checkphone_ppt_061205_fr checphone_pot_061205_fr.pot product & services overview analyze,...
Post on 20-Jan-2016
222 Views
Preview:
TRANSCRIPT
CHECKPHONE_PPT_061205_FR
CH
EC
PH
ON
E_P
OT_0
61
20
5_FR
.pot
Product & Services Overview
Analyze, control, and secure your telephone
applications
September 2006
Page 2 CHECKPHONE_PPT_131205_FR.ppt
Agenda
CheckPhone’s Solution CheckPhone’s Approach ETSS® System
ETSS® GUI ETSS® Security
• Management System• Probes
ETSS® Expert ETSS® Tools ETSS® V3 ETSS® System Evolution Use Cases
CheckPhone’s Services Customer Service & Support Services Strategy
Benefits Summary
Page 3 CHECKPHONE_PPT_131205_FR.ppt
Prevent & Detect: •Centralized security policy definition and management•Real-time application of the security policy (disconnection of unauthorized communication)
Measure & Report:•Automatic imports of PBX configuration•Assessments of risks and severity•Determination of countermeasures•Centralized view of risk reports•Detection alerts on vulnerabilities
Track & Analyze: Logs and Configuration tracking. Analysis enabled by the robust data visualization tool
Prevent & Detect: •Centralized security policy definition and management•Real-time application of the security policy (disconnection of unauthorized communication)
Measure & Report:•Automatic imports of PBX configuration•Assessments of risks and severity•Determination of countermeasures•Centralized view of risk reports•Detection alerts on vulnerabilities
Track & Analyze: Logs and Configuration tracking. Analysis enabled by the robust data visualization tool
Management of security rulesDefinition of the security policy
ETSS® IP/TDM Probe Drop unauthorized communication
PREVENT & DETECT MEASURE & REPORT
Configuration importsCentralization of configuration data
Vulnerability reportsThreats, Severity & Countermeasures
ETSS®System
CheckPhone’s Approach
Architecture:Distributed (redundant and autonomous probes)Multi-technology (TDM, Hybrid, Full IP)Multi-protocol (SIP,ISDN, vendor specific)Multi-platform (major equipment manufacturers)
Architecture:Distributed (redundant and autonomous probes)Multi-technology (TDM, Hybrid, Full IP)Multi-protocol (SIP,ISDN, vendor specific)Multi-platform (major equipment manufacturers)
TRACK & ANALYZE
Configuration and Logs HistoryConfiguration, Call flows & Probe status
Analysis Variance assessments, Custom Views
Page 4 CHECKPHONE_PPT_131205_FR.ppt
CheckPhone’s Solution
Expert Telecom Security System® (ETSS®)
ETSS® Security ETSS® Security Manager
enables the creation of rules, management of profiles and display of warnings. Together with the ETSS® probes they enable the implementation of security policy in the enterprise. Access to historical archives of call logs allows access to vital call detail information.
IP and TDM Probes that monitor and analyze traffic in real time and apply rules as defined using the ETSS® Security application
ETSS® Expertimports configuration from PBXs provides on demand vulnerability assessments and alerts. A historical archive of imports and the ability to identify variances on PBX configuration is available.
Expert Telecom Security System® (ETSS®)
ETSS® Security ETSS® Security Manager
enables the creation of rules, management of profiles and display of warnings. Together with the ETSS® probes they enable the implementation of security policy in the enterprise. Access to historical archives of call logs allows access to vital call detail information.
IP and TDM Probes that monitor and analyze traffic in real time and apply rules as defined using the ETSS® Security application
ETSS® Expertimports configuration from PBXs provides on demand vulnerability assessments and alerts. A historical archive of imports and the ability to identify variances on PBX configuration is available.
