VoIP Security How to prevent eavesdropping on VoIP conversa8ons. Dmitry Dessiatnikov

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "VoIP Security How to prevent eavesdropping on VoIP conversa8ons. Dmitry Dessiatnikov"

Transcription

1 VoIP Security How to prevent eavesdropping on VoIP conversa8ons Dmitry Dessiatnikov

2 DISCLAIMER All informa8on in this presenta8on is provided for informa8on purposes only and in no event shall Security Aim be liable for any direct, indirect, incidental, or other special damages however caused arising in any way out of the use of informa8on in this presenta8on.

3 Who Am I? 15 years in IT security consul8ng & opera8ons President at Security Aim Security Assessments and Penetra8on Tes8ng SANS Community Instructor Sec 542 Salt Lake OWASP Chapter Leader Board Member UtahSec.org

4 Agenda Background why secure VoIP? VoIP how is enterprise exposed? Compromise VoIP phone and eavesdrop on VoIP communica8ons VLAN Hopping Cisco Unified Communica8on Issues and Security Configura8on SeVngs Harden Cisco IP phones Conclusions

5 What is VoIP? Voice over Internet Protocol (VoIP) allows for the voice and mul8media traffic to be sent as data packets over an IP network. Such benefits as cost savings, portability and integra8on with other applica8ons resulted in its wide adop8on in the corporate environments.

6 VoIP Security Issues VoIP inherited the security issues of the Internet protocol that did not exist in the circuit switched systems and that are ozen overlooked in the real world.

7 Is Voice Data Worth Securing? Hospital ER Phones Extor8on Denial of Service A[acks 911 Call Centers Public Safety Agencies Businesses

8 Is Voice Data Worth Securing? That depends on what is being discussed or communicated US Government officials phone calls US Assistant Secretary of State for European Affairs and the US ambassador to Ukraine Result: US apologized to EU Could be worse: WWIII

9 Is Voice Data Worth Securing? In the enterprise phone conversa8ons may contain: PII PHI Credit Card Data Intellectual Property Compe88ve Data Insider Trading

10 Is Anyone AZer Your Voice Data? Doing Research in This Field Mistakenly Offered Money for What Would be Considered Phone Hacking Some8mes Price is Irrelevant Obviously the Offers Are Always Declined

11 Cisco Unified Communica8ons The security issues with the implementa8on of the commonly deployed in business Cisco Unified Communica8ons solu8on and Cisco IP phones The a[ackers can abuse the common security misconfigura8ons of the Unified Communica8ons system and of the underlying network to eavesdrop on the VoIP phone calls

12 Cisco Unified Communica8ons - External External or Internal only? Employees have IP phones at the remote loca8ons or home to receive phone calls Properly secured to connect back to the Call Managers

13 Who Uses Cisco Phones? Corporate Offices Hospitals Banks Power Plants The Office Dwight? Source: h[p://www.omgfacts.com/lists/678/15- Facts- About- Popular- TV- Shows- You- Didn- t- Know

14 Who Else Uses Cisco Phones? The President Source: h[p://electrospaces.blogspot.com/2012/02/does- obama- really- lacks- cool- phones.html

15 VoIP VLANs VoIP traffic is placed in a Voice VLAN to segregate it from a data VLAN, which is considered a security control However, commonly no access controls used to restrict users from accessing the VoIP network and to prevent the VLAN hopping resul8ng in the intercep8on of phone conversa8ons

16 VoIP VLAN hopping The ability to gain access to the VoIP traffic from the data VLAN Learn the VoIP VLAN ID from: CDP broadcast packets on the VoIP network The se6ngs screen of an IP phone Manually assign interface VLAN

17 VoIP VLAN hopping (cont.) Manually assign interface VLAN using 802.1Q VLAN Implementa8on for Linux

18 VoIP VLAN hopping (cont.) Manually assign interface VLAN on OSX System Preferences, then click Network, choose Manage Virtual Interfaces and add VLAN Select Configure IPv4 using DHCP

19 Regular ARP- Poison MITM ARP- poison the VoIP phones to eavesdrop on the conversa8ons

20 Recommenda8ons Restrict access between the user data VLANs and the VoIP infrastructure VLANs Use stateful firewalls or VLAN ACLs for inter- zone communica8ons In public areas lock phone to the wall Disable the port when the VoIP phone is unplugged Consider implemen8ng MACSec defined in IEEE 802.1AE standard to mi8gate 802.1x limita8ons

21 How to iden8fy the target To target specific users download the corporate directory of users from the VoIP TFTP server TFTP? Really?

22 Cisco Unified Communica8ons Manager Common Issues Insecure Creden8al Policy Security Mode Disabled Configura8on File Encryp8on not Enabled Lack of authen8ca8on for the download of IP phone cer8ficate enrollment

23 Cisco Unified Communica8ons Manager

24 Cisco Unified Communica8ons Manager When the Device Security Mode is set to Non Secure in the CUCM Phone Security Profile Configura8on, the call setup and the actual call traffic is not encrypted or secured When the TFTP Encrypted Config sevng is not selected, the phone provisioning and registra8on occurs in clear text Retrieve registra8on informa8on for every phone on the network from the TFTP server

25 Cisco Unified Communica8ons Manager Cer8ficate Authority Proxy Func8on (CAPF) is used to install, upgrade, or delete locally significant cer8ficates on the supported Cisco Unified IP Phone models. The By Null String authen8ca8on mode disables authen8ca8on for the download of IP Phone cer8ficate enrollment. Because no user interven8on is needed, remote a[ackers may be able to provision the rouge cer8ficates on the phones by resevng or reboo8ng the devices.

