Secure Voice over IP (VoIP) Solutions

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Secure Voice over IP (VoIP) Solutions"

Transcription

1 APPLICATION NOTE Secure Voice over IP (VoIP) Solutions Delivering a robust, secure VoIP solution that counters both external and internal threats while providing superior quality of service

2 Abstract This Application Note discusses the key security challenges to consider when deploying VoIP solutions, and describes Alcatel-Lucent s VPN Firewall Portfolio and how it meets the security requirements of today s and tomorrow s VoIP networks and applications.

3 Table of contents 1 Introduction 1 Key challenges in securing a VoIP network 2 Meeting the challenge 2 Providing the solution: Alcatel-Lucent VPN Firewall Portfolio 3 Alcatel-Lucent Firewall Portfolio 3 Alcatel-Lucent Operating System 3 Alcatel-Lucent Security Management Server 4 VPN Firewall Brick Portfolio 4 Bandwidth management 5 Alcatel-Lucent VPN Firewall Brick high availability/failover 5 Alcatel-Lucent IPSec Client 5 Complete solution for total VoIP security

4 Introduction Creating high levels of security is essential to fully leverage VoIP technology and the many advantages it offers over traditional wireline solutions. To meet this challenge, Alcatel-Lucent s VPN Firewall Portfolio provides a complete solution to cope with the evolving threats that can slow down the deployment and use of VoIP applications. The portfolio combines the Alcatel-Lucent Security Management Server, Alcatel-Lucent VPN Firewall Brick appliances, and deployment of the Alcatel-Lucent IPSec Client. More specifically, Alcatel-Lucent s unique security solution for a VoIP network provides: VoIP application layer filtering where it is needed on the network. Dynamic pinholing to secure a data network while establishing VoIP calls Bandwidth control to maintain voice quality on busy networks call by call, and Failover capabilities to assure that no voice or data session is lost in the event of network failure. Alcatel-Lucent solutions, developed by Alcatel-Lucent s R&D arm, Bell Labs, offer blended communications that enable simple, seamless, secure networks that help drive businesses forward. Key challenges in securing a VoIP network VoIP is moving into the mainstream. According to Infonetics Research1, the VoIP services market was $21.1B in CY07, up 52 percent over CY06. Indeed, Infonetics expects the worldwide VoIP service market to reach $61.3B by CY11. Much of this is traceable to the fact that organizations now have the opportunity to take advantage of low-cost, feature-rich VoIP solutions that can augment or even replace traditional wireline implementations. Even so, there are some significant hurdles. Security is at the top of the list. That s because packetbased communications are particularly vulnerable to subversive attacks and illegal usage. Current technology serving data networks makes it easier to probe voice information on a packet-based network compared to physically tapping into a circuit-switched network. Malefactors can conduct voice tapping through the use of sniffing packets and, by manipulating packets, obtain fraudulent service subscriptions that can be used without payment or charged to another actual customer. IP networks are also susceptible to identity theft, spoofing, loss of sensitive data, denial of service attacks, and eavesdropping. Hackers launch virus and worm attacks, and malefactors manipulate the networks to conduct internal espionage. Moreover, IP PBXs can be hijacked and Windows-based servers are vulnerable, despite enhanced support for IPv6. If network hijackers successfully address network equipment, modify databases or replicate equipment, they can shut down, jam or takeover the voice network, or manipulate packet network protocols, such as, NOE, and H.323. The challenge for network administrators is to secure the network against these many and varied threats while, at the same time, allowing the VoIP sessions to flow smoothly. Secure Voice over IP (VoIP) Solutions Application Note 1

5 Meeting the challenge Stateful inspection firewalls and Intrusion Detection Systems (IDS s), commonly used for VoIP security, offer limited defenses. Ideally, a VoIP security solution will dynamically adapt network resources and security based on VoIP application requests, regardless of the signaling protocol used or whether or not the signaling or media traffic is encrypted. A viable VoIP security solution must also: Understand, NOE and H.323 protocols to prevent the introduction of fraudulent packets Conduct packet inspection during, NOE and H.323 call setup to obtain the necessary information to dynamically open and close the appropriate ports Be aware of emerging applications that require protection for example audio, web and video conferencing, as well as Unlicensed Mobile Access (UMA) for WiFi/cellular dual-mode handsets Support low latency, minimal jitter and negligible packet loss to ensure call quality and customer satisfaction Offer high availability to avoid loss of VoIP sessions in case of security or network device failure. Providing the solution: Alcatel-Lucent VPN Firewall Portfolio Alcatel-Lucent has taken a leadership role in VoIP security by offering a complete security solution that can be integrated with any existing VoIP application. Figure 1 illustrates Alcatel-Lucent s VPN Firewall Brick-based VoIP security system. Figure 1. Centralized Alcatel-Lucent VPN Firewall Brick-based VoIP security Centralized data center Virtual office PRI PSTN VoIP feature server VitalSuite performance management Access gateway DSL CPE Softphone ClientCare contact center Brick 1200HS Managed IP network Analog phones Alcatel-Lucent security management server Hosted Enterprise voice mail phone Branch office Enterprise directory, call logs, voice mail Corporate headquarters Softphone Enterprise voice mail Brick 50 Messaging and database, DNS Softphone Brick 700 Gateway phone Gateway /H.323 Analog lines PSTN PRI PBX or IP PBX 802 gateway Gateway PBX or IP PBX phones NOE, H.323 and application filters H.225, H.245, RTP, RTCP dynamic filtering Address and port translation Stateful filtering for higher performance VoIP sessions filtered based on authentication and services authorization Flexible deployment models, to protect users, proxy servers and gatekeepers from attacks Bandwidth control: brick shapes the traffic to guarantee VoIP bandwidth between sites 2 Secure Voice over IP (VoIP) Solutions Application Note

