Presentation is loading. Please wait.

Presentation is loading. Please wait.

Addressing Security Issues IT Expo East 2011. Addressing Security Issues Unified Communications SIP Communications in a UC Environment.

Published byRoss Brassington Modified over 10 years ago

Similar presentations

Presentation on theme: "Addressing Security Issues IT Expo East 2011. Addressing Security Issues Unified Communications SIP Communications in a UC Environment."— Presentation transcript:

1 Addressing Security Issues IT Expo East 2011

2 Addressing Security Issues Unified Communications SIP Communications in a UC Environment

3 Addressing SIP Security Security Why is Security Important? End of Geography IP Protocol is an OPEN network system, no longer need to be physically present Any IP Address can connect with any other IP Address, WAN to WAN, WAN to LAN, LAN to WAN, and LAN to LAN. Prevent Fraudulent Activities Prevent Disruption of Service

4 SIP Trunk-UC Workshop The Role of an E-SBC - Security Common SIP Attacks Intrusion of Services (or Stealth of Service) Devices attempting Register with a IP-PBX in an attempt to look like an IP-PBX extension and gain IP-PBX services SPIT (SPAM over Internet Telephony) Toll Fraud A form of an Intrusion of Service, where malicious attempts to send INVITEs to an IP-PBX to gain access to PSTN Gateways and SIP Trunking to call the PSTN Denial of Service INVITE (or any SIP Request) Flood in an attempt to slow services or disrupt services Or any UDP or TCP traffic directed at a SIP Service on SIP Ports Indirect Security Breaches

5 Typical Network Deployments Internet Managed Service Provider Hosted or Cloud Services

6 Addressing Security Issues Secured Unified Communications over the Internet

7 Addressing Security Issues Typical Network Deployments Internet Telephony Service Providers Delivery of SIP Trunking Services over the Public Internet Security Advantages One Control Point Any Trunking Service from Anywhere Terminate Local, Out of State, and International numbers Most Flexible delivery of SIP in UC Optimize Bandwidth for Voice & Data traffic – QoS Security Disadvantages Highest level of typical Internet security concerns, DoS, Vishing, Fuzzying, Thieft of Service (Toll Fraud) and others Access Control Lists are not enough, more detailed inspection is required

8 Addressing Security Issues Typical Network Deployments - ITSP Addressing Internet SIP Security There is an obvious need to have a Security, as Internet is the Most insecure network Prevent Fraudulent Activities Identify Theft, Toll Fraud, Spoofing, Misuse SPAM, SPIT Vishing Eavesdropping Data Mining Reconnaissance Prevent Disruption of Service Denial of Service Fuzzing

9 Addressing Security Issues Secured Unified Communications over a Managed Service Provider

10 Addressing Security Issues Typical Network Deployments Managed Telephony Service Providers Delivery of SIP Trunking Services over the Private Carrier Service The Enterprise Customer still needs to protect their assets and intellectual property. Security Advantages No Internet SIP security concerns from the Carrier– Whoo Hoo! Security Disadvantages No Optimization of Voice and Data Bandwidth Customer Enterprise still connecting to an Untrusted Network There is still an Internet Connection somewhere at the Enterprise… What if the Managed Service Provider is providing both Internet and SIP?

11 Addressing Security Issues Typical Network Deployments - Managed Addressing Managed Service Provider SIP Security There little to no risk of Internet type Security Risks From the Enterprise Customers perspective, The Carrier Network is still Untrusted – Anything that is not their own and not under their security to protect their assets and intellectual property Only allow SIP Communications from the Carrier Prevent Fraudulent Activities Identify Theft, Toll Fraud, Spoofing, Misuse – In Both Directions Data Mining

12 Addressing Security Issues Secured Unified Communications over a Hosted Service Provider

13 Addressing Security Issues Typical Network Deployments Hosted Telephony Service Providers Delivery of SIP Trunking and other Services over a Hosted Service Provider (Services In the Cloud) Can be delivered over the Internet or Managed private carrier service In ether deployment Enterprise Customer has to protect their assets and intellectual property Advantages & Disadvantages When over the Internet – Same as before When over Managed – Same as before

14 Addressing Security Issues Typical Network Deployments - Managed Addressing Hosted Service Provider SIP Security Depends on method of deployment, following issues mentioned before. From the Enterprise Customers perspective: The Carrier Network is still Untrusted – Anything that is not their own and not under their security to protect their assets and intellectual property Only allow SIP Communications to the Carrier Prevent All Fraudulent Activities Identify Theft, Toll Fraud, Spoofing, Misuse – In both directions Data Mining

15 SIP Trunk-UC Workshop The Role of an E-SBC - Security Why is SIP Security Better than PSTN? Encryption Transport Layer Security (TLS) – Encryption of SIP Signaling

16 SIP Trunk-UC Workshop The Role of an E-SBC - Security Why is SIP Security Better than PSTN? Encryption Secure RTP (SRTP) – Encryption of Media

17 SIP Trunk-UC Workshop The Role of an E-SBC - Security Why is SIP Security Better than PSTN? Prevent Fraudulent Activities Access Control Traffic Policies Topology Hiding Encryption Prevent Disruption of Service Intrusion Detection Service / Intrusion Prevention Service Blacklisting

18 THE END

Download ppt "Addressing Security Issues IT Expo East 2011. Addressing Security Issues Unified Communications SIP Communications in a UC Environment."

