addressing security issues it expo east 2011. addressing security issues unified communications sip...
TRANSCRIPT
Addressing Security Issues
IT Expo East 2011
Addressing Security Issues Unified Communications
SIP Communications in a UC Environment
Addressing SIP Security Security
Why is Security Important?
End of Geography IP Protocol is an OPEN network system, no
longer need to be physically present Any IP Address can connect with any other IP
Address, WAN to WAN, WAN to LAN, LAN to WAN, and LAN to LAN.
Prevent Fraudulent Activities
Prevent Disruption of Service
SIP Trunk-UC Workshop The Role of an E-SBC - Security
Common SIP Attacks
Intrusion of Services (or Stealth of Service) Devices attempting Register with a IP-PBX in an attempt to look
like an IP-PBX extension and gain IP-PBX services SPIT (SPAM over Internet Telephony)
Toll Fraud A form of an Intrusion of Service, where malicious attempts to
send INVITEs to an IP-PBX to gain access to PSTN Gateways and SIP Trunking to call the PSTN
Denial of Service INVITE (or any SIP Request) Flood in an attempt to slow services
or disrupt services Or any UDP or TCP traffic directed at a SIP Service on SIP Ports
Indirect Security Breaches
Typical Network Deployments
• Internet
• Managed Service Provider
• Hosted or Cloud Services
Addressing Security Issues Secured Unified Communications over the Internet
Addressing Security Issues Typical Network Deployments
Internet Telephony Service Providers
Delivery of SIP Trunking Services over the Public Internet Security Advantages
One Control Point Any Trunking Service from Anywhere Terminate Local, Out of State, and International
numbers Most Flexible delivery of SIP in UC
Optimize Bandwidth for Voice & Data traffic – QoS Security Disadvantages
Highest level of typical Internet security concerns, DoS, Vishing, Fuzzying, Thieft of Service (Toll Fraud) and others
Access Control Lists are not enough, more detailed inspection is required
Addressing Security Issues Typical Network Deployments - ITSP
Addressing Internet SIP Security
There is an obvious need to have a Security, as Internet is the Most insecure network
Prevent Fraudulent Activities Identify Theft, Toll Fraud, Spoofing, Misuse SPAM, SPIT Vishing Eavesdropping Data Mining Reconnaissance
Prevent Disruption of Service Denial of Service Fuzzing
Addressing Security Issues Secured Unified Communications over a Managed Service Provider
Addressing Security Issues Typical Network Deployments
Managed Telephony Service Providers
Delivery of SIP Trunking Services over the Private Carrier Service The Enterprise Customer still needs to protect their assets and
intellectual property. Security Advantages
No Internet SIP security concerns from the Carrier– Whoo Hoo!
Security Disadvantages No Optimization of Voice and Data Bandwidth Customer Enterprise still connecting to an Untrusted Network There is still an Internet Connection somewhere at the
Enterprise…
What if the Managed Service Provider is providing both Internet and SIP?
Addressing Security Issues Typical Network Deployments - Managed
Addressing Managed Service Provider SIP Security
There little to no risk of Internet type Security Risks From the Enterprise Customers perspective,
The Carrier Network is still “Untrusted” – Anything that is not their own and not under their security to protect their assets and intellectual property
Only allow SIP Communications from the Carrier Prevent Fraudulent Activities
Identify Theft, Toll Fraud, Spoofing, Misuse – In Both Directions
Data Mining
Addressing Security Issues Secured Unified Communications over a Hosted Service Provider
Addressing Security Issues Typical Network Deployments
Hosted Telephony Service Providers
Delivery of SIP Trunking and other Services over a Hosted Service Provider (Services “In the Cloud”)
Can be delivered over the Internet or Managed private carrier service
In ether deployment Enterprise Customer has to protect their assets and intellectual property
Advantages & Disadvantages When over the Internet – Same as before When over Managed – Same as before
Addressing Security Issues Typical Network Deployments - Managed
Addressing Hosted Service Provider SIP Security
Depends on method of deployment, following issues mentioned before.
From the Enterprise Customers perspective: The Carrier Network is still “Untrusted” – Anything
that is not their own and not under their security to protect their assets and intellectual property
Only allow SIP Communications to the Carrier
Prevent All Fraudulent Activities Identify Theft, Toll Fraud, Spoofing, Misuse – In both
directions Data Mining
SIP Trunk-UC Workshop The Role of an E-SBC - Security
Why is SIP Security Better than PSTN?
Encryption Transport Layer Security (TLS) – Encryption
of SIP Signaling
SIP Trunk-UC Workshop The Role of an E-SBC - Security
Why is SIP Security Better than PSTN?
Encryption Secure RTP (SRTP) – Encryption of Media
SIP Trunk-UC Workshop The Role of an E-SBC - Security
Why is SIP Security Better than PSTN?
Prevent Fraudulent Activities Access Control Traffic Policies Topology Hiding Encryption
Prevent Disruption of Service Intrusion Detection Service / Intrusion
Prevention Service Blacklisting
THE END