26 Cisco Unified Communica8ons Manager Solu8ons Enable the Check for Trivial Passwords All user logins and voic PINs will meet the complexity criteria Disable the No Limit for Failed Logons Set the failed logon counter Select the Administrator Must Unlock

27 Cisco Unified Communica8ons Manager Solu8ons Enable the encrypted device security mode Offers integrity, authen8ca8on and encryp8on through the use of TLS connec8ons with the AES128/SHA encryp8on for signaling Uses Secure Real Time Protocol for carrying the actual phone call media Not all phones support encrypted calls

28 Cisco Unified Communica8ons Manager Solu8ons Enable TFTP Encrypted Config sevng to encrypt the phone configura8on files that the IP phones download from the provisioning TFTP servers Authen8cate cer8ficate enrollment based on a pre- exis8ng Locally Significant Cer8ficate (LSC) Use By Exis8ng Cer8ficate (Precedence to LSC) sevng for the authen8ca8on mode

29 Cisco Unified Communica8ons Manager Solu8ons The solu8on has had some security issues with the cer8ficate valida8on of new CTLs To mi8gate: Perform ini8al CTL deployment in a trusted environment Review valida8on of the new CTLs Reference: Blackhat Europe 2012: All Your Calls Are S8ll Belong to Us by Enno Rey & Daniel Mende

30 Mi8ga8ng Controls Some models have Security By Default (SBD) enabled If an a[acker a[empts to modify the phone sevngs using a configura8on file from a rouge TFTP server the phone rejects the file due to a signature verifica8on failure because the file has the signature that does not match the Ini8al Trust List (ITL) of the phone

31 Cisco Phones Security Issues The following sevngs have security implica8ons that are not commonly disabled on the reviewed IP phones, thus exposing them to unauthorized modifica8ons: SeVng Access PC Port SeVng PC Voice VLAN Access Gratuitous ARP Web Access

32 SeVng Access By default, pressing the SeVngs bu[on on a Cisco IP Phone provides access to a variety of informa8on, including phone configura8ons that have security implica8ons. Disable the SeVng Access sevng through the Cisco CallManager Administra8on. These sevngs do not display on the phone if they are disabled in the Cisco CallManager Administra8on. Change the default password to override sevngs.

33 An integrated switch PC Voice VLAN access Default sevng to enable the PC port on all Cisco IP phones. Disable in the public areas: lunch areas or conference rooms Enabled PC Port for a short period of 8me during the boot up process before it is disabled

34 Override Phone SeVngs Cisco IP phones receive sevngs over TFTP Disable the ability to specify a rouge TFTP server for provisioning ARP poison the network to make phones connect to rouge TFTP server Download phone config file and modify it Push it out using a rouge TFTP server

35 Password Protect Your Phones The SeVngs menu password is not set by default on the phones that are even used in the public areas Allows for the provisioned security sevngs to be modified by unlocking the phone with the ***# combina8on The PC Port Configura8on sevng can be changed to Auto Nego8ate instead of Disabled

36 Password Protect Your Phones

37 Eavesdropping on VoIP conversa8ons DEMO

38 Conclusion Be aware of the risks before you make significant 8me and financial investment Don t make assump8ons about security enforced by the manufacturers Securely configure Cisco Unified Communica8ons Manager solu8on and phones To know if your VoIP environment is secure validate controls through tes8ng!

39 Q & A Slides: Contact: Dd[at]securityaim[dot]com

NATIONAL SECURITY AGENCY Ft. George G. Meade, MD

NATIONAL SECURITY AGENCY Ft. George G. Meade, MD NATIONAL SECURITY AGENCY Ft. George G. Meade, MD Serial: I732-010R-2008 30 April 2008 Network Infrastructure Division Systems and Network Analysis Center Activating Authentication and Encryption for Cisco

More information

Phone Systems Buyer s Guide

Phone Systems Buyer s Guide Phone Systems Buyer s Guide Contents How Cri(cal is Communica(on to Your Business? 3 Fundamental Issues 4 Phone Systems Basic Features 6 Features for Users with Advanced Needs 10 Key Ques(ons for All Buyers

More information

NATIONAL SECURITY AGENCY Ft. George G. Meade, MD

NATIONAL SECURITY AGENCY Ft. George G. Meade, MD NATIONAL SECURITY AGENCY Ft. George G. Meade, MD Serial: I732-001R-2010 28 April 2010 Network Infrastructure Division Systems and Network Analysis Center Activating Authentication and Encryption for Cisco

More information

CSE/ISE 311: Systems Administra5on Network Firewalls

CSE/ISE 311: Systems Administra5on Network Firewalls Network Firewalls Don Porter Firewalls: An Essen2al Tool Previous Lectures: Every service on a system visible to the outside world is a poten2al a>ack vector Observa2ons: It is really hard to police every

More information

Preparing to Deploy Cisco IP Communicator

Preparing to Deploy Cisco IP Communicator 2 CHAPTER This chapter describes the required and recommended tasks for deploying Cisco IP Communicator. It also provides instructions for adding Cisco IP Communicator devices to the Cisco Unified (formerly

More information

Mobile Applica,on and BYOD (Bring Your Own Device) Security Implica,ons to Your Business. Dmitry Dessiatnikov

Mobile Applica,on and BYOD (Bring Your Own Device) Security Implica,ons to Your Business. Dmitry Dessiatnikov Mobile Applica,on and BYOD (Bring Your Own Device) Security Implica,ons to Your Business Dmitry Dessiatnikov DISCLAIMER All informa,on in this presenta,on is provided for informa,on purposes only and in

More information

Recommended IP Telephony Architecture

Recommended IP Telephony Architecture Report Number: I332-009R-2006 Recommended IP Telephony Architecture Systems and Network Attack Center (SNAC) Updated: 1 May 2006 Version 1.0 SNAC.Guides@nsa.gov This Page Intentionally Left Blank ii Warnings

