Date post: | 25-Dec-2015 |
Category: |
Documents |
Upload: | robert-tyler |
View: | 215 times |
Download: | 1 times |
The Voice Security CompanyThe Voice Security Company
Kirk VaughanKirk VaughanProduct Director –VoIPProduct Director –[email protected]@securelogix.com
SIP Application SecuritySIP Application Security
VoIP security is a big deal
Why? Fear of the Unknown
Everyone talks about VoIP security threats
DoS Attacks Eavesdropping Theft-of-service
These are the obvious ones!And they are manageable.
Theft-of-identity
What is scary is what is around the corner that we can’t see
Hacker’s hate Billy Gates….will John Chambers be next?
Disgruntled employees can wreak havoc with internal access
IT security “Best Practices”
Stay off of Billy’s platforms
Secure Backdoors
Enterprises are easy targets – too little voice security
Some current VoIP Security Recommendations help
Strict Authentication
Enterprises are not early adopters
Business case is necessary Proven reliability and security ROI calculation includes cost of management
Build applications with this in mind from day one
Data Networking History taught us
Network security requires lots of tools – not one single answer- Firewalls
- IPS/IDS- Anti-viral software
Modem and fax lines create a huge security backdoor
- Some enterprises have hundreds which are unmonitored thus creating an insecure voice and data network!
LAN
Servers
Workstations
Internet
CentralOffice
ISP
Intruder
PSTN
IDS
Firewall
PBX
Voicemail
TelephonesFax
UnauthorizedModems
LAN
Servers
Workstations
Internet
CentralOffice
ISP
Intruder
PSTN
IDS
Firewall
PBX
Voicemail
TelephonesFax
UnauthorizedModems
LAN
Servers
Workstations
Internet
CentralOffice
ISP
Intruder
PSTN
IDS
Firewall
PBX
Voicemail
TelephonesFax
UnauthorizedModems
LAN
Servers
Workstations
Internet
CentralOffice
ISP
Intruder
PSTN
IDS
Firewall
PBX
Voicemail
TelephonesFax
UnauthorizedModems
After hours scanning – 2%-4% of phone lines have unauthorized modems.
Unauthorized Modem Unauthorized Modem AttackAttack
LAN
Servers
Workstations
Internet
CentralOffice
ISP
Intruder
PSTN
IDS
Firewall
PBX
Voicemail
TelephonesFax
UnauthorizedModems
LAN
Servers
Workstations
Internet
CentralOffice
ISP
Intruder
PSTN
IDS
Firewall
PBX
Voicemail
TelephonesFax
UnauthorizedModems
LAN
Servers
Workstations
Internet
CentralOffice
ISP
Intruder
PSTN
IDS
Firewall
PBX
Voicemail
TelephonesFax
UnauthorizedModems
Employees use a modem to dial around the Firewall and IDS.
Hacker “piggybacks” off ISP connection to access the Data Network.
ISP Modem AttackISP Modem Attack
LAN
Servers
Workstations
Internet
CentralOffice
ISP
Intruder
PSTN
IDS
Firewall
PBX
Voicemail
TelephonesFax
Modems
LAN
Servers
Workstations
Internet
CentralOffice
ISP
Intruder
PSTN
IDS
Firewall
PBX
Voicemail
TelephonesFax
Modems
TelecomFirewall
MgmtServer
Blocked!
Alert!
Unauthorized calls are blocked by a Security Appliance called aTelecom Firewall
The SolutionThe Solution
The backdoor modem is the Data Security Manager’s “Achilles Heel”
My message to the SIP Application Development world….
Don’t become the Achilles Heel Don’t become the Achilles Heel to the VoIP worldto the VoIP world
Before you write 1 line of code, ask how the operations manager will..
- Have Visibility and Control of user behavior on your service
- Simply and effectively manage the service Configuration of applications User database Security policy
- Authorize use of approved applications (hopefully yours!)
- Accurately account and report on performance, usage and charging
- Guarantee the security of the application
Are you in the business of writing applications for enterprise users?
Integrated voice service platforms (MS RTC Server - Greenwich)
SIP-enabled web applications
Embedded services via API
Don’t be naïve – enterprises won’t allow new communication services into their networks without appropriate management,
visibility and security
Enterprise use of Public IM services (MS Messenger, AIM, Yahoo)
Created market for IM gateways
Access to SIP services over the internet (VONAGE, FWD)
Application Layer Gateways and VoIP-aware Firewalls
LAN
Servers
Workstations
Internet
CentralOffice
ISP
PSTN
IDS
Firewall
PBX
Voicemail
TelephonesFax
Modems
Telecom Firewall
VoIPSecurityManager
Mgmt.Server
Router
IP Phone
Accept the fact that you will be monitored and managed…..Accept the fact that you will be monitored and managed…..
3rd Party AS
VoIP Security Manager secures the data and voice network
external threats over the internet or WAN
TDM Security (Telecom Firewall) secures the data and voice network
external threats over unmonitored analog modem and fax lines
internal threats from trusted or unknown sources
Both devices provide management, reporting, and security policy tools
No need for two separate management and security tools…
Combine them!!
LAN
Servers
Workstations
Internet
CentralOffice
ISP
PSTN
IDS
Firewall
PBX
Voicemail
TelephonesFax
Modems
Mgmt.Server
Router
IP Phone
The CPE providing TDM and VoIP security becomes one…..The CPE providing TDM and VoIP security becomes one…..
3rd Party AS
RTMMFirewall
Real-Time Mixed Media FirewallReal-Time Mixed Media Firewall
The Real-Time Mixed Media Firewall
- Provides real-time Visibility and Control of user behavior
- Combines the security and monitoring features of several platforms
Application-Layer Gateway Telecom Firewall Call-Accounting System IM Gateway Client Registrar (DHCP) Presence Manager Security policy manager with reporting Bandwidth and routing policy manager
- Manages access to both on-net and off-net VoIP services
Simplifies the management of mixed mediaapplication platforms and secures the entire network!!!
- Secures TDM Voice Network against attack and misuse
The Real-Time Mixed Media Firewall
- Aids in the management and provisioning of SIP Services
Secures backdoor modem threats Restricts use of unapproved rogue clients and applications Prevents hacker attacks by controlling content across network borders Detects signaling anomalies and IPS signatures relating to VoIP
Single User database simplifies management of user profiles
Single GUI interface for setting up policies, reporting, and permissions
Graphical depiction of application/network usage stats in real-time
Application layer security
- Secures mixed media VoIP and TDM network resources
We have to secure both networks while we migrate
Security and Management of applications is key
Enterprises are suspicious of what they can’t control
They have been burned by the back-door modems
Can they be certain that you aren’t the next back-door?
Design apps for use with a CPE-based RTMM firewall
Even the great “killer app” needs security
Thank you!!!Thank you!!!