VoIP SEAL 2.0 Security Suite for SIP enabled networks Thilo Ewald, Nico dHeureuse, Saverio Niccolini, Jan Seedorf NEC Europe Ltd., Heidelberg, Germany.

Slides:

Advertisements

Similar presentations

© Copyright 2007 Exempler Telecom Test Automation System Exempler - We pride ourselves with providing lightweight robust engineering solutions.

Advertisements

Unified Communications Bill Palmer ADNET Technologies, Inc.

The leader in session border control for trusted, first class interactive communications.

Fall VoN 2000 SIP Servers SIP Servers: A Buyers Guide Jonathan Rosenberg Chief Scientist.

Fraunhofer FOKUS 2007 VoIP Defender The Future of VoIP Protection Fraunhofer FOKUS Institute, Germany.

BGP-SRx BGP - Secure Routing Extension BRITE BGP Security / RPKI Interoperability Test & Evaluation Doug Montgomery 1IETF 802/12/2014.

Copyright © 2007 Telcordia Technologies Challenges in Securing Converged Networks Prepared for : Telcordia Contact: John F. Kimmins Executive Director.

Voice and Data Encryption over mobile networks July 2012 IN-NOVA TECNOLOGIC IN-ARG SA MESH VOIP.

SIP Trunking A VASP Perspective Thomas Roel Convergence Sales Engineer

1 Effective, secure and reliable hosted security and continuity solution.

OneBridge Mobile Data Suite Product Positioning. Target Plays IT-driven enterprise mobility initiatives Extensive support for integration into existing.

Stonesoft Roadmap WHAT FEATURES WILL COME IN

Remote Desktop Services

 Physical Logical Access  Physical and Logical Access  Total SSO and Password Automation  Disk/Data Encryption  Centralized management system  Biometric.

Solutions for SIP The SIP enabler We enable SIP communication for business What the E-SBC can do for you.

Enabling SIP to the Enterprise Steve Johnson, Ingate Systems Security: How SIP Improves Telephony.

Honey Pots: Natures Dessert or Cyber Defense Tool? Eric Richardson.

Nada Abdulla Ahmed.  SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Designed for ease of use, SmoothWall.

Testing SIP Services Over IP. Agenda  SIP testing – advanced scenarios  SIP testing - Real Life Examples.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

The Business and Technology of Caching-based Services for State Education Networks Mike Lane Cacheflow, Inc. Phone (773)

 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.

IIS 7: The Next Generation Web Application Server Platform Michael Volodarsky Program Manager Web Platform and Tools Team Microsoft Corporation.

Installing and Maintaining ISA Server. Planning an ISA Server Deployment Understand the current network infrastructure Review company security policies.

Customized solutions. Keep It Secure Contents  Protection objectives  Endpoint and server software  Protection.

VoIP Meeting Requirements 22/03/2006 – Saverio Niccolini and Fabio Vena.

Windows ® Powered NAS. Agenda Windows Powered NAS Windows Powered NAS Key Technologies in Windows Powered NAS Key Technologies in Windows Powered NAS.

 2013, Infotecs ViPNet Technology Advantages.  2013, Infotecs GmbH In today’s market, along with the ViPNet technology, there are many other technologies.

Securing Legacy Software SoBeNet User group meeting 25/06/2004.

©2003–2008 Check Point Software Technologies Ltd. All rights reserved. CheckPoint new security architecture and R70 highlights.

UC Security with Microsoft Office Communication Server R1/R2 FRHACK Sept 8, 2009 Abhijeet Hatekar Vulnerability Research Engineer.

Module 9 Configuring Server Security Compliance. Module Overview Securing a Windows Infrastructure Overview of EFS Configuring an Audit Policy Overview.

Central Online Grading System COGS Dec15-21 dec1521.sd.ece.iastate.edu.

1 Autonomic Computing An Introduction Guenter Kickinger.

Technology Overview. Agenda What’s New and Better in Windows Server 2003? Why Upgrade to Windows Server 2003 ?  From Windows NT 4.0  From Windows 2000.

What is FORENSICS? Why do we need Network Forensics?

TRUSTPORT PRODUCT PORTFOLIO Marcela Parolkova Sales Director.

15 Copyright © 2005, Oracle. All rights reserved. Performing Database Backups.

[Unrestricted]—For everyone ©2009 Check Point Software Technologies Ltd. All rights reserved. Introducing Check Point’s Software Blade Architecture Juliette.

CSC8320. Outline Content from the book Recent Work Future Work.

Module 5: Configuring Internet Explorer and Supporting Applications.

IP Security IP sec IPsec is short for Internet Protocol Security. It was originally created as a part of IPv6, but has been retrofitted into IPv4. It.