More information

Cisco Unified IP Phone Settings

Cisco Unified IP Phone Settings Phone Settings Overview, page 1 Cisco Unified IP Phone Menus, page 1 Phone Setup s, page 4 Network Configuration Menu, page 6 Device Configuration Menu, page 26 Security Configuration Menu, page 50 Phone

More information

The Pitfalls of Encrypted Networks in Banking Operations Compliance Success in two industry cases

The Pitfalls of Encrypted Networks in Banking Operations Compliance Success in two industry cases The Pitfalls of Encrypted Networks in Banking Operations Compliance Success in two industry cases Elba Horta Regional Sales Manager, Southern Europe SSH Communica1ons Security elba.horta@ssh.com ENABLE,

More information

An Overview of the Cisco Unified Wireless IP Phone 7921G

An Overview of the Cisco Unified Wireless IP Phone 7921G CHAPTER1 An Overview of the Cisco Unified Wireless IP Phone 7921G The Cisco Unified Wireless IP Phone 7921G provides wireless voice communication over an Internet Protocol (IP) network. Like traditional

More information

Wireless Networks: Network Protocols/Mobile IP

Wireless Networks: Network Protocols/Mobile IP Wireless Networks: Network Protocols/Mobile IP Mo$va$on Data transfer Encapsula$on Security IPv6 Problems DHCP Adapted from J. Schiller, Mobile Communications 1 Mo$va$on for Mobile IP Rou$ng based on IP

More information

Cisco 7940 How To. (c) 2003-2010 Bicom Systems

Cisco 7940 How To. (c) 2003-2010 Bicom Systems Cisco 7940 How To Cisco 7940 How To All rights reserved. No parts of this work may be reproduced in any form or by any means - graphic, electronic, or mechanical, including photocopying, recording, taping,

More information

Voice over IP. VoIP (In) Security. Presented by Darren Bilby NZISF 14 July 2005

Voice over IP. VoIP (In) Security. Presented by Darren Bilby NZISF 14 July 2005 Voice over IP VoIP (In) Security Presented by Darren Bilby NZISF 14 July 2005 Security-Assessment.com Who We Are NZ s only pure-play security firm Largest team of security professionals in NZ Offices in

More information

Security testing the Internet-of-things

Security testing the Internet-of-things Security testing the Internet-of-things Lindholmen Software Development Day 2014-10-16 Emilie Lundin Barse Informa(on Security Consultant, Combitech emilie.barse@combitech.se Contents State of security

More information

FTC Data Security Standard

FTC Data Security Standard FTC Data Security Standard The FTC takes the posi6on (Being tested now in li6ga6on) that Sec6on 5 of the FTC Act requires Reasonable Security under the circumstances: that companies have reasonable controls

More information

End User Configuration

End User Configuration CHAPTER114 The window in Cisco Unified Communications Manager Administration allows the administrator to add, search, display, and maintain information about Cisco Unified Communications Manager end users.

More information

Configuring Settings on the Cisco Unified Wireless IP Phone 7925G

Configuring Settings on the Cisco Unified Wireless IP Phone 7925G CHAPTER 5 Configuring Settings on the Cisco Unified Wireless IP Phone 7925G This chapter describes the available configuration settings on the Cisco Unified Wireless IP Phone 7925G. It contains the following

More information

The Trivial Cisco IP Phones Compromise

The Trivial Cisco IP Phones Compromise Security analysis of the implications of deploying Cisco Systems SIP-based IP Phones model 7960 Ofir Arkin Founder The Sys-Security Group ofir@sys-security.com http://www.sys-security.com September 2002

More information

Ruckus Wireless access point set up from an Audio Everywhere streaming perspec;ve. Lance Glasser 6 June 2015

Ruckus Wireless access point set up from an Audio Everywhere streaming perspec;ve. Lance Glasser 6 June 2015 Ruckus Wireless access point set up from an Audio Everywhere streaming perspec;ve Lance Glasser 6 June 2015 Overview Ruckus access points are a very good choice for Audio Everywhere systems. Over the next

More information

Setting Up the Cisco Unified IP Phones

Setting Up the Cisco Unified IP Phones CHAPTER 3 This chapter includes the following topics, which help you install the Cisco Unified IP Phones on an IP telephony network: Before You Begin, page 3-1 Understanding the Cisco Unified IP Phone

More information

Threats to be considered (1) ERSTE GROUP

Threats to be considered (1) ERSTE GROUP VoIP-Implementation Lessons Learned Philipp Schaumann Erste Group Bank AG Group IT-Security philipp.schaumann@erstegroup.com http://sicherheitskultur.at/ Seite 1 Threats to be considered (1) Eavesdropping

More information

CSA SDP Working Group

CSA SDP Working Group CSA SDP Working Group An Open Source Code Project for a Software Defined Perimeter to Defend Cloud Applications from DDoS CSA Conference - Berlin November 2015 DHS Problem Addressing the Changing Perimeter

More information

Ports Reference Guide for Cisco Virtualization Experience Media Engine for SUSE Linux Release 9.0

Ports Reference Guide for Cisco Virtualization Experience Media Engine for SUSE Linux Release 9.0 Ports Reference Guide for Cisco Virtualization Experience Media Engine for SUSE Linux Release 9.0 Ports 2 Virtualization Experience Media Engine 2 Virtualization Experience Client Manager 3 Cisco Jabber

More information

The Seven Habits of State-of-the-Art Mobile App Security

The Seven Habits of State-of-the-Art Mobile App Security #mstrworld The Seven Habits of State-of-the-Art Mobile App Security Mobile Security 8 July 2014 Anand Dwivedi, Product Manager, MicroStrategy strworld Agenda - Seven Habits of State of the Art Mobile App

