White Paper A SECURITY GUIDE TO PROTECTING IP PHONE SYSTEMS AGAINST ATTACK. A balancing act
|
|
- Geoffrey Phelps
- 8 years ago
- Views:
Transcription
1 A SECURITY GUIDE TO PROTECTING IP PHONE SYSTEMS AGAINST ATTACK With organizations rushing to adopt Voice over IP (VoIP) technology to cut costs and integrate applications designed to serve customers better, security is often a secondary concern, or may be overlooked entirely. Unless proper steps are taken to protect VoIP systems on your data networks, you could be leaving open holes that can be exploited by intruders to disrupt all applications on your converged infrastructure, including voice calls. This step-by-step guide identifies the common threats and the countermeasures used to protect converged networks. Your VoIP solution provider will be your first line of defense in managing this issue. A balancing act The reason IP networks are so vulnerable to attack is that Internet protocols developed decades ago were not designed with security in mind. Security features were added later as specific threats emerged, resulting in the piecemeal fixes we contend with today. This has forced network administrators to take an active role in identifying threats and taking countermeasures to deal with them. Since voice conversations are carried over data networks as packets, just like every other application on the network, VoIP systems are susceptible to the same threats that are commonly launched against servers residing on IP data networks. The key to effective security is to focus on critical points of vulnerability those areas where the IP infrastructure or services are susceptible to known or expected attacks. However, since VoIP is a
2 real-time application, the security solution must not bog down performance to the point that conversations are disrupted. Types of attacks Denials of Service Attacks (DoS) originate on the Internet and are typically launched against web servers. In this type of attack, a server is bombarded with bogus service requests. The server becomes so busy trying to answer these requests that service is denied to those with legitimate requests. The intent of the attacker is to stop the server from functioning, thereby frustrating a company s customers and motivating them to take their business elsewhere. The DoS attack is not strictly limited to web servers; with more frequency, this type of attack is being launched against customer premises equipment (CPE), which includes VoIP systems. Among other things, your VoIP equipment has an operating system, just like any other server on your data network. The VoIP system provides critical functions like dialtone and call routing. A DoS attack can affect your VoIP system in several ways, including: Force the operating system to shut down, disrupting conversations and preventing calls until service is restored. Trick the VoIP system into accepting phony signaling messages, interfering with the proper operation of the service. Divert the VoIP system s CPU power and memory to handling false requests, degrading the real-time performance of telephone service. Generate excess traffic on your network through the use of worms and viruses, for example, forcing voice packets to be delayed or dropped, interfering with the smooth flow of conversations. Theft of service attacks are launched by intruders who want to make calls for free, using your VoIP system. In one scenario, a hacker could spoof a legitimate IP address to access your VoIP system to make calls anywhere in the world, leaving you stuck with the bill. Thieves can even use your VoIP system to spoof a Caller ID that can be used for phishing. This refers to the act of tricking someone into giving the thief confidential information. As applied to VoIP, phishing would entail a hacker posing as a network administrator to obtain sensitive information from an unsuspecting user within the company. If the user 2011 TCI, a Telcept Holdings LLC. Company Page 2
3 recognizes the Caller ID as being that of the network administrator, he or she will likely cooperate in giving out the requested information. Eavesdropping attacks are directed toward revealing private information within the voice conversation or the signaling protocol. Private data in the signaling protocol may include the phone numbers being called by a subscriber, as well as the IP and MAC addresses of the phones at each end of the conversation. This type of attack, also known as a man-in-the-middle attack, entails use of a spy program that gets in between two communicating parties and intercepts the information passing between them. The packets are intercepted without either party being aware of what s happening. The packets are recorded, collected from the host machine and recovered using protocol analyzer software, which is normally used by technicians to identify problems on data networks. Security solutions Achieving a secure IT environment involves a balance between risk and cost. In the case of VoIP, however, there must also be a balance between risk and quality because of the real-time nature of voice conversation. Therefore, a VoIP security solution must combine existing IP security and VoIP-specific security mechanisms. Denial of Service protection involves the deployment of security mechanisms throughout the infrastructure, such as: At the borders between networks, VoIP-aware routers can be set to block suspicious traffic. Configuration settings within servers, switches, firewalls and routers can shut off packet flooding and other types of DoS attacks that are intended to disrupt service. Software in various network elements, including the VoIP system, should provide the means to limit the amount of resources that will be used for responding to requests. When an attack is suspected, the VoIP systems log files should be examined as the first step in investigating the event and to prevent a recurrence of that event. Access to the VoIP system should be granted only to specific IP addresses, not a range of IP addresses TCI, a Telcept Holdings LLC. Company Page 3
