Presentation is loading. Please wait.

Presentation is loading. Please wait.

5/3/2006 tlpham VOIP/Security 1 Voice Over IP and Security By Thao L. Pham CS 525.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "5/3/2006 tlpham VOIP/Security 1 Voice Over IP and Security By Thao L. Pham CS 525."— Presentation transcript:

1 5/3/2006 tlpham VOIP/Security 1 Voice Over IP and Security By Thao L. Pham CS 525

2 25/3/2006tlpham VOIP/Security What is VoIP? Inexpensive phone service using the internet which transforms analog signals into digital signals for transmission over the internet. Inexpensive phone service using the internet which transforms analog signals into digital signals for transmission over the internet.

3 35/3/2006tlpham VOIP/Security VoIP call Flow Analog to Digital Converter Data Compression RTP Packets UDP Packets internet

4 45/3/2006tlpham VOIP/Security VoIP Components The IP networks: supports VoIP technology, ensures smooth transmission and prioritize packets accordingly. The call processor or controllers: setup calls, authorize users, calling plans and other basic telephone features (holding, transferring,etc.) The media or signaling gateways: call initiation, detection, analog to digital conversion. The subscriber terminals: provide real time communication, can be desk phone or soft phone.

5 55/3/2006tlpham VOIP/Security H.323 H.323 (includes H.325 & H.245): specifies a standardized infrastructure consists of four major components: specifies a standardized infrastructure consists of four major components: Terminals: provides real time communication Gateways: placed between circuit-switch network and IP network. Gateways: placed between circuit-switch network and IP network. Gatekeepers: provides call management functions, address resolution and bandwidth control. Multipoint Control Units: conferencing multiple connections.

6 65/3/2006tlpham VOIP/Security H.323 Architecture

7 75/3/2006tlpham VOIP/Security Session Initiation Protocol Discussed in another project on Wednesday

8 85/3/2006tlpham VOIP/Security Security Issues VoIP network be separated from data network: using logical address and subnet division, virtual LAN zoning. ACL, IP filtering and VLAN be implemented where there need to be a link between data segment and IP segment. Implement stateful firewalls: remembers traffic information in the header when filtering packets (for dynamic ports application). IP Soft phone be placed behind stateful firewalls. Use IPsec tunneling mode : encryption at header and datagram.

9 95/3/2006tlpham VOIP/Security Security Issues (cont) IPsec AH is incompatible with NAT : address behind NAT are masked -> Encapsulating IPsec packet in a new UDP packet. Use SRTP: offers encryption, authentication and periodic refreshment of session keys. Implement strict ACL at gateways. Implement NAT behind firewalls: issues with incoming call. Application Level Gateway on firewalls -> associate with overhead. Application Level Gateway on firewalls -> associate with overhead. Middle boxes-> have the same risks as a traditional box. Middle boxes-> have the same risks as a traditional box.

10 105/3/2006tlpham VOIP/Security Conclusion While VoIP is still maturing, companies are concerned about quality, latency and interoperability, many overlook security issues If not implemented properly, VoIP could lead to serious privacy violation and unwanted solicitation over IP telephones.

Download ppt "5/3/2006 tlpham VOIP/Security 1 Voice Over IP and Security By Thao L. Pham CS 525."

Similar presentations

The leader in session border control for trusted, first class interactive communications.

The leader in session border control for trusted, first class interactive communications.
H. 323 Chapter 4.

H. 323 Chapter 4.
A Presentation on H.323 Deepak Bote. Email, IM, blog…

A Presentation on H.323 Deepak Bote. , IM, blog…
H.323 Recommended by ITU-T for implementing packet-based multimedia conferencing over LAN that cannot guarantee QoS. Specifying protocols, methods and.

H.323 Recommended by ITU-T for implementing packet-based multimedia conferencing over LAN that cannot guarantee QoS. Specifying protocols, methods and.
Tom Behrens Adam Muniz. Overview What is VoIP SIP Sessions H.323 Examples Problems.

Tom Behrens Adam Muniz. Overview What is VoIP SIP Sessions H.323 Examples Problems.
Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.

Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.
Packet Based Multimedia Communication Systems H.323 & Voice Over IP Outline 1. H.323 Components 2. H.323 Zone 3. Protocols specified by H.323 4. Terminal.

Packet Based Multimedia Communication Systems H.323 & Voice Over IP Outline 1. H.323 Components 2. H.323 Zone 3. Protocols specified by H Terminal.
H.323 Recommendation published by ITU Ties together a number of protocols to allow multimedia transmission through an unreliable packet-based network 1996:

H.323 Recommendation published by ITU Ties together a number of protocols to allow multimedia transmission through an unreliable packet-based network 1996:
24/08/2005 IP Telephony1 Guided by: Presented by: Dr.S.K.Ghosh Nitesh Jain 05IT6008 M.Tech 1 st year.

24/08/2005 IP Telephony1 Guided by: Presented by: Dr.S.K.Ghosh Nitesh Jain 05IT6008 M.Tech 1 st year.
VoIP EE 548 Ashish Kapoor. Characteristics – Centralized and Distributed Control H.323 pushes call control functionality to the endpoint, while still.

VoIP EE 548 Ashish Kapoor. Characteristics – Centralized and Distributed Control H.323 pushes call control functionality to the endpoint, while still.
Agenda Virtual Private Networks (VPNs) Motivation and Basics Deployment Topologies IPSEC (IP Security) Authentication Header (AH) Encapsulating Security.

Agenda Virtual Private Networks (VPNs) Motivation and Basics Deployment Topologies IPSEC (IP Security) Authentication Header (AH) Encapsulating Security.
1 Network Architecture and Design Advanced Issues in Internet Protocol (IP) IPv4 Network Address Translation (NAT) IPV6 IP Security (IPsec) Mobile IP IP.

1 Network Architecture and Design Advanced Issues in Internet Protocol (IP) IPv4 Network Address Translation (NAT) IPV6 IP Security (IPsec) Mobile IP IP.
SCSC 455 Computer Security Virtual Private Network (VPN)

SCSC 455 Computer Security Virtual Private Network (VPN)
Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.

Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.
Principles of Information Security, 2nd Edition1 Firewalls and VPNs.

Principles of Information Security, 2nd Edition1 Firewalls and VPNs.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.

K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
Securing TCP/IP Chapter 6. Introduction to Transmission Control Protocol/Internet Protocol (TCP/IP) TCP/IP comprises a suite of four protocols The protocols.

Securing TCP/IP Chapter 6. Introduction to Transmission Control Protocol/Internet Protocol (TCP/IP) TCP/IP comprises a suite of four protocols The protocols.
Internet Protocol Security (IPSec)

Internet Protocol Security (IPSec)
Voice over IP (VoIP) Hani Al Ruwaili 221942 - Abdulkrem Al Zhrani 232701 Prepared for Dr. Samir Ghadhban.

Voice over IP (VoIP) Hani Al Ruwaili Abdulkrem Al Zhrani Prepared for Dr. Samir Ghadhban.
VPN – Virtual Private Networking. VPN A Virtual Private Network (VPN) connects the components of one network over another network. VPNs accomplish this.

VPN – Virtual Private Networking. VPN A Virtual Private Network (VPN) connects the components of one network over another network. VPNs accomplish this.

Similar presentations

Ads by Google