6 Alcatel-Lucent security solutions are based on the Alcatel-Lucent Network Security Model, which is the foundation of the ITU-T Recommendation X.805. Security Architecture for Systems Providing End-to-End Communications. Alcatel-Lucent Firewall Portfolio The Alcatel-Lucent VPN Firewall Portfolio offers a flexible platform, enabling the implementation of multiple security policies tailored to individual applications. The portfolio includes a broad range of carrier-class platforms that provide low price/performance and total cost of ownership (TCO). The Alcatel-Lucent VPN Firewall portfolio includes: Alcatel-Lucent Operating System (OS) based on Bell Labs development. Alcatel-Lucent Security Management Server VPN Firewall Brick platforms Alcatel-Lucent IPSec Client Alcatel-Lucent Operating System Alcatel-Lucent provides a real-time network Operating System (OS) based on innovative software developments by Bell Labs. The OS provides a software infrastructure for VoIP and other distributed network applications as well as traditional data protocols. It enables end-to-end connectivity over the public telephone network, the Internet, corporate networks, cable television, and satellite networks. Highly secure, the product has been designed with a very small memory footprint affording it high performance and low latency with no backdoors or security loop holes. The OS is designed purely with VPN and advanced firewall features in mind. Alcatel-Lucent Security Management Server Working with the Alcatel-Lucent VPN Firewall Brick portfolio and Alcatel-Lucent IPSec Client software, the Alcatel-Lucent Security Management Server allows the rapid provisioning and management of security, VPN and QoS services for thousands of users from a single console. It also provides network-wide control of multiple systems, security policies, VPN tunnels and remote clients. Totally secure remote management eliminates the need for network reconfigurations, truck-rolls, and on-site support. The Alcatel-Lucent Security Management Server provides real-time monitoring, robust logging, and customized reporting. A single cluster of servers can support up to 20,000 VPN Firewall Brick appliances and 100,000 Alcatel-Lucent IPSec Client users from one console. It can also accommodate up to 100 simultaneous administrators with role-based administration and concurrency controls across the platform. In addition to scalability, the Alcatel-Lucent Security Management Server provides carrier-grade reliability and a number of VPN authentication features, such as Internet Key Exchange (IKE) versions one and two, Advanced Encryption Standards (AES), Department of Defense Public Key Infrastructure (PKI), and X.509 digital certificates. Secure Voice over IP (VoIP) Solutions Application Note 3

7 VPN Firewall Brick Portfolio Bandwidth management The VPN Firewall Brick Portfolio delivers service-level-assured advanced security, IP VPN, and QoS services for the VoIP environment. These integrated firewall/vpn gateway appliances offer unparalleled performance. The product line consists of a series of hybrid Layer 2 and Layer 3 appliances, allowing any combination of interfaces to be set to bridge or route mode, and installed as Layer 2 mode providing secure transparency and ease of installation. Each VPN Firewall Brick is centrally staged and remotely managed by the Alcatel-Lucent Security Management Server. For security, a VPN Firewall Brick cannot be managed through a serial cable or from a web browser. Unlike pure router-based security platforms, advanced security services can be added without costly network reconfiguration, truck-rolls or on site support. The VPN Firewall Brick supports 801.q VLAN tagging and virtual firewalls on any interface. This means that sharing can occur securely on any device among multiple customers or applications for network-based, VoIP managed security services. Using the advanced rules-based routing features in the VPN Firewall Bricks, integration is possible with any third-party filtering devices using pure port-based routing, which is configurable to any rule. This feature enables the VPN Firewall Bricks to distribute functions, such as URL filtering and virus scanning throughout the network to existing or best-in-class devices in those categories. The rules-based routing (RBR) feature also enables load balancing across devices providing true Distributed Universal Threat Management (D-UTM). The application layer filters on the VPN Firewall Brick also permit the filtering and firewalling of complex protocols at the application layer (Layer 7 of the OSI Model). The common VoIP protocols,, NOE and H.323 are among the many application layer filters found in the VPN Firewall Bricks. During a VoIP call setup,, NOE and H.323 all dynamically open ports. If the firewall were to leave all of the approximately 64,000 applicable ports open, there would be virtually no network security at all when running these complex protocols. To secure the network while enabling the VoIP channels to open dynamically, the firewall needs to participate in the call setup and teardown. To do this, the VPN Firewall Brick acts like a passive packet sniffer, monitoring the call setup and opening the ports dynamically for an individual call only between the calling and called endpoints. In addition to dynamic pinholing capabilities, expert bandwidth management is absolutely essential for VoIP security. Most solutions have either no bandwidth management or management at the interface level only. At the interface level, hundreds of VoIP calls may be active at any one time. If a heavy data application or download starts running on that interface, some or all of the VoIP calls could either be lost or experience a severe drop in quality. The Alcatel-Lucent VPN Firewall Brick solves these problems by managing bandwidth at the interface, rule-set, rule and session level. This is a critical component when working with VoIP or any other real-time protocol, including streaming video and video conferencing. The ability to guarantee bandwidth for each individual session ensures quality of the session or VoIP call, as well as the selling of Service Level Agreements (SLAs); it also prevents hackers from exploiting VoIP sessions or ports. 4 Secure Voice over IP (VoIP) Solutions Application Note