More information

University of Utah WAN Firewall Presenta6on

University of Utah WAN Firewall Presenta6on University of Utah WAN Firewall Presenta6on Raising Awareness of our WAN Firewall Issues This document is for internal University of Utah use only. 4 Key Internet Firewall Ques6ons Who do we serve and

More information

IP PBX. SD Card Slot. FXO Ports. PBX WAN port. FXO Ports LED, RED means online

IP PBX. SD Card Slot. FXO Ports. PBX WAN port. FXO Ports LED, RED means online 1 IP PBX SD Card Slot FXO Ports PBX LAN port PBX WAN port FXO Ports LED, RED means online 2 Connect the IP PBX to Your LAN Internet PSTN Router Ethernet Switch FXO Ports 3 Access the PBX s WEB GUI The

More information

TotalCloud Phone System

TotalCloud Phone System TotalCloud Phone System Cisco SF 302-08P PoE VLAN Configuration Guide Note: The below information and configuration is for deployment of the Cbeyond managed switch solution using the Cisco 302 8 port Power

More information

LifeSize Video Communications Systems Administrator Guide

LifeSize Video Communications Systems Administrator Guide LifeSize Video Communications Systems Administrator Guide November 2009 Copyright Notice 2005-2009 LifeSize Communications Inc, and its licensors. All rights reserved. LifeSize Communications has made

More information

Network Performance Tools

Network Performance Tools Network Performance Tools Jeff Boote Internet2/R&D June 1, 2008 NANOG 43/ Brooklyn, NY Overview BWCTL OWAMP NDT/NPAD BWCTL: What is it? A resource alloca=on and scheduling daemon for arbitra=on of iperf

More information

Kerio Operator. Getting Started Guide

Kerio Operator. Getting Started Guide Kerio Operator Getting Started Guide 2011 Kerio Technologies. All rights reserved. 1 About Kerio Operator Kerio Operator is a PBX software for small and medium business customers. Kerio Operator is based

More information

Setting Up the Cisco Unified IP Phone

Setting Up the Cisco Unified IP Phone CHAPTER 3 This chapter includes the following topics, which help you install the Cisco Unified IP Phone on an IP telephony network: Before You Begin, page 3-1 Understanding the Cisco Unified IP Phone 7962G

More information

An Integrated Security System of Protec5ng Smart Grid against Cyber A9acks Authors: Dong Wei, Yan Lu, Mohsen Jafari, Paul Skare, and Kenneth Rhode

An Integrated Security System of Protec5ng Smart Grid against Cyber A9acks Authors: Dong Wei, Yan Lu, Mohsen Jafari, Paul Skare, and Kenneth Rhode An Integrated Security System of Protec5ng Smart Grid against Cyber A9acks Authors: Dong Wei, Yan Lu, Mohsen Jafari, Paul Skare, and Kenneth Rhode Presenter: Somo Peyechu Submi9ed in Par5al Fulfillment

More information

Note: This case study utilizes Packet Tracer. Please see the Chapter 5 Packet Tracer file located in Supplemental Materials.

Note: This case study utilizes Packet Tracer. Please see the Chapter 5 Packet Tracer file located in Supplemental Materials. Note: This case study utilizes Packet Tracer. Please see the Chapter 5 Packet Tracer file located in Supplemental Materials. CHAPTER 5 OBJECTIVES Configure a router with an initial configuration. Use the

More information

Online Enrollment Op>ons - Sales Training. 2011. Benefi+ocus.com, Inc. All rights reserved. Confiden>al and Proprietary 1

Online Enrollment Op>ons - Sales Training. 2011. Benefi+ocus.com, Inc. All rights reserved. Confiden>al and Proprietary 1 Online Enrollment Op>ons - Sales Training 2011. Benefi+ocus.com, Inc. All rights reserved. Confiden>al and Proprietary 1 Agenda Understand Why This is Important Enrollment Op>ons Available EDI Blues Enroll

More information

Tool for Automated Provisioning System (TAPS) Version 1.2 (1027)

Tool for Automated Provisioning System (TAPS) Version 1.2 (1027) Tool for Automated Provisioning System (TAPS) Version 1.2 (1027) 2015 VoIP Integration Rev. July 24, 2015 Table of Contents Product Overview... 3 Application Requirements... 3 Cisco Unified Communications

More information

Network Security. Computer Security & Forensics. Security in Compu5ng, Chapter 7. l Network Defences. l Firewalls. l Demilitarised Zones

Network Security. Computer Security & Forensics. Security in Compu5ng, Chapter 7. l Network Defences. l Firewalls. l Demilitarised Zones Network Security Security in Compu5ng, Chapter 7 Topics l Network AAacks l Reconnaissance l AAacks l Spoofing l Web Site Vulnerabili5es l Denial of Service l Network Defences l Firewalls l Demilitarised

More information

Configuring the Cisco Unified IP Phone for MIDlets

Configuring the Cisco Unified IP Phone for MIDlets CHAPTER 2 Configuring the Cisco Unified IP Phone for MIDlets Revised: January 2012, Contents This chapter describes how to configure and manage the Cisco Unified IP Phone and the Enhanced Phone User Interface

More information

Cloudvue Remote Desktop Client GUI User Guide

Cloudvue Remote Desktop Client GUI User Guide Cloudvue Remote Desktop Client GUI User Guide I. To connect to a Windows server - After power up, the login screen will be displayed. A. Auto Search/User Defined Use Auto Search to find available Windows

More information

Phone security. Phone security. This chapter provides information about phone security.