4 PCs are the weak link in security due to user carelessness. Regular and frequent security audits of all network elements, especially PCs, will minimize the introduction and spread of viruses, worms and spyware onto your network. Access to all advanced features of your VoIP system must be protected with authentication and unused features should be disabled to limit their possible use by an attacker. Voice and signal integrity can be maintained on office LANs by logically separating them from general data traffic. On the WAN, VoIP and data traffic can be further separated through the use of virtual private networks (VPNs) to ensure both security and quality of service (QoS). For the ultimate in protection, encryption can be applied to signaling and voice traffic across the WAN, but this entails extra expense. The VoIP router would need to be equipped with a dedicated processor for encryption/decryption tasks so that normal protocol processing does not get bogged down and disrupt the smooth flow of voice communication. The addition of encryption to safeguard voice would also entail the use of more bandwidth, which might boost your costs even more. Depending on the nature of your voice traffic, the additional expense may be justified. Theft of service protection involves putting into place mechanisms for ensuring that only authenticated users and devices can obtain access. The mechanisms include physical security to limit local access as well as secure configurations to limit remote access. In addition, system logs should be monitored regularly to detect unauthorized access attempts. This might reveal internal users who are trying to use VoIP features to which they are not entitled. Logs would also reveal attempts to access internal systems from outside the company, providing you with a clue as to what potential vulnerabilities might exist on your network that deserve closer examination. Other considerations Infrastructure security involves a layered approach such that a failure or breach in one security mechanism does not affect the entire service. These mechanisms include: Server and device security User authentication Network security 2011 TCI, a Telcept Holdings LLC. Company Page 4
5 Software security patch updates Vulnerability scans Networks, systems and applications should be monitored and compared with baseline usage to detect abnormal activity. Security is a continuous process and new threats can emerge. If not managed properly, VoIP security risks can impact performance and mitigate the expected benefits of this powerful technology. The good news is that an experienced business communications partner with VoIP and security expertise understands all of the issues and can make the security concerns transparent to your business. For over 25 years TCI has been supporting client transitions to new technology. We ve always been there evolving networks from analog to digital and now to IP, building and managing the reliable networks our customers have come to depend on. Find out how TCI s secure IP Telephony solutions can benefit your business. Call TCI at 800 TCI 1001 or Don Routhier at routhierd@tcicomm.com. About TCI TCI is one of the largest full-service integrated solutions providers in the Washington D.C. and Baltimore metropolitan areas. We deliver voice, network and data support to organizations of all types and sizes. TCI offers a complete line of client services and business solutions, including security services, in partnership with leading manufacturers. Learn more by visiting our website, TCI, a Telcept Holdings LLC. Company Page 5
Voice Over IP (VoIP) Denial of Service (DoS)
Introduction Voice Over IP (VoIP) Denial of Service (DoS) By Mark Collier Chief Technology Officer SecureLogix Corporation mark.collier@securelogix.com Denial of Service (DoS) is an issue for any IP network-based
More informationWhite Paper A COMPARISON OF HOSTED VOIP AND PREMISES- BASED IP PHONE SYSTEMS FOR IT AND TELECOM DECISION MAKERS. Executive Summary
A COMPARISON OF HOSTED VOIP AND PREMISES- BASED IP PHONE SYSTEMS FOR IT AND TELECOM DECISION MAKERS Executive Summary Using the same technology that moves data, text and images around the global Internet,
More informationBusiness Phone Security. Threats to VoIP and What to do about Them
Business Phone Security Threats to VoIP and What to do about Them VoIP and Security: What You Need to Know to Keep Your Business Communications Safe Like other Internet-based applications, VoIP services
More informationAchieving Truly Secure Cloud Communications. How to navigate evolving security threats
Achieving Truly Secure Cloud Communications How to navigate evolving security threats Security is quickly becoming the primary concern of many businesses, and protecting VoIP vulnerabilities is critical.