8 Alcatel-Lucent VPN Firewall Brick high availability/failover Alcatel-Lucent IPSec Client The Alcatel-Lucent Security Management Server includes an Alcatel-Lucent VPN Firewall Brick feature that provides automatic failover configuration to ensure VoIP calls are not dropped due to a network or device failure. The feature allows an administrator to deploy two Alcatel-Lucent VPN Firewall Brick devices as a failover pair. Both devices share the same identity, including IP address, name and virtual MAC addresses (one per port). The first device to boot, or one designated by the administrator, becomes the active device in the pair. The second device is designated the standby (passive), ready to take over should the first device fail or become unhealthy in any way. From the administrator s viewpoint, the two devices are treated as one; both are connected to the same LANs and wired identically. Both the active and the standby Alcatel-Lucent VPN Firewall Brick devices issue regular heartbeat messages. The heartbeat indicates the presence of an active device, and allows devices to share health, status, and priority information. If the standby device does not receive appropriate heartbeats for the active device, it automatically becomes active. The active device may also yield to the standby device, if it determines that the standby device has better LAN connectivity. Along with the heartbeats, the active Alcatel-Lucent VPN Firewall Brick continuously sends session state information to the standby device. If the standby device has to take over, it already has all of the information it needs about the active sessions in order to keep those sessions alive. The Alcatel-Lucent IPSec Client is specifically built to support carrier-managed IP services. When deployed with the Alcatel-Lucent VPN Firewall Brick platforms, the IPSec Client is completely integrated and centrally managed by the Alcatel-Lucent Security Management Server, simplifying administration of large-scale, remote access VPNs. The Alcatel-Lucent Bricks also support a number of mobile clients for VoIP and UTM applications. Complete solution for total VoIP security The combination of the Security Management Server, Alcatel-Lucent VPN Firewall Brick portfolio, and the Alcatel-Lucent IPSec Client, enables VoIP services that are secure and roust. With these security solutions, VoIP deployments can be implemented that are secure, always available, and scale to meet changing requirements. Alcatel-Lucent is committed to user-centric security and offers a full portfolio of solutions and multivendor professional services to support dynamic enterprises as they evolve their risk management strategies. By leveraging innovative technologies from Bell Labs, and services teams with a global presence, Alcatel-Lucent delivers always-on security solutions that meet the needs of enterprises, small and large, in any industry. For more information, visit: security. Secure Voice over IP (VoIP) Solutions Application Note 5

9 Alcatel, Lucent, Alcatel-Lucent and the Alcatel-Lucent logo are trademarks of Alcatel-Lucent. All other trademarks are the property of their respective owners. The information presented is subject to change without notice. Alcatel-Lucent assumes no responsibility for inaccuracies contained herein. Copyright 2008 Alcatel-Lucent. All rights reserved. ENT (10)

Secure Voice over IP (VoIP) Networks

Secure Voice over IP (VoIP) Networks Secure Voice over IP (VoIP) Networks How to deploy a robust, secure VoIP solution that counters both external and internal threats and, at the same time, provides top quality of service. This White Paper:

More information

ENTERPRISE SESSION BORDER CONTROLLERS: SAFEGUARDING TODAY S AND TOMORROW S UNIFIED COMMUNICATIONS

ENTERPRISE SESSION BORDER CONTROLLERS: SAFEGUARDING TODAY S AND TOMORROW S UNIFIED COMMUNICATIONS ENTERPRISE SESSION BORDER CONTROLLERS: SAFEGUARDING TODAY S AND TOMORROW S UNIFIED COMMUNICATIONS ALCATEL-LUCENT OPENTOUCH SESSION BORDER CONTROLLER A SECURE SOLUTION FOR BORDERLESS CONVERSATIONS APPLICATION

More information

Lucent VPN Firewall Security in 802.11x Wireless Networks

Lucent VPN Firewall Security in 802.11x Wireless Networks Lucent VPN Firewall Security in 802.11x Wireless Networks Corporate Wireless Deployment is Increasing, But Security is a Major Concern The Lucent Security Products can Secure Your Networks This white paper

More information

A Brief Overview of VoIP Security. By John McCarron. Voice of Internet Protocol is the next generation telecommunications method.

A Brief Overview of VoIP Security. By John McCarron. Voice of Internet Protocol is the next generation telecommunications method. A Brief Overview of VoIP Security By John McCarron Voice of Internet Protocol is the next generation telecommunications method. It allows to phone calls to be route over a data network thus saving money

More information

ETM System SIP Trunk Support Technical Discussion

ETM System SIP Trunk Support Technical Discussion ETM System SIP Trunk Support Technical Discussion Release 6.0 A product brief from SecureLogix Corporation Rev C SIP Trunk Support in the ETM System v6.0 Introduction Today s voice networks are rife with

More information

Securing SIP Trunks APPLICATION NOTE. www.sipera.com

Securing SIP Trunks APPLICATION NOTE. www.sipera.com APPLICATION NOTE Securing SIP Trunks SIP Trunks are offered by Internet Telephony Service Providers (ITSPs) to connect an enterprise s IP PBX to the traditional Public Switched Telephone Network (PSTN)

More information

The term Virtual Private Networks comes with a simple three-letter acronym VPN

The term Virtual Private Networks comes with a simple three-letter acronym VPN Application Brief Nortel Networks Virtual Private Networking solutions for service providers Service providers addressing the market for Virtual Private Networking (VPN) need solutions that effectively

More information

White Paper A SECURITY GUIDE TO PROTECTING IP PHONE SYSTEMS AGAINST ATTACK. A balancing act

White Paper A SECURITY GUIDE TO PROTECTING IP PHONE SYSTEMS AGAINST ATTACK. A balancing act A SECURITY GUIDE TO PROTECTING IP PHONE SYSTEMS AGAINST ATTACK With organizations rushing to adopt Voice over IP (VoIP) technology to cut costs and integrate applications designed to serve customers better,

More information

Voice Over IP and Firewalls

Voice Over IP and Firewalls Introduction Voice Over IP and Firewalls By Mark Collier Chief Technology Officer SecureLogix Corporation mark.collier@securelogix.com Use of Voice Over IP (VoIP) in enterprises is becoming more and more

More information

Recommended IP Telephony Architecture

Recommended IP Telephony Architecture Report Number: I332-009R-2006 Recommended IP Telephony Architecture Systems and Network Attack Center (SNAC) Updated: 1 May 2006 Version 1.0 SNAC.Guides@nsa.gov This Page Intentionally Left Blank ii Warnings