Phone security. Phone security. This chapter provides information about phone security. This chapter provides information about phone security., page 1 Trusted devices, page 2 Phone model support, page 3 Preferred vendor SIP phone security set up, page 4 View phone security settings, page

More information

Fonality. Optimum Business Trunking and the Fonality Trixbox Pro IP PBX Standard Edition V4.1.2- p13 Configuration Guide

Fonality. Optimum Business Trunking and the Fonality Trixbox Pro IP PBX Standard Edition V4.1.2- p13 Configuration Guide Fonality Optimum Business Trunking and the Fonality Trixbox Pro IP PBX Standard Edition V4.1.2- p13 Configuration Guide Fonality Table of Contents 1. Overview 2. SIP Trunk Adaptor Set-up Instructions 3.

More information

Mobility in the Modern Factory. Discussion of Mobile Adop7on for the Factories of the Future

Mobility in the Modern Factory. Discussion of Mobile Adop7on for the Factories of the Future Mobility in the Modern Factory Discussion of Mobile Adop7on for the Factories of the Future Talking Points History Lesson The Reasons for Going Mobile Mobile Infrastructure Mobile Device Security BYOD

More information

NIST Email Security Improvements. William C. Barker and Scott Rose October 22, 2015 M3AAWG 35 th General Meeting

NIST Email Security Improvements. William C. Barker and Scott Rose October 22, 2015 M3AAWG 35 th General Meeting NIST Email Security Improvements William C. Barker and Scott Rose October 22, 2015 M3AAWG 35 th General Meeting Presenters Scott Rose Computer Scientist, NIST ITL William (Curt) Barker Guest Researcher,

More information

Cisco CallManager configuration for BLU-103

Cisco CallManager configuration for BLU-103 Cisco CallManager configuration for BLU-103 This document details the steps required to configure a Cisco CallManager VoIP system to work with a BLU-103 VoIP interface. 10653 South River Front Pkwy, Suite

More information

Configuring the Edgewater 4550 for use with the Bluestone Hosted PBX

Configuring the Edgewater 4550 for use with the Bluestone Hosted PBX Configuring the Edgewater 4550 for use with the Bluestone Hosted PBX NOTE: This is an advisory document to be used as an aid to resellers and IT staff looking to use the Edgewater 4550 in conjunction with

More information

Setting Up the Cisco IP Phone

Setting Up the Cisco IP Phone CHAPTER 3 This chapter includes this following topics, which help you install the Cisco IP Phone on an IP telephony network: Before You Begin, page 3-1 Installing the Cisco IP Phone, page 3-6 Adjusting

More information

Integrating a Hitachi IP5000 Wireless IP Phone

Integrating a Hitachi IP5000 Wireless IP Phone November, 2007 Avaya Quick Edition Integrating a Hitachi IP5000 Wireless IP Phone This application note explains how to configure the Hitachi IP5000 wireless IP telephone to connect with Avaya Quick Edition

More information

210-060. Implementing Cisco Collaboration Devices v1.0. Version: Demo. Page <<1/10>>

210-060. Implementing Cisco Collaboration Devices v1.0. Version: Demo. Page <<1/10>> 210-060 Implementing Cisco Collaboration Devices v1.0 Version: Demo Page 1. Which two technologies comprise a Cisco Presence deployment? (Choose two.) A. Cisco Unified Presence Server B. Cisco

More information

DPH-140S SIP Phone Quick User Guide

DPH-140S SIP Phone Quick User Guide DPH-140S SIP Phone Quick User Guide Version 1.0 TABLE OF CONTENTS 1.0 INTRODUCTION... 1 2.0 PACKAGE CONTENT... 1 3.0 LIST OF FIGURES... 2 4.0 SUMMARY OF KEY FUNCTIONS... 3 5.0 CONNECTING THE IP PHONE...

More information

P160S SIP Phone Quick User Guide

P160S SIP Phone Quick User Guide P160S SIP Phone Quick User Guide Version 2.2 TABLE OF CONTENTS 1.0 INTRODUCTION... 1 2.0 PACKAGE CONTENT... 1 3.0 LIST OF FIGURES... 2 4.0 SUMMARY OF KEY FUNCTIONS... 3 5.0 CONNECTING THE IP PHONE... 4

More information

a) Encryption is enabled on the access point. b) The conference room network is on a separate virtual local area network (VLAN)

a) Encryption is enabled on the access point. b) The conference room network is on a separate virtual local area network (VLAN) MIS5206 Week 12 Your Name Date 1. Which significant risk is introduced by running the file transfer protocol (FTP) service on a server in a demilitarized zone (DMZ)? a) User from within could send a file

More information

Configure WorkGroup Bridge on the WAP131 Access Point

Configure WorkGroup Bridge on the WAP131 Access Point Article ID: 5036 Configure WorkGroup Bridge on the WAP131 Access Point Objective The Workgroup Bridge feature enables the Wireless Access Point (WAP) to bridge traffic between a remote client and the wireless

More information

Hands-on MESH Network Exercise Workbook

Hands-on MESH Network Exercise Workbook Hands-on MESH Network Exercise Workbook Santa Clara County RACES Date: 18 March 2015 Version: 1.0 scco_wifi_intro_exonly_v150318.docx 1 Table of Contents HANDS ON! Exercise #1: Looking at your Network

More information

DIGIPASS Authentication for Cisco ASA 5500 Series

DIGIPASS Authentication for Cisco ASA 5500 Series DIGIPASS Authentication for Cisco ASA 5500 Series With IDENTIKEY Server 2010 Integration VASCO Data Security. Guideline All rights reserved. Page 1 of 20 Disclaimer Disclaimer of Warranties and Limitations