Similar presentations

The leader in session border control for trusted, first class interactive communications.

The leader in session border control for trusted, first class interactive communications.
Voice Security Interop 2009 Mark D. Collier SecureLogix Corporation

Voice Security Interop 2009 Mark D. Collier SecureLogix Corporation
SIP Trunking A VASP Perspective Thomas Roel Convergence Sales Engineer 651.796.7043

SIP Trunking A VASP Perspective Thomas Roel Convergence Sales Engineer
SIP Trunk-UC Workshop IT Expo 2011.

SIP Trunk-UC Workshop IT Expo 2011.
Aeonix & Ingate Role in Enterprise

Aeonix & Ingate Role in Enterprise
CANTO – 2006 Information Security and Voice over IP (VoIP) Robert Potvin, CISSP VP - Strategic Consulting June 21st, 2006.

CANTO – 2006 Information Security and Voice over IP (VoIP) Robert Potvin, CISSP VP - Strategic Consulting June 21st, 2006.
1 What’s Next For SIP Trunking? Carriers Enabling and Bringing WebRTC Features With Their Trunks © 2015 Ingate Systems AB Prepared for:Ingate SIP Trunking,

1 What’s Next For SIP Trunking? Carriers Enabling and Bringing WebRTC Features With Their Trunks © 2015 Ingate Systems AB Prepared for:Ingate SIP Trunking,
What does an SBC do? Speaker Notes/Script:

What does an SBC do? Speaker Notes/Script:
1 Tapping the Potential of the PBX Lindsay Kintner VP Product Management Tadiran Telecom.

1 Tapping the Potential of the PBX Lindsay Kintner VP Product Management Tadiran Telecom.
Tom Behrens Adam Muniz. Overview What is VoIP SIP Sessions H.323 Examples Problems.

Tom Behrens Adam Muniz. Overview What is VoIP SIP Sessions H.323 Examples Problems.
Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.

Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.
SIP Security & the Future of VoIP Nate Klingenstein APAN 26 Queenstown August 5, 2008 ~ndk/apanSIP.pdf.

SIP Security & the Future of VoIP Nate Klingenstein APAN 26 Queenstown August 5, ~ndk/apanSIP.pdf.
Karl Stahl CEO/CTO Ingate Systems Ingate’s SBCs do more than POTSoIP SIP. They were developed.

Karl Stahl CEO/CTO Ingate Systems Ingate’s SBCs do more than POTSoIP SIP. They were developed.
Ingate Firewall & SIParator Product Training

Ingate Firewall & SIParator Product Training
Solutions for SIP The SIP enabler We enable SIP communication for business What the E-SBC can do for you.

Solutions for SIP The SIP enabler We enable SIP communication for business What the E-SBC can do for you.
Enabling SIP to the Enterprise Steve Johnson, Ingate Systems Security: How SIP Improves Telephony.

Enabling SIP to the Enterprise Steve Johnson, Ingate Systems Security: How SIP Improves Telephony.
1 © 2004, Cisco Systems, Inc. All rights reserved IP Telephony Security Cisco Systems.

1 © 2004, Cisco Systems, Inc. All rights reserved IP Telephony Security Cisco Systems.
TeleWall, TeleSweep Secure, TeleAudit, TeleVPN, ETM, TeleView, TeleBridge, TeleIDS, TeleWall NET, SecureLogix, SecureLogix Corporation and the SecureLogix.

TeleWall, TeleSweep Secure, TeleAudit, TeleVPN, ETM, TeleView, TeleBridge, TeleIDS, TeleWall NET, SecureLogix, SecureLogix Corporation and the SecureLogix.
Securing Unified Communications Mor Hezi VP Unified Communications AudioCodes.

Securing Unified Communications Mor Hezi VP Unified Communications AudioCodes.
January 23-26, 2007 Ft. Lauderdale, Florida IP Communications, Secure – By Design Roger W. Farnsworth.

January 23-26, 2007 Ft. Lauderdale, Florida IP Communications, Secure – By Design Roger W. Farnsworth.

Similar presentations

Ads by Google