is vulnerable to certain attacks.” RFC 3329

4 Known Threats Known SIP Security Threats: –Theft of services (unauthorized use of your network) –Recording and eavesdropping –Call Detail Capturing (tracking who you call and for how long) –Spoofing and Man-in-the-middle (Phone Phishing) –Denial of Service Attacks –Registration Flooding –Malformed Messages –Unsolicited incoming calling (SPIT) –Trojan horse devices –Viruses and Worms –and more.

5 Three Misconceptions about Security

6 Misconception #1 Eavesdropping VoIP is easy

7 IP-PBX SIP Architecture Media Gateway LAN Switch PST N SIP SIP Phones SIP T1/E1 Secure Facility Secured with SIP/TLS SRTP IP-PBX

8 Points of Risk Signaling Media IP Management SIP/ TLS SRTP HTTPS

9 Misconception #2 SIP Trunking is easy to secure with a SIP Firewall

10 SIP Trunking is at Risk SIP Trunking without correct protection is open to DoS attack, theft of service and other threats too!

11 Protecting Against DoS Attacks One of two approaches: 1.Use PSTN Trunking Cannot execute a DoS attack over a PSTN circuit Media gateway insulates enterprise from outside world Enterprise uses PSTN as a “moat” around SIP Island 2.Secure SIP Trunks with SBC Firewalls do not fully protect against DoS Many SIP Security devices don’t support SIP/TLS or SRTP Protect with an Enterprise-class Session Border Controller

12 SBC – Includes DoS Filtering and Rate Limiting ICMP ARP Request ARP Response DTMF SIP - Invite SIP - Register SIP- Response SIP - Unknown SIP - Other SIP - Register SIP - Other DoS Filters Un-Solicited SIP Traffic Established SIP Signaling “Pinholes” nRT - HI nRT - LO Best Effort Port SIP App Server Traffic Management/Shaping maintain per queue rate, size and discard policy RADIUS VRRP Dispatcher Rate Limiting & Prioritization Application Intelligence

13 Misconception #3 Security is very expensive

14 AudioCodes Solutions with Security Mediant 2000 Scalable Digital Media Gateway Mediant 1000 Modular Media Gateway MediaPack MP-11x Analog Media Gateway All support HTTPS, SIP/TLS, and SRTP Mediant 1000 MSBG with Integrated SBC

15 Good Security Practices for Enterprises  Deploy encryption security (SIP/TLS and SRTP)  Secure the front door (trunk lines)  PSTN Trunking or Enterprise SBC  Secure the back door (set and manage the passwords)  Control access  Manage software on all the devices in the system  Eliminate WiFi access  Keep an audit trail

16 Q/A and More Information or

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.