More information

1 ABSTRACT 3 2 CORAL IP INFRASTRUCTURE 4

1 ABSTRACT 3 2 CORAL IP INFRASTRUCTURE 4 Coral IP Solutions TABLE OF CONTENTS 1 ABSTRACT 3 2 CORAL IP INFRASTRUCTURE 4 2.1 UGW 4 2.2 IPG 4 2.3 FLEXSET IP 5 2.4 FLEXIP SOFTPHONE 6 2.5 TELEPORT FXS/FXO GATEWAYS 7 2.6 CORAL SENTINEL 7 3 CORAL IP

More information

Permeo Technologies WHITE PAPER. HIPAA Compliancy and Secure Remote Access: Challenges and Solutions

Permeo Technologies WHITE PAPER. HIPAA Compliancy and Secure Remote Access: Challenges and Solutions Permeo Technologies WHITE PAPER HIPAA Compliancy and Secure Remote Access: Challenges and Solutions 1 Introduction The Healthcare Insurance Portability and Accountability Act (HIPAA) of 1996 has had an

More information

Unified Communications and Desktop Integration

Unified Communications and Desktop Integration S T R A T E G I C W H I T E P A P E R Unified Communications and Desktop Integration Unified communications (UC) is recognized as one of the top strategic new technology areas in IT operations. The Alcatel-Lucent

More information

Alcatel-Lucent Services

Alcatel-Lucent Services SOLUTION DESCRIPTION Alcatel-Lucent Services Security Introduction Security is a sophisticated business and technical challenge, and it plays an important role in the success of any network, service or

More information

Secure VoIP for optimal business communication

Secure VoIP for optimal business communication White Paper Secure VoIP for optimal business communication Learn how to create a secure environment for real-time audio, video and data communication over IP based networks. Andreas Åsander Manager, Product

More information

Deploying Secure Enterprise Wide IP Videoconferencing Across Virtual Private Networks

Deploying Secure Enterprise Wide IP Videoconferencing Across Virtual Private Networks Deploying Secure Enterprise Wide IP Videoconferencing Across Virtual Private Networks Document Overview This document provides an overview of how to effectively and securely provide IP-based videoconferencing

More information

IREBOX X. Firebox X Family of Security Products. Comprehensive Unified Threat Management Solutions That Scale With Your Business

IREBOX X. Firebox X Family of Security Products. Comprehensive Unified Threat Management Solutions That Scale With Your Business IREBOX X IREBOX X Firebox X Family of Security Products Comprehensive Unified Threat Management Solutions That Scale With Your Business Family of Security Products Comprehensive unified threat management

More information

Gigabit Multi-Homing VPN Security Router

Gigabit Multi-Homing VPN Security Router As Internet becomes essential for business, the crucial solution to prevent your Internet connection from failure is to have more than one connection. PLANET is a ideal to help the SMBs increase the broadband

More information

NEWT Managed PBX A Secure VoIP Architecture Providing Carrier Grade Service

NEWT Managed PBX A Secure VoIP Architecture Providing Carrier Grade Service NEWT Managed PBX A Secure VoIP Architecture Providing Carrier Grade Service This document describes the benefits of the NEWT Digital PBX solution with respect to features, hardware partners, architecture,

More information

The Cisco ASA 5500 as a Superior Firewall Solution

The Cisco ASA 5500 as a Superior Firewall Solution The Cisco ASA 5500 as a Superior Firewall Solution The Cisco ASA 5500 Series Adaptive Security Appliance provides leading-edge firewall capabilities and expands to support other security services. Firewalls

More information

SonicWALL Advantages Over WatchGuard

SonicWALL Advantages Over WatchGuard Competitive Analysis August 2001 WatchGuard SOHO - Product Overview WatchGuard Technologies extended its product offerings to the fast-growing broadband market through the acquisition of BeadleNet, LLC,

More information

Security & Reliability in VoIP Solution

Security & Reliability in VoIP Solution Security & Reliability in VoIP Solution July 19 th, 2006 Ram Ayyakad ram@ranchnetworks.com About My background Founder, Ranch Networks 20 years experience in the telecom industry Part of of architecture

More information

Industrial Firewalls Endpoint Security

Industrial Firewalls Endpoint Security Industrial Firewalls Endpoint Security Is there a need for a new type of industrial firewall? Industries have a huge park of different management and control systems to monitor their production. These

More information

Voice Over IP (VoIP) Denial of Service (DoS)

Voice Over IP (VoIP) Denial of Service (DoS) Introduction Voice Over IP (VoIP) Denial of Service (DoS) By Mark Collier Chief Technology Officer SecureLogix Corporation mark.collier@securelogix.com Denial of Service (DoS) is an issue for any IP network-based

More information

Connecting MPLS Voice VPNs Enabling the Secure Interconnection of Inter-Enterprise VoIP

Connecting MPLS Voice VPNs Enabling the Secure Interconnection of Inter-Enterprise VoIP Connecting MPLS Voice VPNs Enabling the Secure Interconnection of Inter-Enterprise VoIP Connecting MPLS Voice VPNs Enabling the secure interconnection of Inter-Enterprise VoIP Executive Summary: MPLS Virtual

More information

Session Border Controllers in Enterprise

Session Border Controllers in Enterprise A Light Reading Webinar Session Border Controllers in Enterprise Thursday, October 7, 2010 Hosted by Jim Hodges Senior Analyst Heavy Reading Sponsored by: Speakers Natasha Tamaskar VP Product Marketing

More information

Multi-layered Security Solutions for VoIP Protection

Multi-layered Security Solutions for VoIP Protection Multi-layered Security Solutions for VoIP Protection Copyright 2005 internet Security Systems, Inc. All rights reserved worldwide Multi-layered Security Solutions for VoIP Protection An ISS Whitepaper

More information

The Next Generation Network:

The Next Generation Network: JULY, 2012 The Next Generation Network: Why the Distributed Enterprise Should Consider Multi-circuit WAN VPN Solutions versus Traditional MPLS Tolt Solutions Network Services 125 Technology Drive Suite