ﺑﺴﻢﺍﷲﺍﻠﺭﺣﻣﻥﺍﻠﺭﺣﻳﻡ. Group Members Nadia Malik01 Malik Fawad03.

Hands-On Microsoft Windows Server Implementing Microsoft Internet Information Services Microsoft Internet Information Services (IIS) –Software included.

Module 7: Advanced Application and Web Filtering.

Resilient Overlay Networks Robert Morris Frans Kaashoek and Hari Balakrishnan MIT LCS

11 CLUSTERING AND AVAILABILITY Chapter 11. Chapter 11: CLUSTERING AND AVAILABILITY2 OVERVIEW  Describe the clustering capabilities of Microsoft Windows.

Exchange Deployment Planning Services Exchange 2010 Complementary Products.

Information Services Internet Accounting Workshop 1 st Feb 2011 Peter Kurtz Manager, Network & Communication Services.

Module 10: Windows Firewall and Caching Fundamentals.

Venus Project Brief Description. What It Do What Monitor Log Analyze Block Narrow Report Search Where Single stations Internet Gates Special Devices Web.

Understand Network Isolation Part 2 LESSON 3.3_B Security Fundamentals.

Update on ETSI Security work Charles Brookson OCG Security Chairman DOCUMENT #:GSC13-PLEN-57 FOR:Information SOURCE:Charles Brookson AGENDA ITEM:6.3

DenyAll Delivering Next-Generation Application Security to the Microsoft Azure Platform to Secure Cloud-Based and Hybrid Application Deployments MICROSOFT.

Illinois Health Network The 14th Global Grid Forum Chicago, Illinois June 27, 2005.

Acme Packet Palladion 04/26/12. Palladion Software Suite 5/26/122 Acme Packet confidential.

ASHRAY PATEL Securing Public Web Servers. Roadmap Web server security problems Steps to secure public web servers Securing web servers and contents Implementing.

March 2009 Sipera Overview. 2 © 2009 Sipera Systems, Inc. All Rights Reserved. About Sipera  Leader in real-time Unified Communications (UC) security.

Clouding with Microsoft Azure

Barracuda Web Security Flex

CLIF meets Jenkins Performance testing in continuous integration, and more... Bruno Dillenseger - Orange Labs CLIF is OW2's load testing framework project,

IP Security IP sec IPsec is short for Internet Protocol Security. It was originally created as a part of IPv6, but has been retrofitted into IPv4. It works.

Securing the Network Perimeter with ISA 2004

Instantiation of the Concept in GAMMA Prototypes

An Innovative Distributive Training and Information Platform

Global One Communications

Presentation transcript:

VoIP SEAL 2.0 Security Suite for SIP enabled networks Thilo Ewald, Nico dHeureuse, Saverio Niccolini, Jan Seedorf NEC Europe Ltd., Heidelberg, Germany [ewald, dheureuse, niccolini,

June 23, 2008 VoIP SEAL Vision –Attacks on NGN networks will evolve: (D)DoS, Interception and Modification, Abuse of Service (Fraud), Social attacks (e.g., SPIT) –Security and troubleshooting will be fundamental Key issues –Encryption and authentication will not be enough –No single method of detection and protection –Flexible detection and protection technology is required Solution –Holistic security detection and prevention framework for SIP-based infrastructures (VoIP) SEcure Application Level firewall (SEAL) Modular, extensible and distributed platform Multiple different SIP-enabled detection and protection modules cooperate Easily adaptable to different network scenarios VoIP SEAL

June 23, 2008 Envisioned Deployment Scenarios 1.Offline analysis -Analysis of call data records, log files, network traces, … -Manual redirection to Stage-2 test (by operator) VoIP SEAL Operator CSCF CDRs Stage 1 VoIP SEAL Stage 2 User 2.Online monitoring -Real-time traffic monitoring -Automatic redirection to Stage-2 test 3.Inline protection (SEAL 2.0) -Real-time traffic interception -5 stage protection system VoIP SEAL Operator CSCF Stage 1 VoIP SEAL Stage 2 User VoIP SEAL Operator CSCF Stage 1 VoIP SEAL Stage 2 User

June 23, 2008 VoIP SEAL 2.0 What changed since IPTComm 2007? 1.Distributed deployment -Collaborative scoring -SBC -Application Server -User Equipment 2.Personalization -Personal Black-/WhiteLists -Personal Stage-2 tests -Multi language -Feedback & Configuration via -Web interface -Minibrowser (COTS SIP phone) 3.Improvements on algorithms - e.g. DTMF-Tests, Greylisting, HoneyVoIP SBC SIP infrastructure Internet / outer network (unprotected) Operator / Customer network (VoIP SEAL protected) HoneyVoIP VoIP SEAL - AS