More informationSecurity Issues with Integrated Smart Buildings
Security Issues with Integrated Smart Buildings Jim Sinopoli, Managing Principal Smart Buildings, LLC The building automation industry is now at a point where we have legitimate and reasonable concern
More informationSecuring VoIP Networks using graded Protection Levels
Securing VoIP Networks using graded Protection Levels Andreas C. Schmidt Bundesamt für Sicherheit in der Informationstechnik, Godesberger Allee 185-189, D-53175 Bonn Andreas.Schmidt@bsi.bund.de Abstract
More informationOverview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs
Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs Why Network Security? Keep the bad guys out. (1) Closed networks
More informationNetwork Security: Introduction
Network Security: Introduction 1. Network security models 2. Vulnerabilities, threats and attacks 3. Basic types of attacks 4. Managing network security 1. Network security models Security Security has
More informationBest Practices for Securing IP Telephony
Best Practices for Securing IP Telephony Irwin Lazar, CISSP Senior Analyst Burton Group Agenda VoIP overview VoIP risks Mitigation strategies Recommendations VoIP Overview Hosted by VoIP Functional Diagram
More informationMulti-layered Security Solutions for VoIP Protection
Multi-layered Security Solutions for VoIP Protection Copyright 2005 internet Security Systems, Inc. All rights reserved worldwide Multi-layered Security Solutions for VoIP Protection An ISS Whitepaper
More informationVoIP: The Evolving Solution and the Evolving Threat. Copyright 2004 Internet Security Systems, Inc. All rights reserved worldwide
VoIP: The Evolving Solution and the Evolving Threat Copyright 2004 Internet Security Systems, Inc. All rights reserved worldwide VoIP: The Evolving Solution and the Evolving Threat An ISS Whitepaper 2
More informationSafeguards Against Denial of Service Attacks for IP Phones
W H I T E P A P E R Denial of Service (DoS) attacks on computers and infrastructure communications systems have been reported for a number of years, but the accelerated deployment of Voice over IP (VoIP)
More informationDeploying Firewalls Throughout Your Organization
Deploying Firewalls Throughout Your Organization Avoiding break-ins requires firewall filtering at multiple external and internal network perimeters. Firewalls have long provided the first line of defense
More informationA Brief Overview of VoIP Security. By John McCarron. Voice of Internet Protocol is the next generation telecommunications method.
A Brief Overview of VoIP Security By John McCarron Voice of Internet Protocol is the next generation telecommunications method. It allows to phone calls to be route over a data network thus saving money
More informationSecuring SIP Trunks APPLICATION NOTE. www.sipera.com
APPLICATION NOTE Securing SIP Trunks SIP Trunks are offered by Internet Telephony Service Providers (ITSPs) to connect an enterprise s IP PBX to the traditional Public Switched Telephone Network (PSTN)
More informationHOW TO PREVENT DDOS ATTACKS IN A SERVICE PROVIDER ENVIRONMENT
HOW TO PREVENT DDOS ATTACKS IN A SERVICE PROVIDER ENVIRONMENT The frequency and sophistication of Distributed Denial of Service attacks (DDoS) on the Internet are rapidly increasing. Most of the earliest
More informationVoice over IP Security
Voice over IP Security Patrick Park Cisco Press Cisco Press 800 East 96th Street Indianapolis, Indiana 46240 USA vii Contents Introduction xvii Part I VoIP Security Fundamentals 3 Chapter 1 Working with
More informationSecurity and Risk Analysis of VoIP Networks
Security and Risk Analysis of VoIP Networks S.Feroz and P.S.Dowland Network Research Group, University of Plymouth, United Kingdom e-mail: info@network-research-group.org Abstract This paper address all
More information10- Assume you open your credit card bill and see several large unauthorized charges unfortunately you may have been the victim of (identity theft)
1- A (firewall) is a computer program that permits a user on the internal network to access the internet but severely restricts transmissions from the outside 2- A (system failure) is the prolonged malfunction
More informationCisco Advanced Services for Network Security
Data Sheet Cisco Advanced Services for Network Security IP Communications networking the convergence of data, voice, and video onto a single network offers opportunities for reducing communication costs
More informationVOIP SECURITY ISSUES AND RECOMMENDATIONS
VOIP SECURITY ISSUES AND RECOMMENDATIONS Sathasivam Mathiyalakan MSIS Department, College of Management, University of Massachusetts Boston Phone: (617) 287 7881; Email: Satha.Mathiyalakan@umb.edu ABSTRACT
More informationSECURING YOUR SMALL BUSINESS. Principles of information security and risk management
SECURING YOUR SMALL BUSINESS Principles of information security and risk management The challenge Information is one of the most valuable assets of any organization public or private, large or small and
More informationDDoS Protection Technology White Paper
DDoS Protection Technology White Paper Keywords: DDoS attack, DDoS protection, traffic learning, threshold adjustment, detection and protection Abstract: This white paper describes the classification of
More informationRecommended IP Telephony Architecture
Report Number: I332-009R-2006 Recommended IP Telephony Architecture Systems and Network Attack Center (SNAC) Updated: 1 May 2006 Version 1.0 SNAC.Guides@nsa.gov This Page Intentionally Left Blank ii Warnings
More informationHow To Secure A Voice Over Internet Protocol (Voip) From A Cyber Attack
DHS 4300A Sensitive Systems Handbook Attachment Q5 To Handbook v. 11.0 Voice over Internet Protocol (VoIP) Version 11.0 December 22, 2014 Protecting the Information that Secures the Homeland This page
More informationSecurity Toolsets for ISP Defense
Security Toolsets for ISP Defense Backbone Practices Authored by Timothy A Battles (AT&T IP Network Security) What s our goal? To provide protection against anomalous traffic for our network and it s customers.