More information

WAN Traffic Management with PowerLink Pro100

WAN Traffic Management with PowerLink Pro100 Whitepaper WAN Traffic Management with PowerLink Pro100 Overview In today s Internet marketplace, optimizing online presence is crucial for business success. Wan/ISP link failover and traffic management

More information

Best Practices for Securing IP Telephony

Best Practices for Securing IP Telephony Best Practices for Securing IP Telephony Irwin Lazar, CISSP Senior Analyst Burton Group Agenda VoIP overview VoIP risks Mitigation strategies Recommendations VoIP Overview Hosted by VoIP Functional Diagram

More information

Best Effort gets Better with MPLS. Superior network flexibility and resiliency at a lower cost with support for voice, video and future applications

Best Effort gets Better with MPLS. Superior network flexibility and resiliency at a lower cost with support for voice, video and future applications Best Effort gets Better with MPLS Superior network flexibility and resiliency at a lower cost with support for voice, video and future applications A White Paper on Multiprotocol Label Switching October,

More information

Migration from TDM to IP in Public Safety Environments: The Challenge for Voice Recording

Migration from TDM to IP in Public Safety Environments: The Challenge for Voice Recording 9-1-1 Magazine / published in December 2007 Migration from TDM to IP in Public Safety Environments: The Challenge for Voice Recording by Andreas Potyka, Product Management, ASC telecom AG VoIP communications

More information

Cisco Virtual Office Unified Contact Center Architecture

Cisco Virtual Office Unified Contact Center Architecture Guide Cisco Virtual Office Unified Contact Center Architecture Contents Scope of Document... 1 Introduction... 1 Platforms and Images... 2 Deployment Options for Cisco Unified Contact Center with Cisco

More information

Future-ready security for small and mid-size enterprises

Future-ready security for small and mid-size enterprises First line of defense for your network Quick Heal Terminator (UTM) (Unified Threat Management Solution) Data Sheet Future-ready security for small and mid-size enterprises Quick Heal Terminator is a high-performance,

More information

VOICE OVER IP SECURITY

VOICE OVER IP SECURITY VOICE OVER IP SECURITY February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part without

More information

Total Cost of Ownership: Benefits of Comprehensive, Real-Time Gateway Security

Total Cost of Ownership: Benefits of Comprehensive, Real-Time Gateway Security Total Cost of Ownership: Benefits of Comprehensive, Real-Time Gateway Security White Paper September 2003 Abstract The network security landscape has changed dramatically over the past several years. Until

More information

SonicWALL Clean VPN. Protect applications with granular access control based on user identity and device identity/integrity

SonicWALL Clean VPN. Protect applications with granular access control based on user identity and device identity/integrity SSL-VPN Combined With Network Security Introducing A popular feature of the SonicWALL Aventail SSL VPN appliances is called End Point Control (EPC). This allows the administrator to define specific criteria

More information

Security Considerations for DirectAccess Deployments. Whitepaper

Security Considerations for DirectAccess Deployments. Whitepaper Security Considerations for DirectAccess Deployments Whitepaper February 2015 This white paper discusses security planning for DirectAccess deployment. Introduction DirectAccess represents a paradigm shift

More information

PRODUCTS & TECHNOLOGY

PRODUCTS & TECHNOLOGY PRODUCTS & TECHNOLOGY DATA CENTER CLASS WAN OPTIMIZATION Today s major IT initiatives all have one thing in common: they require a well performing Wide Area Network (WAN). However, many enterprise WANs

More information

Introducing IBM s Advanced Threat Protection Platform

Introducing IBM s Advanced Threat Protection Platform Introducing IBM s Advanced Threat Protection Platform Introducing IBM s Extensible Approach to Threat Prevention Paul Kaspian Senior Product Marketing Manager IBM Security Systems 1 IBM NDA 2012 Only IBM

More information

Voice over IP Networks: Ensuring quality through proactive link management

Voice over IP Networks: Ensuring quality through proactive link management White Paper Voice over IP Networks: Ensuring quality through proactive link management Build Smarter Networks Table of Contents 1. Executive summary... 3 2. Overview of the problem... 3 3. Connectivity

More information

Marratech Technology Whitepaper

Marratech Technology Whitepaper Marratech Technology Whitepaper Marratech s technology builds on many years of focused R&D and key reference deployments. It has evolved into a market leading platform for Real Time Collaboration (RTC)

More information

Industrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1

Industrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1 Industrial Network Security for SCADA, Automation, Process Control and PLC Systems Contents 1 An Introduction to Industrial Network Security 1 1.1 Course overview 1 1.2 The evolution of networking 1 1.3

More information

ZyXEL offer more than just a product, we offer a solution. The Prestige DSL router family benefits providers and resellers enabling them to offer:

ZyXEL offer more than just a product, we offer a solution. The Prestige DSL router family benefits providers and resellers enabling them to offer: DSL Access Guide DSL Access Routers ZyXEL is a leading manufacturer and supplier of DSL and Voice over IP routers. ZyXEL offer a complete portfolio of routers suited for Telecoms providers, Internet Service

More information

Steelcape Product Overview and Functional Description

Steelcape Product Overview and Functional Description Steelcape Product Overview and Functional Description TABLE OF CONTENTS 1. General Overview 2. Applications/Uses 3. Key Features 4. Steelcape Components 5. Operations Overview: Typical Communications Session

More information

Alcatel-Lucent Office Communication Solutions for Small and Medium Businesses. Simplified communications for businesses on the move

Alcatel-Lucent Office Communication Solutions for Small and Medium Businesses. Simplified communications for businesses on the move Alcatel-Lucent Office Communication Solutions for Small and Medium Businesses Simplified communications for businesses on the move To succeed as a small or medium business (SMB), you need to keep customer

More information

Contents. Specialty Answering Service. All rights reserved.