More information

Optimum Business SIP Trunk Set-up Guide

Optimum Business SIP Trunk Set-up Guide Optimum Business SIP Trunk Set-up Guide For use with IP PBX only. SIPSetup 07.13 FOR USE WITH IP PBX ONLY Important: If your PBX is configured to use a PRI connection, do not use this guide. If you need

More information

ADSL2+ Ethernet Modem. NetVito 5300 Series. Bridge Modem PPPoE Modem Router. Quick-Start Guide

ADSL2+ Ethernet Modem. NetVito 5300 Series. Bridge Modem PPPoE Modem Router. Quick-Start Guide ADSL2+ Ethernet Modem NetVito 5300 Series Bridge Modem PPPoE Modem Router Quick-Start Guide Before you begin Verify that the following items came with your DSL kit: 1. ADSL modem 2. User guide 3. Power

More information

A host-based firewall can be used in addition to a network-based firewall to provide multiple layers of protection.

A host-based firewall can be used in addition to a network-based firewall to provide multiple layers of protection. A firewall is a software- or hardware-based network security system that allows or denies network traffic according to a set of rules. Firewalls can be categorized by their location on the network: A network-based

More information

Invest in security to secure investments. Breaking SAP Portal. Dmitry Chastuhin Principal Researcher at ERPScan

Invest in security to secure investments. Breaking SAP Portal. Dmitry Chastuhin Principal Researcher at ERPScan Invest in security to secure investments Breaking SAP Portal Dmitry Chastuhin Principal Researcher at ERPScan 1 About ERPScan The only 360- degree SAP Security solu8on - ERPScan Security Monitoring Suite

More information

Alexander Polyakov CTO ERPScan

Alexander Polyakov CTO ERPScan Invest in security to secure investments ERP Security. Myths, Problems, Solu6ons Alexander Polyakov CTO ERPScan About ERPScan The only 360- degree SAP Security solu8on - ERPScan Security Monitoring Suite

More information

Cconducted at the Cisco facility and Miercom lab. Specific areas examined

Cconducted at the Cisco facility and Miercom lab. Specific areas examined Lab Testing Summary Report July 2009 Report 090708 Product Category: Unified Communications Vendor Tested: Key findings and conclusions: Cisco Unified Communications solution uses multilayered security

More information

Podo Attack - Listening To Cisco IP Phone Calls

Podo Attack - Listening To Cisco IP Phone Calls Podo Attack - Listening To Cisco IP Phone Calls TABLE OF CONTENTS Introduction... 2 Overview - Cisco IP Phone Operation... 2 Demo The Scenario... 4 Demo Clone The Cisco IP Phone Configuration... 6 Demo

More information

Background Deployment 3.1 (1003) Installation and Administration Guide

Background Deployment 3.1 (1003) Installation and Administration Guide Background Deployment 3.1 (1003) Installation and Administration Guide 2010 VoIP Integration March 14, 2011 Table of Contents Product Overview... 3 Personalization... 3 Key Press... 3 Requirements... 4

More information

Kaseya Fundamentals Workshop DAY THREE. Developed by Kaseya University. Powered by IT Scholars

Kaseya Fundamentals Workshop DAY THREE. Developed by Kaseya University. Powered by IT Scholars Kaseya Fundamentals Workshop DAY THREE Developed by Kaseya University Powered by IT Scholars Kaseya Version 6.5 Last updated March, 2014 Day Two Overview Day Two Lab Review Patch Management Configura;on

More information

Installation of the On Site Server (OSS)

Installation of the On Site Server (OSS) Installation of the On Site Server (OSS) rev 1.1 Step #1 - Initial Connection to the OSS Having plugged in power and an ethernet cable in the eth0 interface (see diagram below) you can connect to the unit

More information

Configuring the Dolby Conference Phone with Cisco Unified Communications Manager

Configuring the Dolby Conference Phone with Cisco Unified Communications Manager Configuring the Dolby Conference Phone with Cisco Unified Communications Manager Version 1.2 December 10, 2015 This product is protected by one or more patents in the United States and elsewhere. For more

More information

BlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: 10.1.1. Security Note

BlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: 10.1.1. Security Note BlackBerry Enterprise Service 10 Secure Work Space for ios and Android Version: 10.1.1 Security Note Published: 2013-06-21 SWD-20130621110651069 Contents 1 About this guide...4 2 What is BlackBerry Enterprise

More information

Apache web server: ConceI avanza0 (Lezione 2, Parte I) Emiliano Casalicchio (C) emiliano.casalicchio@uniroma1.it

Apache web server: ConceI avanza0 (Lezione 2, Parte I) Emiliano Casalicchio (C) emiliano.casalicchio@uniroma1.it Corso di Proge+azione di Re0 e Sistemi Informa0ci Apache web server: ConceI avanza0 (Lezione 2, Parte I) Emiliano Casalicchio emiliano.casalicchio@uniroma1.it Agenda ConceI e pra0ca sul Virtual hos0ng

More information

9236245 Issue 2EN. Nokia and Nokia Connecting People are registered trademarks of Nokia Corporation

9236245 Issue 2EN. Nokia and Nokia Connecting People are registered trademarks of Nokia Corporation 9236245 Issue 2EN Nokia and Nokia Connecting People are registered trademarks of Nokia Corporation Nokia 9300 Configuring connection settings Legal Notice Copyright Nokia 2005. All rights reserved. Reproduction,

More information

Projetex 9 Workstation Setup Quick Start Guide 2012 Advanced International Translations

Projetex 9 Workstation Setup Quick Start Guide 2012 Advanced International Translations Projetex 9 Workstation Setup Quick Start Guide 1 Projetex 9 Help Table of Contents Disclaimer 2 System Requirements 2 Registration/Upgrade 3 Projetex Workstation Setup 5 User Login to Projetex Workstation