More informationICANWK406A Install, configure and test network security
ICANWK406A Install, configure and test network security Release: 1 ICANWK406A Install, configure and test network security Modification History Release Release 1 Comments This Unit first released with
More informationInformation Technology Cyber Security Policy
Information Technology Cyber Security Policy (Insert Name of Organization) SAMPLE TEMPLATE Organizations are encouraged to develop their own policy and procedures from the information enclosed. Please
More informationE-BUSINESS THREATS AND SOLUTIONS
E-BUSINESS THREATS AND SOLUTIONS E-BUSINESS THREATS AND SOLUTIONS E-business has forever revolutionized the way business is done. Retail has now a long way from the days of physical transactions that were
More informationData Security in a Converged Network
Data Security in a Converged Network A Siemens White Paper Author: Contributors: Joel A. Pogar National Practice Manager Secure Network Services Joel.Pogar@icn.siemens.com Jeff Corcoran Solutions Architect,
More informationCTS2134 Introduction to Networking. Module 8.4 8.7 Network Security
CTS2134 Introduction to Networking Module 8.4 8.7 Network Security Switch Security: VLANs A virtual LAN (VLAN) is a logical grouping of computers based on a switch port. VLAN membership is configured by
More informationVoIP Security Threats and Vulnerabilities
Abstract VoIP Security Threats and Vulnerabilities S.M.A.Rizvi and P.S.Dowland Network Research Group, University of Plymouth, Plymouth, UK e-mail: info@network-research-group.org This paper presents the
More informationSecurity Features and Considerations
Securing the Unified Communications Enabled Enterprise Integrated communications systems are inherently more secure than traditional standalone phone and messaging systems. Business Communications Challenges
More information2. From a control perspective, the PRIMARY objective of classifying information assets is to:
MIS5206 Week 13 Your Name Date 1. When conducting a penetration test of an organization's internal network, which of the following approaches would BEST enable the conductor of the test to remain undetected
More informationCyber Security In High-Performance Computing Environment Prakashan Korambath Institute for Digital Research and Education, UCLA July 17, 2014
Cyber Security In High-Performance Computing Environment Prakashan Korambath Institute for Digital Research and Education, UCLA July 17, 2014 Introduction: Cyber attack is an unauthorized access to a computer
More informationIP Phone Security: Packet Filtering Protection Against Attacks. Introduction. Abstract. IP Phone Vulnerabliities
W H I T E P A P E R By Atul Verma Engineering Manager, IP Phone Solutions Communications Infrastructure and Voice Group averma@ti.com Introduction The advantages of a converged voice and data network are
More informationBy David G. Holmberg, Ph.D., Member ASHRAE
The following article was published in ASHRAE Journal, November 2003. Copyright 2003 American Society of Heating, Refrigerating and Air-Conditioning Engineers, Inc. It is presented for educational purposes
More informationREPORT ON AUDIT OF LOCAL AREA NETWORK OF C-STAR LAB
REPORT ON AUDIT OF LOCAL AREA NETWORK OF C-STAR LAB Conducted: 29 th March 5 th April 2007 Prepared By: Pankaj Kohli (200607011) Chandan Kumar (200607003) Aamil Farooq (200505001) Network Audit Table of
More informationEvaluation Report. Office of Inspector General
Evaluation Report OIG-08-035 INFORMATION TECHNOLOGY: Network Security at the Office of the Comptroller of the Currency Needs Improvement June 03, 2008 Office of Inspector General Department of the Treasury
More informationVOICE OVER IP SECURITY
VOICE OVER IP SECURITY February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part without
More informationState of Texas. TEX-AN Next Generation. NNI Plan
State of Texas TEX-AN Next Generation NNI Plan Table of Contents 1. INTRODUCTION... 1 1.1. Purpose... 1 2. NNI APPROACH... 2 2.1. Proposed Interconnection Capacity... 2 2.2. Collocation Equipment Requirements...