Contents. Specialty Answering Service. All rights reserved. Contents 1 Introduction... 2 2 PBX... 3 3 IP PBX... 4 3.1 How It Works... 4 3.2 Functions of IP PBX... 5 3.3 Benefits of IP PBX... 5 4 Evolution of IP PBX... 6 4.1 Fuelling Factors... 6 4.1.1 Demands from

More information

IP Telephony Deployment Models

IP Telephony Deployment Models CHAPTER 2 Sections in this chapter address the following topics: Single Site, page 2-1 Multisite Implementation with Distributed Call Processing, page 2-3 Design Considerations for Section 508 Conformance,

More information

Securing the Small Business Network. Keeping up with the changing threat landscape

Securing the Small Business Network. Keeping up with the changing threat landscape Securing the Small Business Network Keeping up with the changing threat landscape Table of Contents Securing the Small Business Network 1 UTM: Keeping up with the Changing 2 Threat Landscape RFDPI: Not

More information

SIP Trunking with Microsoft Office Communication Server 2007 R2

SIP Trunking with Microsoft Office Communication Server 2007 R2 SIP Trunking with Microsoft Office Communication Server 2007 R2 A Dell Technical White Paper By Farrukh Noman Dell Product Group - Enterprise THIS WHITE PAPER IS FOR INFORMATIONAL PURPOSES ONLY, AND MAY

More information

MOBILITY & INTERCONNECTIVITY. Features SECURITY OF INFORMATION TECHNOLOGIES

MOBILITY & INTERCONNECTIVITY. Features SECURITY OF INFORMATION TECHNOLOGIES MOBILITY & INTERCONNECTIVITY Features SECURITY OF INFORMATION TECHNOLOGIES Frequent changes to the structure of enterprise workforces mean that many are moving away from the traditional model of a single

More information

Alcatel-Lucent Office Communication Solutions for Small and Medium Businesses. Simplified communications for businesses on the move

Alcatel-Lucent Office Communication Solutions for Small and Medium Businesses. Simplified communications for businesses on the move Alcatel-Lucent Office Communication Solutions for Small and Medium Businesses Simplified communications for businesses on the move To succeed as a small or medium business (SMB), you need to keep customer

More information

Virtualized Network Services SDN solution for enterprises

Virtualized Network Services SDN solution for enterprises Virtualized Network Services SDN solution for enterprises Nuage Networks Virtualized Network Services (VNS) is a fresh approach to business networking that seamlessly links your enterprise s locations

More information

Alcatel-Lucent Enterprise Converged Network Solution

Alcatel-Lucent Enterprise Converged Network Solution Alcatel-Lucent Enterprise Converged Network Solution Deliver a quality user experience, streamline operations and reduce costs The New Challenges in Delivering a High-quality User Experience Three key

More information

SIP Trunking Configuration with

SIP Trunking Configuration with SIP Trunking Configuration with Microsoft Office Communication Server 2007 R2 A Dell Technical White Paper End-to-End Solutions Team Dell Product Group - Enterprise THIS WHITE PAPER IS FOR INFORMATIONAL

More information

10 Key Things Your VoIP Firewall Should Do. When voice joins applications and data on your network

10 Key Things Your VoIP Firewall Should Do. When voice joins applications and data on your network 10 Key Things Your Firewall Should Do When voice joins applications and data on your network Table of Contents Making the Move to 3 10 Key Things 1 Security is More Than Physical 4 2 Priority Means Clarity

More information

Gigabit Content Security Router

Gigabit Content Security Router Gigabit Content Security Router As becomes essential for business, the crucial solution to prevent your connection from failure is to have more than one connection. PLANET is the Gigabit Content Security

More information

ENTERPRISE CONNECTIVITY

ENTERPRISE CONNECTIVITY ENTERPRISE CONNECTIVITY IP Services for Business, Governmental & Non-Governmental Organizations The success of today s organizations and enterprises highly depends on reliable and secure connectivity.

More information

Private Cloud Solutions Virtual Onsite Data Center

Private Cloud Solutions Virtual Onsite Data Center ZEROOUTAGES WHITE PAPER Private Cloud Solutions Virtual Onsite Data Center ZEROOUTAGES - WHITE PAPER Single Side / Balancing The ZeroOutages solution makes for a perfect link bonding/balancing device for

More information

Deploying the ShoreTel IP Telephony Solution with a Meru Networks Wireless LAN

Deploying the ShoreTel IP Telephony Solution with a Meru Networks Wireless LAN Deploying the ShoreTel IP Telephony Solution with a Meru Networks Wireless LAN Copyright 2005, Meru Networks, Inc. This document is an unpublished work protected by the United States copyright laws and

More information

Voice Over Internet Protocol (VOIP) SECURITY. Rick Kuhn Computer Security Division National Institute of Standards and Technology

Voice Over Internet Protocol (VOIP) SECURITY. Rick Kuhn Computer Security Division National Institute of Standards and Technology Voice Over Internet Protocol (VOIP) SECURITY Rick Kuhn Computer Security Division National Institute of Standards and Technology What is VOIP? Voice Over Internet Protocol Voice Communications over data-style

More information

NETASQ & PCI DSS. Is NETASQ compatible with PCI DSS? NG Firewall version 9

NETASQ & PCI DSS. Is NETASQ compatible with PCI DSS? NG Firewall version 9 NETASQ & PCI DSS Is NETASQ compatible with PCI DSS? We have often been asked this question. Unfortunately, even the best firewall is but an element in the process of PCI DSS certification. This document

More information

Gateways and Their Roles

Gateways and Their Roles Gateways and Their Roles Understanding Gateways This topic describes the role of voice gateways and their application when connecting VoIP to traditional PSTN and telephony equipment. Analog vs. Digital

More information

alcatel-lucent converged network solution The cost-effective, application fluent approach to network convergence

alcatel-lucent converged network solution The cost-effective, application fluent approach to network convergence alcatel-lucent converged network solution The cost-effective, application fluent approach to network convergence the corporate network is under pressure Today, corporate networks are facing unprecedented

More information

Attachment Q5. Voice over Internet Protocol (VoIP)