CheckPhone’s Security Professional Services
Security Services VoIP Security Consulting Service
Strategy/Policy/Architecture Assessments & Audits Customer defined
Implementation & Support Vulnerability Assessments Penetration Assessments War Dialing Compliance Service
Regulatory Legal Standards
Managed Service 24x5, 24X7 Demand Based (Daily, Weekly,
Monthly, etc.)
Certifications CISSP DCSSI- France’s National Defense
Certification (in progress)
CheckPhone’s Security Professional Services
Security Services VoIP Security Consulting Service
Strategy/Policy/Architecture Assessments & Audits Customer defined
Implementation & Support Vulnerability Assessments Penetration Assessments War Dialing Compliance Service
Regulatory Legal Standards
Managed Service 24x5, 24X7 Demand Based (Daily, Weekly,
Monthly, etc.)
Certifications CISSP DCSSI- France’s National Defense
Certification (in progress)
Page 5 CHECKPHONE_PPT_131205_FR.ppt
ISDN
Full IP Telephony
TDM Telephony
Telecom Cabinet
Call Server
Proxy
IP Phones
ETSS® IP Probe
ETSS® IP Probe
Legacy Phones
Fax
ISDN
IP
Hybrid telephony
ETSS®
Suite
IPABX administration desk
Printer
ETSS® IP ProbeETSS®TDM
Probe
ETSS® IP Probe
ETSS® TDM Probe
IP Phones
CheckPhone’s Voice Security in Enterprise Networks
PBX
Legacy Phones
PABX administration desk
Telecom Cabinet
Fax
Fax
Switch / Router
Switch / Router
Page 6 CHECKPHONE_PPT_131205_FR.ppt
Data vs Multimedia – Fundamental Differences
Data
Client Server Architecture
Non-Real Time Communication
Not Synchronized
Voice Features Not applicable
Service Level Agreements
Market Expected Availability Best efforts
Network points of vulnerability Traditional
Multimedia
Peer to Peer Architecture
Real Time Communication
Synchronized
Voice Features – new vulnerabilities Call ID, call forward, voice-
mail, three-way calling
Stringent QoS
Market Expected Availability 99.999 %
Network points of vulnerability New technologies: IP,
advanced wireless New elements: telephone
handsets, conferencing units, call processors/controllers, media gateways
Page 7 CHECKPHONE_PPT_131205_FR.ppt
ETSS® System – Leading Edge Technology
OpenBSD Operating System Free, Open source & open
documentation Security: built-in cryptography and PF
Firewall suite
SQL Database Open Source, Easy to Use Adopted standard by ANSI & ISO
“.Net” Real-time Client Best class GUI Real time view
IDS/IPS Security Principles Real-time localized detection Low false alarms Enterprise wide prevention
IDS/IPS Security Principles Real-time localized detection Low false alarms Enterprise wide prevention
Page 8 CHECKPHONE_PPT_131205_FR.ppt
ETSS® System Graphical User Interface (GUI)
Page 9 CHECKPHONE_PPT_131205_FR.ppt
User Interface Benefits
Description
Utilities Window, Point and Click, Intuitive Icons
Pull Down menus, predefined lists
Enhanced Administrator rights management
Password based Login, Auto disconnect
Graphical view of call traffic data
Telescoping views
Multi-domain
Benefits
Easy to use
Real-time security related call traffic
graphs
Multiple sites in a single screen
Easy access to data and tools
Secure access to ETSS® System: Customized administrator rights profile Login Password Auto-disconnect
CHECKPHONE_PPT_061205_FR
CH
EC
PH
ON
E_P
OT_0
61
20
5_FR
.pot
ETSS® Security
Analyze, control, and secure your telephone
applications
Page 11 CHECKPHONE_PPT_131205_FR.ppt
ETSS® Security
Key Administrator capabilities:
Add/Delete Rules
Manage Settings
View Warnings, call history, real time calls
Antifuzz profiles
Automate email alerts
OverviewSecurity Policy
Rule definition Rule filters Implement button
Settings Lists Automation Schedules Actions Antifuzz protection
Real-time Calls 24 hours rolling, by call type view Last 5 calls
History Calls
Statistics
Page 12 CHECKPHONE_PPT_131205_FR.ppt
Security Policy
Page 13 CHECKPHONE_PPT_131205_FR.ppt
ACTIONS Each rule entails an action, either directly or after a
settable timeout Ban: disconnection of the communication or temporary
banishment Authorization Special tagging that flags these calls within the logs for
external analysis Analysis: tracking of calls to qualify them with regard to
occurrence over time
Rule Application
Page 14 CHECKPHONE_PPT_131205_FR.ppt
Stateful rules Management of counters to determine the number of calls in progress
with the same internal no. (transfers and conference calls) Determination of an initial threshold with action
Determination of a second threshold with action
Management of counters to determine the number of calls in progress with the same external no.
