Download presentation
Presentation is loading. Please wait.
Published byAugust Perkins Modified over 9 years ago
1
VoIP Security Assessment Service www.securelogix.com Mark D. Collier Chief Technology Officer mark.collier@securelogix.com
2
VoIP systems are vulnerable: Platforms, network, and application are vulnerable VoIP-specific attacks are becoming more common Security isn ’ t always a consideration during deployment The threat is increasing: VoIP deployment is growing Deployments are critical to business operations Greater integration with the data network More attack tools being published The hacking community is taking notice VoIP Security Status
3
Internet Connection Internet Voice VLAN Public Voice Network Campus VoIP TDM Trunks TDM Phones IP Phones Data VLAN PCs IP PBX CM GatewayDNS Admin DB TFTP DHCP The threat is primarily internal
4
Internet Connection Internet Voice VLAN Public Voice Network Public VoIP SIP Trunks TDM Phones IP Phones Data VLAN PCs IP PBX CM GatewayDNS Admin DB TFTP DHCP And may also be external when SIP trunks are used
5
IP PBX: Server platforms Various gateway cards Supporting infrastructure Network: Switches, routers, firewalls VLAN configurations Endpoints: IP phones and softphones Vulnerabilities Across Components
6
General Purpose Operating System Network Stack (IP, UDP, TCP) VoIP Protocols Services TFTP, SNMP, DHCP, DB, Web Server Voice Application Worms/Viruses Targeting The Operating System Trivial DoS Attacks MITM Attacks TFTP Brute Force Attack SNMP Enumeration DHCP Starvation SQL Slammer Worm Vulnerabilities at Multiple Layers Flood DoS Fuzzing Application Attacks Poor Configuration Weak Passwords Insecure Management Insecure Architecture
7
There is no “ one ” security product that is needed for campus VoIP environments What is needed is to secure the various vendor VoIP offerings Securing deployments is possible, but requires proper configuration, features, and products SecureLogix is offering a VoIP security assessment service VoIP Security Assessment Service
8
Based on real-world enterprise assessment experience Ongoing custom test tool development Completed Hacking Exposed: VoIP Includes on-site assessments as well as remote-assisted VoIP Security Assessment Service
9
Vulnerability assessment process consisting of: Discovery tests (Footprinting, scanning, and enumeration) Network tests (DoS, eavesdropping, MITM) Vendor platform tests Application and configuration tests Tools are freeware, commercial, and proprietary Optional external visibility and access tests Optional penetration tests Security policy and checklist review Provide tailored recommendations Basic Process
10
Assessments are based on-site testing An “ appliance ” based, recurring assessment capability will be available in Q2. Engagements vary from 1-8 weeks, depending on scope Include testing of all model sites Staffed internally with SecureLogix personnel Delivered stand-alone or as part of a broader security assessment Cleared personnel for government engagementsDelivery
11
A subscription based service available in late Q2 A hardened Linux appliance is delivered and installed with the necessary network interfaces The appliance establishes an SSH connection with SecureLogix The appliance runs the same set of tests and reports. Some are automated and some are scheduled by SecureLogix The results are used to build the same set of reports Appliance-Based Delivery
12
Assessment report including: Executive summary Key findings Summarized results Tailored recommendations Executive and technical level presentation Security policy/checklist recommendations All raw dataDeliverables
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.