Attachment Q5. Voice over Internet Protocol (VoIP) DHS 4300A Sensitive Systems Handbook Attachment Q5 To Handbook v. 11.0 Voice over Internet Protocol (VoIP) Version 11.0 December 22, 2014 Protecting the Information that Secures the Homeland This page

More information

HughesNet Broadband VPN End-to-End Security Using the Cisco 87x

HughesNet Broadband VPN End-to-End Security Using the Cisco 87x HughesNet Broadband VPN End-to-End Security Using the Cisco 87x HughesNet Managed Broadband Services includes a high level of end-to-end security features based on a robust architecture designed to meet

More information

Implementing VoIP monitoring solutions. Deployment note

Implementing VoIP monitoring solutions. Deployment note Implementing VoIP monitoring solutions Deployment note Introduction With VoIP being an integral part of modern day business communications, enterprises are placing greater emphasis on the monitoring and

More information

TSC (Total Solution Communications Ltd)

TSC (Total Solution Communications Ltd) TSC (Total Solution Communications Ltd) 1 Parkway Drive, Mairangi Bay, North Harbour Phone: 09 477 2888 Fax: 09 477 2889 E-Mail: info@tsc.co.nz Web: www.tsc.co.nz A vaya IP Office Converged Communications

More information

VoIP Solutions Guide Everything You Need to Know

VoIP Solutions Guide Everything You Need to Know VoIP Solutions Guide Everything You Need to Know Simplify, Save, Scale VoIP: The Next Generation Phone Service Ready to Adopt VoIP? 10 Things You Need to Know 1. What are my phone system options? Simplify,

More information

Firewall Migration. Migrating to Juniper Networks Firewall/VPN Solutions. White Paper

Firewall Migration. Migrating to Juniper Networks Firewall/VPN Solutions. White Paper White Paper Firewall Migration Migrating to Juniper Networks Firewall/VPN Solutions Juniper Networks, Inc. 1194 North Mathilda Avenue Sunnyvale, California 94089 USA 408.745.2000 1.888 JUNIPER www.juniper.net

More information

INTRODUCTION TO FIREWALL SECURITY

INTRODUCTION TO FIREWALL SECURITY INTRODUCTION TO FIREWALL SECURITY SESSION 1 Agenda Introduction to Firewalls Types of Firewalls Modes and Deployments Key Features in a Firewall Emerging Trends 2 Printed in USA. What Is a Firewall DMZ

More information

Load Balancing for Microsoft Office Communication Server 2007 Release 2

Load Balancing for Microsoft Office Communication Server 2007 Release 2 Load Balancing for Microsoft Office Communication Server 2007 Release 2 A Dell and F5 Networks Technical White Paper End-to-End Solutions Team Dell Product Group Enterprise Dell/F5 Partner Team F5 Networks

More information

Providing Secure IT Management & Partnering Solution for Bendigo South East College

Providing Secure IT Management & Partnering Solution for Bendigo South East College Providing Secure IT Management & Partnering Solution for Bendigo South East College Why did Bendigo South East College engage alltasksit & DELL? BSEC is in the midst of school population growth in 2015,

More information

Packetized Telephony Networks

Packetized Telephony Networks Packetized Telephony Networks Benefits of Packet Telephony Networks Traditionally, the potential savings on long-distance costs was the driving force behind the migration to converged voice and data networks.

More information

ICTTEN5168A Design and implement an enterprise voice over internet protocol and a unified communications network

ICTTEN5168A Design and implement an enterprise voice over internet protocol and a unified communications network ICTTEN5168A Design and implement an enterprise voice over internet protocol and a unified communications network Release: 1 ICTTEN5168A Design and implement an enterprise voice over internet protocol and

More information

Configuring a Mediatrix 500 / 600 Enterprise SIP Trunk SBC June 28, 2011

Configuring a Mediatrix 500 / 600 Enterprise SIP Trunk SBC June 28, 2011 Configuring a Mediatrix 500 / 600 Enterprise SIP Trunk SBC June 28, 2011 Proprietary 2011 Media5 Corporation Table of Contents Introduction... 3 Solution Overview... 3 Network Topology... 4 Network Configuration...

More information

SIP Security Controllers. Product Overview

SIP Security Controllers. Product Overview SIP Security Controllers Product Overview Document Version: V1.1 Date: October 2008 1. Introduction UM Labs have developed a range of perimeter security gateways for VoIP and other applications running

More information

Simplify Your Network Security with All-In-One Unified Threat Management

Simplify Your Network Security with All-In-One Unified Threat Management Singtel Business Product Factsheet Brochure Managed Defense Unified Services Management Simplify Your Network Security with All-In-One Unified Management Singtel Managed Unified Management (UTM) Services,

More information

VoIP Virtual Private Networks: Bringing the Benefits of Convergence to the Enterprise

VoIP Virtual Private Networks: Bringing the Benefits of Convergence to the Enterprise VoIP Virtual Private Networks: Bringing the Benefits of Convergence to the Enterprise By Robert VanSickle Vice President Sales, Americas Region & Worldwide Sales Strategy VocalTec Communications www.vocaltec.com

More information

VMware vcloud Networking and Security Overview

VMware vcloud Networking and Security Overview VMware vcloud Networking and Security Overview Networks and Security for Virtualized Compute Environments WHITE PAPER Overview Organizations worldwide have gained significant efficiency and flexibility

More information

ALCATEL-LUCENT OPENTOUCH SUITE FOR SMALL AND MEDIUM BUSINESSES Simplified communications for businesses on the move

ALCATEL-LUCENT OPENTOUCH SUITE FOR SMALL AND MEDIUM BUSINESSES Simplified communications for businesses on the move ALCATEL-LUCENT OPENTOUCH SUITE FOR SMALL AND MEDIUM BUSINESSES Simplified communications for businesses on the move To succeed as a small or medium business (SMB), you need to keep customer satisfaction

More information

This document describes how the Meraki Cloud Controller system enables the construction of large-scale, cost-effective wireless networks.