More informationVoice over Internet Protocol. Kristie Prinz. The Prinz Law Office
Voice over Internet Protocol Kristie Prinz The Prinz Law Office I. What is Voice over Internet Protocol ( VoIP )? Voice over Internet Protocol ( VoIP ) is a technology, which facilitates the transmission
More informationInternet Content Provider Safeguards Customer Networks and Services
Internet Content Provider Safeguards Customer Networks and Services Synacor used Cisco network infrastructure and security solutions to enhance network protection and streamline compliance. NAME Synacor
More informationSecuring a Converged Network By Steven Sullivan
Securing a Converged Network By Steven Sullivan Abstract Network security has traditionally been viewed in business as more of a cost than a benefit. But the latest trends are towards converged networks
More informationCyber Threats in Physical Security Understanding and Mitigating the Risk
Cyber Threats in Physical Security Understanding and Mitigating the Risk Synopsis Over the last few years, many industrial control systems, including security solutions, have adopted digital technology.
More informationCOSC 472 Network Security
COSC 472 Network Security Instructor: Dr. Enyue (Annie) Lu Office hours: http://faculty.salisbury.edu/~ealu/schedule.htm Office room: HS114 Email: ealu@salisbury.edu Course information: http://faculty.salisbury.edu/~ealu/cosc472/cosc472.html
More informationVillains and Voice Over IP
Villains and Voice Over IP Heather Bonin ECE 578 March 7, 2004 Table of Contents Introduction... 3 How VOIP Works... 3 Ma Bell and her Babies... 3 VoIP: The New Baby on the Block... 3 Security Issues...
More informationCMS Operational Policy for Firewall Administration
Chief Information Officer Office of Information Services Centers for Medicare & Medicaid Services CMS Operational Policy for Firewall Administration July 16, 2008 Document Number: CMS-CIO-POL-INF11-01
More informationHow To Prevent Hacker Attacks With Network Behavior Analysis
E-Guide Signature vs. anomaly-based behavior analysis News of successful network attacks has become so commonplace that they are almost no longer news. Hackers have broken into commercial sites to steal
More informationethernet services for multi-site connectivity security, performance, ip transparency
ethernet services for multi-site connectivity security, performance, ip transparency INTRODUCTION Interconnecting three or more sites across a metro or wide area network has traditionally been accomplished
More informationSecure Software Programming and Vulnerability Analysis
Secure Software Programming and Vulnerability Analysis Christopher Kruegel chris@auto.tuwien.ac.at http://www.auto.tuwien.ac.at/~chris Operations and Denial of Service Secure Software Programming 2 Overview
More informationFDIC Division of Supervision and Consumer Protection
FDIC Division of Supervision and Consumer Protection Voice over Internet Protocol (VoIP) Informational Supplement June 2005 1 Summary In an attempt to control expenses, consumers and businesses are considering
More informationTechnical Standards for Information Security Measures for the Central Government Computer Systems
Technical Standards for Information Security Measures for the Central Government Computer Systems April 21, 2011 Established by the Information Security Policy Council Table of Contents Chapter 2.1 General...