More information

Enabling NAT and Routing in DGW v2.0 June 6, 2012

Enabling NAT and Routing in DGW v2.0 June 6, 2012 Enabling NAT and Routing in DGW v2.0 June 6, 2012 Proprietary 2012 Media5 Corporation Table of Contents Introduction... 3 Starting Services... 4 Distinguishing your WAN and LAN interfaces... 5 Configuring

More information

Balancing Usability and Security for Medical Devices

Balancing Usability and Security for Medical Devices Balancing Usability and Security for Medical Devices Ken Hoyme Adven&um Labs ken.hoyme@adven8umlabs.com Robert North, LLC bnorth@humancenteredstrategies.com March 17, 2014 3/17/2014 2014 Adven8um Labs

More information

Analog Telephone Adapter Network settings via Keypad commands:

Analog Telephone Adapter Network settings via Keypad commands: Analog Telephone Adapter Network settings via Keypad commands: The ATA series phone adapters (VIP-156/VIP-156PE/VIP-157/VIP-157S) support telephone keypad configurations, please connect analog telephone

More information

NETWORK DEVICE SECURITY AUDITING

NETWORK DEVICE SECURITY AUDITING E-SPIN PROFESSIONAL BOOK VULNERABILITY MANAGEMENT NETWORK DEVICE SECURITY AUDITING ALL THE PRACTICAL KNOW HOW AND HOW TO RELATED TO THE SUBJECT MATTERS. NETWORK DEVICE SECURITY, CONFIGURATION AUDITING,

More information

Voice over IP Security

Voice over IP Security Voice over IP Security Patrick Park Cisco Press Cisco Press 800 East 96th Street Indianapolis, Indiana 46240 USA vii Contents Introduction xvii Part I VoIP Security Fundamentals 3 Chapter 1 Working with

More information

Common Phone Profile Configuration

Common Phone Profile Configuration CHAPTER 103 Common phone profiles provide data that Cisco TFTP requires. After you configure a common phone profile, use the Phone Configuration window to associate a phone that is running SCCP or SIP

More information

MS Series: VolP Deployment Guide

MS Series: VolP Deployment Guide Solution Guide MS Series: VolP Deployment Guide JULY 2013 How to deploy a distributed VoIP infrastructure with Meraki MS switches. Table of Contents Introduction 3 Getting Started 4 Setting up VoIP using

More information

NetVanta 7060/7100 Configuration Checklist

NetVanta 7060/7100 Configuration Checklist NetVanta 7060/7100 Configuration Checklist AOS Versions Supported: AOS A1.01.00 and above. AOS Versions Supporting SIP Trunking and Networking: AOS A2.02.00 and above. This document is designed to provide

More information

Structured Threats 21 External Threats 22 Internal Threats 22 Network Attacks 22 Reconnaissance Attacks 22 Access Attacks 23 Data Retrieval 23 System

Structured Threats 21 External Threats 22 Internal Threats 22 Network Attacks 22 Reconnaissance Attacks 22 Access Attacks 23 Data Retrieval 23 System xii Contents Structured Threats 21 External Threats 22 Internal Threats 22 Network Attacks 22 Reconnaissance Attacks 22 Access Attacks 23 Data Retrieval 23 System Access 24 Privilege Escalation 24 DoS

More information

IT Change Management Process Training

IT Change Management Process Training IT Change Management Process Training Before you begin: This course was prepared for all IT professionals with the goal of promo9ng awareness of the process. Those taking this course will have varied knowledge

More information

Business VoIP Solution Training 04/2009

Business VoIP Solution Training 04/2009 Business VoIP Solution Training 04/2009 IP Phone Deployment Scenario 1 Company LAN All the IP Phones and PBX are within the same local area network, no firewall and NAT traversal issues IP PBX 2 IP Phone

More information

THE TOP SECURITY QUESTIONS YOU SHOULD ASK A CLOUD COMMUNICATIONS PROVIDER

THE TOP SECURITY QUESTIONS YOU SHOULD ASK A CLOUD COMMUNICATIONS PROVIDER THE TOP SECURITY QUESTIONS YOU SHOULD ASK A CLOUD COMMUNICATIONS PROVIDER How to ensure a cloud-based phone system is secure. BEFORE SELECTING A CLOUD PHONE SYSTEM, YOU SHOULD CONSIDER: DATA PROTECTION.

More information

Privileged Administra0on Best Prac0ces :: September 1, 2015

Privileged Administra0on Best Prac0ces :: September 1, 2015 Privileged Administra0on Best Prac0ces :: September 1, 2015 Discussion Contents Privileged Access and Administra1on Best Prac1ces 1) Overview of Capabili0es Defini0on of Need 2) Preparing your PxM Program

More information

Configuring Network Settings on the Cisco IP Phone

Configuring Network Settings on the Cisco IP Phone CHAPTER 4 Configuring Network Settings on the Cisco IP Phone Because the Cisco IP Phone is a network device, it includes many configurable network settings, which you might need to modify before the phone

More information

CyberData VoIP V2 Speaker with VoIP Clock Kit Configuration Guide for OmniPCX Enterprise

CyberData VoIP V2 Speaker with VoIP Clock Kit Configuration Guide for OmniPCX Enterprise CyberData VoIP V2 Speaker with VoIP Clock Kit Configuration Guide for OmniPCX Enterprise CyberData Corporation 2555 Garden Road Monterey, CA 93940 T:831-373-2601 F: 831-373-4193 www.cyberdata.net 2 Introduction