This document describes how the Meraki Cloud Controller system enables the construction of large-scale, cost-effective wireless networks. This document describes how the Meraki Cloud Controller system enables the construction of large-scale, cost-effective wireless networks. Copyright 2009 Meraki, Inc. All rights reserved. Trademarks Meraki

More information

Security and the Mitel Teleworker Solution

Security and the Mitel Teleworker Solution Security and the Mitel Teleworker Solution White Paper July 2007 Copyright Copyright 2007 Mitel Networks Corporation. This document is unpublished and the following notice is affixed to protect Mitel Networks

More information

Silver Peak s Virtual Acceleration Open Architecture (VXOA)

Silver Peak s Virtual Acceleration Open Architecture (VXOA) Silver Peak s Virtual Acceleration Open Architecture (VXOA) A FOUNDATION FOR UNIVERSAL WAN OPTIMIZATION The major IT initiatives of today data center consolidation, cloud computing, unified communications,

More information

Solution Brief. Secure and Assured Networking for Financial Services

Solution Brief. Secure and Assured Networking for Financial Services Solution Brief Secure and Assured Networking for Financial Services Financial Services Solutions Page Introduction To increase competitiveness, financial institutions rely heavily on their networks to

More information

Sophos Certified Architect Course overview

Sophos Certified Architect Course overview Sophos Certified Architect Course overview UTM This course provides an in-depth study of UTM, designed for experienced technical professionals who will be planning, installing, configuring and supporting

More information

SIP Trunking: A new voice in communications service

SIP Trunking: A new voice in communications service Charter Business : White paper SIP Trunking: A new voice in communications service WHITE PAPER With the rise of next-generation technology, business customers have more options than ever from providers

More information

What is an E-SBC? WHITE PAPER

What is an E-SBC? WHITE PAPER Executive Summary Enterprise communications is in a state of transformation. Businesses are replacing conventional PBX systems with VoIP and Unified Communications (UC) solutions and cloud-based services

More information

Cisco Virtual Office Flexibility and Productivity for the Remote Workforce

Cisco Virtual Office Flexibility and Productivity for the Remote Workforce Cisco Virtual Office Flexibility and Productivity for the Remote Workforce Cisco Virtual Office Overview Q. What is the Cisco Virtual Office? A. The Cisco Virtual Office solution provides secure, rich

More information

Virtual private network. Network security protocols VPN VPN. Instead of a dedicated data link Packets securely sent over a shared network Internet VPN

Virtual private network. Network security protocols VPN VPN. Instead of a dedicated data link Packets securely sent over a shared network Internet VPN Virtual private network Network security protocols COMP347 2006 Len Hamey Instead of a dedicated data link Packets securely sent over a shared network Internet VPN Public internet Security protocol encrypts

More information

APPLICATION NOTE. Benefits of MPLS in the Enterprise Network

APPLICATION NOTE. Benefits of MPLS in the Enterprise Network APPLICATION NOTE Benefits of MPLS in the Enterprise Network Abstract As enterprises evolve to keep pace with the ever-changing business climate, enterprises networking needs are becoming more dynamic.

More information

FIREWALL. Features SECURITY OF INFORMATION TECHNOLOGIES

FIREWALL. Features SECURITY OF INFORMATION TECHNOLOGIES FIREWALL Features SECURITY OF INFORMATION TECHNOLOGIES To ensure that they stay competitive and in order to expand their activity, businesses today know it is in their best interests to open up more channels

More information

Virtualized Network Services SDN solution for service providers

Virtualized Network Services SDN solution for service providers Virtualized Network Services SDN solution for service providers Nuage Networks Virtualized Network Services (VNS) is a fresh approach to business networking that seamlessly links your enterprise customers

More information

Gigabit SSL VPN Security Router

Gigabit SSL VPN Security Router As Internet becomes essential for business, the crucial solution to prevent your Internet connection from failure is to have more than one connection. PLANET is the ideal to help the SMBs increase the

More information

Convergence: The Foundation for Unified Communications

Convergence: The Foundation for Unified Communications Convergence: The Foundation for Unified Communications Authored by: Anthony Cimorelli, Senior Product Marketing Manager Onofrio Norm Schillaci, Principal Sales Engineer Michelle Soltesz, Director, Marketing

More information

White Paper. Solutions to VoIP (Voice over IP) Recording Deployment

White Paper. Solutions to VoIP (Voice over IP) Recording Deployment White Paper Solutions to VoIP (Voice over IP) Recording Deployment Revision 2.1 September 2008 Author: Robert Wright (robert.wright@ultra-audiosoft.com), BSc (Hons) Ultra Electronics AudioSoft, October

More information

NetDefend Firewall UTM Services

NetDefend Firewall UTM Services NetDefend Firewall UTM Services Unified Threat Management D-Link NetDefend UTM firewalls integrate an Intrusion Prevention System (IPS), gateway AntiVirus (AV), and Web Content Filtering (WCF) for superior

More information

VPLS lies at the heart of our Next Generation Network approach to creating converged, simplified WANs.

VPLS lies at the heart of our Next Generation Network approach to creating converged, simplified WANs. Virtual Private LAN Service (VPLS) A WAN that thinks it s a LAN. VPLS is a high security, low latency means to connect sites or services either point-to-point or as a mesh. We use Virtual Private LAN Service

More information

NetDefend Firewall UTM Services

NetDefend Firewall UTM Services NetDefend Firewall UTM Services Unified Threat Management D-Link NetDefend UTM firewalls (DFL-260/860) integrate an Intrusion Prevention System (IPS), gateway AntiVirus (AV), and Web Content Filtering

More information

Symantec Enterprise Firewalls. From the Internet Thomas Jerry Scott

Symantec Enterprise Firewalls. From the Internet Thomas Jerry Scott Symantec Enterprise Firewalls From the Internet Thomas Symantec Firewalls Symantec offers a whole line of firewalls The Symantec Enterprise Firewall, which emerged from the older RAPTOR product We are

More information