More informationVoice Over IP and Firewalls
Introduction Voice Over IP and Firewalls By Mark Collier Chief Technology Officer SecureLogix Corporation mark.collier@securelogix.com Use of Voice Over IP (VoIP) in enterprises is becoming more and more
More informationIP TELEPHONY TAKE YOUR BUSINESS COMMUNICATIONS TO THE NEXT LEVEL
IP TELEPHONY TAKE YOUR BUSINESS COMMUNICATIONS TO THE NEXT LEVEL Executive Summary The rising popularity of IP Telephony in recent years demonstrates that it has become a highly functional, affordable
More informationOwn your LAN with Arp Poison Routing
Own your LAN with Arp Poison Routing By: Rorik Koster April 17, 2006 Security is a popular buzzword heard every day throughout our American culture and possibly even more so in our global economy. From
More informationNetwork & Information Security Policy
Policy Version: 2.1 Approved: 02/20/2015 Effective: 03/02/2015 Table of Contents I. Purpose................... 1 II. Scope.................... 1 III. Roles and Responsibilities............. 1 IV. Risk
More informationThreat Mitigation for VoIP
Threat Mitigation for VoIP Bogdan Materna, VP Engineering and CTO VoIPshield Systems Third Annual VoIP Security Workshop June 2, 2006 Overview Basics VoIP Security Impact Examples of real vulnerabilities
More informationNetwork Security and the Small Business
Network Security and the Small Business Why network security is important for a small business Many small businesses think that they are less likely targets for security attacks as compared to large enterprises,
More informationAn Oracle White Paper December 2013. The Value of Diameter Signaling in Security and Interworking Between 3G and LTE Networks
An Oracle White Paper December 2013 The Value of Diameter Signaling in Security and Interworking Between 3G and LTE Networks Introduction Today s mobile networks are no longer limited to voice calls. With
More informationAvaya G700 Media Gateway Security - Issue 1.0
Avaya G700 Media Gateway Security - Issue 1.0 Avaya G700 Media Gateway Security With the Avaya G700 Media Gateway controlled by the Avaya S8300 or S8700 Media Servers, many of the traditional Enterprise
More informationMobile Devices and Malicious Code Attack Prevention
Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com WHITE PAPER Malicious Code and Mobile Devices: Best Practices for Securing Mobile Environments Sponsored
More informationSecure Voice over IP (VoIP) Networks
Secure Voice over IP (VoIP) Networks How to deploy a robust, secure VoIP solution that counters both external and internal threats and, at the same time, provides top quality of service. This White Paper:
More informationFirewalls Overview and Best Practices. White Paper
Firewalls Overview and Best Practices White Paper Copyright Decipher Information Systems, 2005. All rights reserved. The information in this publication is furnished for information use only, does not
More informationNetwork Instruments white paper
Network Instruments white paper USING A NETWORK ANALYZER AS A SECURITY TOOL Network Analyzers are designed to watch the network, identify issues and alert administrators of problem scenarios. These features
More informationCisco Security Optimization Service
Cisco Security Optimization Service Proactively strengthen your network to better respond to evolving security threats and planned and unplanned events. Service Overview Optimize Your Network for Borderless
More informationEmerging Network Security Threats and what they mean for internal auditors. December 11, 2013 John Gagne, CISSP, CISA
Emerging Network Security Threats and what they mean for internal auditors December 11, 2013 John Gagne, CISSP, CISA 0 Objectives Emerging Risks Distributed Denial of Service (DDoS) Attacks Social Engineering
More information2012 North Dakota Information Technology Security Audit Vulnerability Assessment and Penetration Testing Summary Report
2012 North Dakota Information Technology Security Audit Vulnerability Assessment and Penetration Testing Summary Report 28 September 2012 Submitted to: Donald Lafleur IS Audit Manager ND State Auditor
More informationAdvantages of Managed Security Services
Advantages of Managed Security Services Cloud services via MPLS networks for high security at low cost Get Started Now: 877.611.6342 to learn more. www.megapath.com Executive Summary Protecting Your Network
More informationTSA audit - How Well Does It Measure Network Security?