Determination of an initial threshold with action Determination of a second threshold with action
Management of a counter to determine the number of calls received during a specific period of time. (e.g.: war dialing, etc.)
Determination of an initial threshold with action Determination of a second threshold with action
Automatic update of a list of external numbers based on a set of criteria (e.g.: SPAM)
The number of calls received from a given source Frequency of calls received from a given source The administrator may transfer this list to a green list or a black list
Stateful Management
Page 15 CHECKPHONE_PPT_131205_FR.ppt
Call History
Page 16 CHECKPHONE_PPT_131205_FR.ppt
Real-time Calls
Page 17 CHECKPHONE_PPT_131205_FR.ppt
Statistics
Include V3 Screen
Page 18 CHECKPHONE_PPT_131205_FR.ppt
ETSS® TDM Probe
Page 19 CHECKPHONE_PPT_131205_FR.ppt
ETSS® Probes – Key Functions
Probes operate on the IDS/IPS principle
Inspection of all communications flows
Communication management IP Probe: Tagging, Disconnection TDM Probe: Tagging, Disconnection,
High Impedance, By-Pass in stand-by mode
Time/dating stamping of communication
Media type identification: IP Probe: Voice, Fax, Video, Data, Application TDM Probe: Voice, Fax, Modem
Identification of users: IP Probe: @ IP and No. of source and destination ports, source and
destination URIs TDM Probe: Caller/Called No.
Transmit real-time call events to the ETSS® Security module via asecured SSL link and allows for an optimum management solution.
Page 20 CHECKPHONE_PPT_131205_FR.ppt
ETSS® System – TDM & IP Probe Specifications
Technical Specifications
ETSS® IP Probe Spans: 3 ethernet 10/100 Server Specifications for IP Probe:
Operating System: OpenBSD 3.9 Processor: Pentium 4, 3GHz Memory: HD - SATA 80 Gb, RAM -
2Gb Power: 120/230Vac – 50/60 Hz Protocols: SIP, vendor specific Local Maintenance ports: USB, RS232
ETSS® TDM Probe 1U rack mountable Spans:
2 PRI (E1/T1) 2 BRI
Power: 120/230Vac – 50/60 Hz Redundant power supplies Protocols: Euro ISDN Maintenance: 2 ethernet 10/100 Local Maintenance: USB, RS232, VGA Intrusion and power alarms
Technical Specifications
ETSS® IP Probe Spans: 3 ethernet 10/100 Server Specifications for IP Probe:
Operating System: OpenBSD 3.9 Processor: Pentium 4, 3GHz Memory: HD - SATA 80 Gb, RAM -
2Gb Power: 120/230Vac – 50/60 Hz Protocols: SIP, vendor specific Local Maintenance ports: USB, RS232
ETSS® TDM Probe 1U rack mountable Spans:
2 PRI (E1/T1) 2 BRI
Power: 120/230Vac – 50/60 Hz Redundant power supplies Protocols: Euro ISDN Maintenance: 2 ethernet 10/100 Local Maintenance: USB, RS232, VGA Intrusion and power alarms
ETSS® TDM & IP Probes Compliant with
environment, safety and security standards
Centralized SW upgrades, downloadable from ETSS® Server.