More information

Starting a Management Session

Starting a Management Session Management Software AT-S63 Starting a Management Session AT-S63 Version 2.2.0 for the AT-9400 Layer 2+ Switches AT-S63 Version 3.0.0 for the AT-9400 Basic Layer 3 Switches 613-000817 Rev. A Copyright 2007

More information

Apple Airport Extreme Base Station V4.0.8 Firmware: Version 5.4

Apple Airport Extreme Base Station V4.0.8 Firmware: Version 5.4 1. APPLE AIRPORT EXTREME 1.1 Product Description The following are device specific configuration settings for the Apple Airport Extreme. Navigation through the management screens will be similar but may

More information

AudiaFLEX Voice-over-IP Interface. Preliminary Steps. Configuring a Cisco CallManager system to work with Biamp s VoIP-2 card

AudiaFLEX Voice-over-IP Interface. Preliminary Steps. Configuring a Cisco CallManager system to work with Biamp s VoIP-2 card Configuring a Cisco CallManager system to work with Biamp s VoIP-2 card AudiaFLEX Voice-over-IP Interface Biamp s VoIP-2 card allows Biamp AudiaFLEX digital signal processors to make and receive calls

More information

LifeSize Passport TM User and Administrator Guide

LifeSize Passport TM User and Administrator Guide LifeSize Passport TM User and Administrator Guide February 2011 LifeSize Passport User and Administrator Guide 2 LifeSize Passport This guide explains how to use and configure LifeSize Passport. For information

More information

Networking Semester 1 Final After Study Guide

Networking Semester 1 Final After Study Guide Networking Semester 1 Final After Study Guide The following have been found to be answered wrong by a majority of the class. The drag & drop questions are not partial credit questions. 1. Where do switches

More information

DIGIPASS Authentication for GajShield GS Series

DIGIPASS Authentication for GajShield GS Series DIGIPASS Authentication for GajShield GS Series With Vasco VACMAN Middleware 3.0 2008 VASCO Data Security. All rights reserved. Page 1 of 1 Integration Guideline Disclaimer Disclaimer of Warranties and

More information

To ensure you successfully install Timico VoIP for Business you must follow the steps in sequence:

To ensure you successfully install Timico VoIP for Business you must follow the steps in sequence: To ensure you successfully install Timico VoIP for Business you must follow the steps in sequence: Firewall Settings - you may need to check with your technical department Step 1 Install Hardware Step

More information

Configure Workgroup Bridge on the WAP351

Configure Workgroup Bridge on the WAP351 Article ID: 5047 Configure Workgroup Bridge on the WAP351 Objective The Workgroup Bridge feature enables the Wireless Access Point (WAP) to bridge traffic between a remote client and the wireless LAN that

More information

Fixing Problems with IP Phone Services

Fixing Problems with IP Phone Services Fixing s with IP Phone Services Document ID: 13959 Contents Introduction Prerequisites Requirements Components Used Conventions Change the URL Services in Cisco CallManager Reset the TFTP Server Reset

More information

CUCM 9.x Configuration Manual for Arc Premium

CUCM 9.x Configuration Manual for Arc Premium CUCM 9.x Configuration Manual for Arc Premium Version 6.0.0 2003-2013 Arc Solutions (International) Ltd. All rights reserved No part of this documentation may be reproduced in any form or by any means

More information

VOIP-500 Series Phone CUCM 8.0.3a Integration Guide

VOIP-500 Series Phone CUCM 8.0.3a Integration Guide I. Introduction This provides general instructions for integration of the VOIP-500 Series Phone with a Cisco Call Manager installation. It is recommended to read this instruction set completely before

More information

Enabling Multiple Wireless Networks on RV320 VPN Router, WAP321 Wireless-N Access Point, and Sx300 Series Switches

Enabling Multiple Wireless Networks on RV320 VPN Router, WAP321 Wireless-N Access Point, and Sx300 Series Switches print email Article ID: 4941 Enabling Multiple Wireless Networks on RV320 VPN Router, WAP321 Wireless-N Access Point, and Sx300 Series Switches Objective In an ever-changing business environment, your

More information

Configuring the CyberData VoIP 4-Port Zone Controller with Audio Out

Configuring the CyberData VoIP 4-Port Zone Controller with Audio Out NetVanta Unified Communications Technical Note Configuring the CyberData VoIP 4-Port Zone Controller with Audio Out Introduction The CyberData Voice over Internet Protocol (VoIP) zone controller enables

More information

Incident Response Using Splunk for State and Local Governments

Incident Response Using Splunk for State and Local Governments Copyright 2013 Splunk Inc. Incident Response Using Splunk for State and Local Governments Bert Hayes Solu=ons Engineer bert@splunk.com #splunkconf Legal No=ces During the course of this presenta=on, we

More information

DIGIPASS Authentication for Citrix Access Gateway VPN Connections

DIGIPASS Authentication for Citrix Access Gateway VPN Connections DIGIPASS Authentication for Citrix Access Gateway VPN Connections With VASCO Digipass Pack for Citrix 2006 VASCO Data Security. All rights reserved. Page 1 of 31 Integration Guideline Disclaimer Disclaimer

More information

LifeSize Video Communications Systems Administrator Guide

LifeSize Video Communications Systems Administrator Guide LifeSize Video Communications Systems Administrator Guide September 2008 Copyright Notice 2005-2008 LifeSize Communications Inc, and its licensors. All rights reserved. LifeSize Communications has made

More information

Edgewater Routers User Guide

Edgewater Routers User Guide Edgewater Routers User Guide For use with 8x8 Service Version 1.0, March 2011 Table of Contents EdgeMarc 200AE1-10 Router Overview...3 EdgeMarc 4550-15 Router Overview...4 Basic Setup of the 200AE1 and

More information