Addressing Security Issues

IT Expo East 2011

Addressing Security Issues Unified Communications

SIP Communications in a UC Environment

Addressing SIP Security Security

Why is Security Important?

End of Geography IP Protocol is an OPEN network system, no

longer need to be physically present Any IP Address can connect with any other IP

Address, WAN to WAN, WAN to LAN, LAN to WAN, and LAN to LAN.

Prevent Fraudulent Activities

Prevent Disruption of Service

SIP Trunk-UC Workshop The Role of an E-SBC - Security

Common SIP Attacks

Intrusion of Services (or Stealth of Service) Devices attempting Register with a IP-PBX in an attempt to look

like an IP-PBX extension and gain IP-PBX services SPIT (SPAM over Internet Telephony)

Toll Fraud A form of an Intrusion of Service, where malicious attempts to

send INVITEs to an IP-PBX to gain access to PSTN Gateways and SIP Trunking to call the PSTN

Denial of Service INVITE (or any SIP Request) Flood in an attempt to slow services

or disrupt services Or any UDP or TCP traffic directed at a SIP Service on SIP Ports

Indirect Security Breaches

Typical Network Deployments

• Internet

• Managed Service Provider

• Hosted or Cloud Services

Addressing Security Issues Secured Unified Communications over the Internet

Addressing Security Issues Typical Network Deployments

Internet Telephony Service Providers

Delivery of SIP Trunking Services over the Public Internet Security Advantages

One Control Point Any Trunking Service from Anywhere Terminate Local, Out of State, and International

numbers Most Flexible delivery of SIP in UC

Optimize Bandwidth for Voice & Data traffic – QoS Security Disadvantages

Highest level of typical Internet security concerns, DoS, Vishing, Fuzzying, Thieft of Service (Toll Fraud) and others

Access Control Lists are not enough, more detailed inspection is required

Addressing Security Issues Typical Network Deployments - ITSP

Addressing Internet SIP Security

There is an obvious need to have a Security, as Internet is the Most insecure network

Prevent Fraudulent Activities Identify Theft, Toll Fraud, Spoofing, Misuse SPAM, SPIT Vishing Eavesdropping Data Mining Reconnaissance

Prevent Disruption of Service Denial of Service Fuzzing

Addressing Security Issues Secured Unified Communications over a Managed Service Provider

Addressing Security Issues Typical Network Deployments

Managed Telephony Service Providers

Delivery of SIP Trunking Services over the Private Carrier Service The Enterprise Customer still needs to protect their assets and

intellectual property. Security Advantages

No Internet SIP security concerns from the Carrier– Whoo Hoo!

Security Disadvantages No Optimization of Voice and Data Bandwidth Customer Enterprise still connecting to an Untrusted Network There is still an Internet Connection somewhere at the

Enterprise…

What if the Managed Service Provider is providing both Internet and SIP?

Addressing Security Issues Typical Network Deployments - Managed

Addressing Managed Service Provider SIP Security

There little to no risk of Internet type Security Risks From the Enterprise Customers perspective,

The Carrier Network is still “Untrusted” – Anything that is not their own and not under their security to protect their assets and intellectual property

Only allow SIP Communications from the Carrier Prevent Fraudulent Activities

Identify Theft, Toll Fraud, Spoofing, Misuse – In Both Directions

Data Mining

Addressing Security Issues Secured Unified Communications over a Hosted Service Provider

Addressing Security Issues Typical Network Deployments

Hosted Telephony Service Providers

Delivery of SIP Trunking and other Services over a Hosted Service Provider (Services “In the Cloud”)

Can be delivered over the Internet or Managed private carrier service

In ether deployment Enterprise Customer has to protect their assets and intellectual property

Advantages & Disadvantages When over the Internet – Same as before When over Managed – Same as before

Addressing Security Issues Typical Network Deployments - Managed

Addressing Hosted Service Provider SIP Security

Depends on method of deployment, following issues mentioned before.

From the Enterprise Customers perspective: The Carrier Network is still “Untrusted” – Anything

that is not their own and not under their security to protect their assets and intellectual property

Only allow SIP Communications to the Carrier

Prevent All Fraudulent Activities Identify Theft, Toll Fraud, Spoofing, Misuse – In both

directions Data Mining

SIP Trunk-UC Workshop The Role of an E-SBC - Security

Why is SIP Security Better than PSTN?

Encryption Transport Layer Security (TLS) – Encryption

of SIP Signaling

SIP Trunk-UC Workshop The Role of an E-SBC - Security

Why is SIP Security Better than PSTN?

Encryption Secure RTP (SRTP) – Encryption of Media

SIP Trunk-UC Workshop The Role of an E-SBC - Security

Why is SIP Security Better than PSTN?

Prevent Fraudulent Activities Access Control Traffic Policies Topology Hiding Encryption

Prevent Disruption of Service Intrusion Detection Service / Intrusion

Prevention Service Blacklisting

THE END