ETSS® TDM & IP Probes Compliant with
environment, safety and security standards
Centralized SW upgrades, downloadable from ETSS® Server.
Page 21 CHECKPHONE_PPT_131205_FR.ppt
ETSS® Security Key Benefits
Centralized management of security in the enterprise: Centralized enterprise perimeter-wide views of security warnings Centralized definition of enterprise perimeter-wide security policy
rules Centralized download of rules to probes, upload of logs from the
probes Easy to use graphical user interface Pull-down menus for defined profiles, Scroll bars, action buttons Call Type Icons Select/Deselect boxes
Choice of operating modes Block Mode: all calls not authorized by a specific rule are blocked Authorization Mode: all calls not blocked by a specific rule are
allowedMinimizes risk of disruptive security implementation with flexibility to monitor, tag and block calls. Enhanced SIP security management – Antifuzz profilerAutomation of key security tool functions
CHECKPHONE_PPT_061205_FR
CH
EC
PH
ON
E_P
OT_0
61
20
5_FR
.pot
ETSS® Expert
Analyze, control, and secure your telephone
applications
Page 23 CHECKPHONE_PPT_131205_FR.ppt
ETSS® Expert
The Administrator can:
Upload PBX Configuration
Generate/Delete Report: vulnerabilities, severity and countermeasures provided
Automate imports and variance reports
Define and Manage Application Parameters
OverviewExpert PBX PBX “n” (per PBX Expert view)
Configuration Variances Reports
• Threats• Severity• Countermeasures
Automation Manage Connectors
Expert IP Reports Settings Automation
Page 24 CHECKPHONE_PPT_131205_FR.ppt
Expert PBX - Configuration
Page 25 CHECKPHONE_PPT_131205_FR.ppt
Expert PBX – Configuration Difference
Page 26 CHECKPHONE_PPT_131205_FR.ppt
Expert PBX - Reports
Page 27 CHECKPHONE_PPT_131205_FR.ppt
Expert PBX - Automation
Page 28 CHECKPHONE_PPT_131205_FR.ppt
Expert IP - Report
Page 29 CHECKPHONE_PPT_131205_FR.ppt
Expert IP - Automation
Page 30 CHECKPHONE_PPT_131205_FR.ppt
ETSS® Expert Key Benefits
Centralized : Centralized import of PBX configurations. Key industry PBX
types supported. Centralized view of Reports: threats, severity and
countermeasures Centralized history of PBX configurations & variances
Easy to use graphical user interface Scroll bars to explore lists Tree based hierarchical views of the file system Point and Click to select tree elements
Automation Uploads of configurations Creation of threat reports
Knowledge base of more than 3,000 vulnerabilities and more than 300 scenariosIP Security Scanner
Page 31 CHECKPHONE_PPT_131205_FR.ppt
Probe Administration
Page 32 CHECKPHONE_PPT_131205_FR.ppt
Real-time Monitoring
Page 33 CHECKPHONE_PPT_131205_FR.ppt
System Events
The administrator can:
View logs of administrator actions
View internal events (probe disconnects, etc.)
The administrator can:
View logs of administrator actions
View internal events (probe disconnects, etc.)
Page 34 CHECKPHONE_PPT_131205_FR.ppt
Users Administration
Page 35 CHECKPHONE_PPT_131205_FR.ppt
ETSS® System – Specifications
ETSS® Server
Operating System: OpenBSD 3.9
Processor: Pentium 4, 3.0 GHz
Memory: 80 GB HD, 2 Gb RAM
Power: 120/230Vac – 50/60 Hz
Ports: 1 ethernet 100 Mbps
ETSS® Server
Operating System: OpenBSD 3.9
Processor: Pentium 4, 3.0 GHz
Memory: 80 GB HD, 2 Gb RAM
Power: 120/230Vac – 50/60 Hz
Ports: 1 ethernet 100 Mbps
ETSS® Administration Station
Operating System: Windows XP SP2
Processor: 3 GHz
Memory: 1 Gb HD, 1 Gb RAM
Power: 120/230Vac – 50/60 Hz
ETSS® Administration Station
Operating System: Windows XP SP2
Processor: 3 GHz
Memory: 1 Gb HD, 1 Gb RAM
Power: 120/230Vac – 50/60 Hz
CHECKPHONE_PPT_061205_FR
CH
EC
PH
ON
E_P
OT_0
61
20
5_FR
.pot
Version 3.0 Update
Page 37 CHECKPHONE_PPT_131205_FR.ppt
What is new?
Features V2.1 V3
Enhanced Architecture – Capacity, Enhanced SW Upgrade ●
Centralized Security Management – Multi-site ● E
IP and TDM Probes ● E
User Friendly GUI – Tree based data views, Point and Click, Pull down Menus, Lists
● E
Enhanced GUI ●
Real-time Reports in data graphs: Configurations, Call Traffic, Probe Status
●
System Activity Journal ●
Automation – Warnings, Reports ● E
PBX Virtual Management (PBX & IP PBX) ●
ETSS® Security ● E
ETSS® Expert ● E
Enhanced SIP security ●
Enhanced Reporting ●
E = Enhancements
Page 38 CHECKPHONE_PPT_131205_FR.ppt
Architecture – Reliable
Description Still based on a secure OS :
OpenBSD SQL Database system Multi job architecture Enhanced Distributed architecture
delivering automatic firmware upgrades
Benefits Improved capacity for large
systems (up to 5 times faster) Easier maintenance & upgrades Reliability Improvement of the application
security GUI independent architecture
100
2000
4000
6000
8000
9000
1000
0
1100
0
1200
0
1300
0
1400
0
1500
0
V2
0123456789
10
Nombre d'utilisateurs
Temps (heures)
Temps de traitement moyen Module ETSS Expert
V2
V3
Page 39 CHECKPHONE_PPT_131205_FR.ppt
Centralized View & Element Status
DescriptionMulti- domain, single system
Centralized Real-time data access
Centralized tools: Security & Expert
Centralized: Probes status, Call logs, SW Updates
Centralized: Configurations, Variances
System Event Journals
Benefits
Optimal use of resources: people, tools
Seamless migration to VoIP
Ease of Security management in an evolving/growing
network
Reduced response time
Page 40 CHECKPHONE_PPT_131205_FR.ppt
IPBX Virtual Management (read/write privileges)
Description : Multi domain administration : split telephony infrastructure in different sub
domains Multiple administrators, with different administration rights for each sub
domain
Benefits: Ability to handle complex infrastructures Flexibility and adaptation with the existing organization of large customers Splitting each task : Access Control List, Rules management, User
management, Log review, Probe monitoring … Ability to outsource specific tasks on a defined sub-domain.
Site 1
Rules Correspondents
Site 2
Rules Correspondents
Admin AAdmin A Admin BAdmin B Admin CAdmin C
Page 41 CHECKPHONE_PPT_131205_FR.ppt
IPBX Virtual Management (read/write privileges)
Page 42 CHECKPHONE_PPT_131205_FR.ppt
New SIP functionality
Description : Software probe acting as a
network IPS Compliancy project with OEM
partnership Advanced filtering on SIP protocol
Benefits Seamless migration from PSTN to
VOIP system Centralize telephony security
management of multi-vendors & multi-technology systems during the migration phase.
Secure the new threats specific to the SIP protocol : (Flooding, Fuzzing, Spoofed messages, Network Denial of Service).
Page 43 CHECKPHONE_PPT_131205_FR.ppt
Enhanced Reporting Benefits
Description
Text and graphical reports
24 hour rolling view Call traffic Call spread
Last 5 calls, Last 5 system events
IP Security Scanner
Benefits
Configurations/Variances at a glance
Easy access to trends with graphical views
Easy Access to recent call traffic and system events
Improved IP security management reports detail
Anti-fuzz IP Security Scans
CHECKPHONE_PPT_061205_FR
CH
EC
PH
ON
E_P
OT_0
61
20
5_FR
.pot
ETSS® System Evolution
Analyze, control, and secure your telephone
applications
Page 45 CHECKPHONE_PPT_131205_FR.ppt
ETSS® (Expert Telecom Security Solution®) Evolution
1. Short TermDeliver ETSS® V3 with:
Mature GUI Enhanced FeaturesFully Commercialized
Define New Market Requirements – North America and Western EuropeV4/V5 Customer, Market and Technology Requirements and Implementation
2. StrategicCreate “Best in Class” UI – SimplificationPerformance and Protection ImprovementsComplete the Tool SuiteProduct Integration – UTM/Call ManagersExtend the Security Suite
IM & MultimediaSmall Business and ConsumerWireless
CHECKPHONE_PPT_061205_FR
CH
EC
PH
ON
E_P
OT_0
61
20
5_FR
.pot
Use Cases
Analyze, control, and secure your telephone
applications
Page 47 CHECKPHONE_PPT_131205_FR.ppt
Finance Industry
Retail banking business continuity not covered while migratingIsolate and be protected against DoS attacksCall centers are crucial and are not secured
Investment Banking business integrity not covered while migratingAgainst worms and intrusionsAgainst spy and fraudulent attacks
Enforce Basel II compliance (traceability, due diligence, …)Track changes and assess the security rules Audit and Report against policies in place
Return on Investment is criticalCentralized managementAutomated processesAlerting and forensicsRisk Management
Security is an integral part of service continuity and media integrity.Need to address vulnerabilities in IP and «unique attributes » of voice.
CHECKPHONE_PPT_061205_FR
CH
EC
PH
ON
E_P
OT_0
61
20
5_FR
.pot
Checkphone Services
Analyze, control, and secure your telephone
applications
Page 49 CHECKPHONE_PPT_131205_FR.ppt
Customer Migration SupportTechnical Support Service Delivery
Voice, hybrid, IP networks
Network migration support
PBX upgrade support
PBX migration support
7X24X365 customer support via channels and CheckPhone
Global trouble call resolution system
Security architecture and installation
Audit service delivery
Software upgrades
Documentation & training
Customer Service & Support
Page 50 CHECKPHONE_PPT_131205_FR.ppt
Services is a key early Revenue & Technology enabler
Services Strategy
Consulting
Assessment & Audit
Specialized VoIP tools
Open Source Tools
& Commercial Tools
Compliance
Plus
VoIPSecurity
Deployment
VoIP Managed Security
VoIPSecurity
KB
+
Page 51 CHECKPHONE_PPT_131205_FR.ppt
Key Benefits
CheckPhone meets voice security needs in the enterprise: Real-time monitoring and localized protection against security breaches in the
voice network Seamless integration into the existing network infrastructure and migration to
VoIP Optimal use of security resources with centralization of security management Advanced vulnerability audit and reporting on PBX configuration Ease of use Effective voice security technology
CheckPhone addresses major security threats in the voice network Integrity Eavesdropping Interception and modification Service abuse Denial of service
CheckPhone a trust worthy Security Solution supplier 300+ years of Security, IP and telephony experience Proven track record for products and services – a note worthy customer base A future proof approach – Open Source OS and SQL Database, video and voice
security, “.Net” connectivity
CHECKPHONE_PPT_061205_FR
CH
EC
PH
ON
E_P
OT_0
61
20
5_FR
.pot
Thank You
Analyze, control, and secure your telephone
applications
top related