DEPARTMENT OF HOMELAND SECURITY Office of Inspector General Improved Security Required For Transportation Security Administration Networks (Redacted) Notice: The Department of Homeland Security, Office
More informationCconducted at the Cisco facility and Miercom lab. Specific areas examined
Lab Testing Summary Report July 2009 Report 090708 Product Category: Unified Communications Vendor Tested: Key findings and conclusions: Cisco Unified Communications solution uses multilayered security
More informationVoIP Resilience and Security Jim Credland
VoIP Resilience and Security Jim Credland About THUS plc Provider and user of VoIP and Soft Switch technologies Developing Enterprise Security Standards NISCC VoIP Working Group Security Considerations
More informationState of New Mexico Statewide Architectural Configuration Requirements. Title: Network Security Standard S-STD005.001. Effective Date: April 7, 2005
State of New Mexico Statewide Architectural Configuration Requirements Title: Network Security Standard S-STD005.001 Effective Date: April 7, 2005 1. Authority The Department of Information Technology
More informationTHE BUSINESS CASE FOR NETWORK SECURITY: ADVOCACY, GOVERNANCE, AND ROI
THE BUSINESS CASE FOR NETWORK SECURITY: ADVOCACY, GOVERNANCE, AND ROI Introduction. I. VULNERABILITIES AND TECHNOLOGIES. 1. Hackers and Threats. Contending with Vulnerability Realizing Value in Security
More informationVOIP SECURITY: BEST PRACTICES TO SAFEGUARD YOUR NETWORK ======
VOIP SECURITY: BEST PRACTICES TO SAFEGUARD YOUR NETWORK ====== Table of Contents Introduction to VoIP Security... 2 Meet Our Expert - Momentum Telecom... 2 BroadWorks... 2 VoIP Vulnerabilities... 3 Call
More informationWhy Leaks Matter. Leak Detection and Mitigation as a Critical Element of Network Assurance. A publication of Lumeta Corporation www.lumeta.
Why Leaks Matter Leak Detection and Mitigation as a Critical Element of Network Assurance A publication of Lumeta Corporation www.lumeta.com Table of Contents Executive Summary Defining a Leak How Leaks
More information8. Firewall Design & Implementation
DMZ Networks The most common firewall environment implementation is known as a DMZ, or DeMilitarized Zone network. A DMZ network is created out of a network connecting two firewalls; i.e., when two or
More informationCNA NetProtect Essential SM. 1. Do you implement virus controls and filtering on all systems? Background:
1. Do you implement virus controls and filtering on all systems? Anti-Virus anti-virus software packages look for patterns in files or memory that indicate the possible presence of a known virus. Anti-virus
More informationVoIP Time to Make the Call? Abstract
VoIP Time to Make the Call? By Steve Sullivan Abstract Is it time to make the call and join the growing numbers of companies that are embracing Voice over IP technologies? Even though VoIP is a relatively
More informationManaged Security Services
Managed Security Services 1 Table of Contents Possible Security Threats 3 ZSL s Security Services Model 4 Managed Security 4 Monitored Security 5 Self- Service Security 5 Professional Services 5 ZSL s
More informationIBM Managed Security Services Vulnerability Scanning:
IBM Managed Security Services August 2005 IBM Managed Security Services Vulnerability Scanning: Understanding the methodology and risks Jerry Neely Network Security Analyst, IBM Global Services Page 2
More informationCS 356 Lecture 17 and 18 Intrusion Detection. Spring 2013
CS 356 Lecture 17 and 18 Intrusion Detection Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists
More informationExam Name: Cisco Sales Associate Exam Exam Type: Cisco Exam Code: 646-151 Doc Type: Q & A with Explanations Total Questions: 50
Question: 1 Which network security strategy element refers to the deployment of products that identify a potential intruder who makes several failed logon attempts? A. test the system B. secure the network
More informationIQware's Approach to Software and IT security Issues
IQware's Approach to Software and IT security Issues The Need for Security Security is essential in business intelligence (BI) systems since they have access to critical and proprietary enterprise information.
More informationAvaya TM G700 Media Gateway Security. White Paper
Avaya TM G700 Media Gateway Security White Paper March 2002 G700 Media Gateway Security Summary With the Avaya G700 Media Gateway controlled by the Avaya S8300 or S8700 Media Servers, many of the traditional
More informationMitigating the Security Risks of Unified Communications
2009 International Conference on Computer Engineering and Applications IPCSIT vol.2 (2011) (2011) IACSIT Press, Singapore Mitigating the Security Risks of Unified Communications Fernando Almeida 1 +, Jose
More informationConquering PCI DSS Compliance
Any organization that stores, processes or transmits information related to credit and debit card payments has a responsibility to protect each cardholder s personal data. To help accomplish this goal,
More informationVOIP THE ULTIMATE GUIDE VERSION 1.0. 9/23/2014 onevoiceinc.com
VOIP THE ULTIMATE GUIDE VERSION 1.0 9/23/2014 onevoiceinc.com WHAT S IN THIS GUIDE? WHAT IS VOIP REQUIREMENTS OF A VOIP SYSTEM IMPLEMENTING A VOIP SYSTEM METHODS OF VOIP BENEFITS OF VOIP PROBLEMS OF VOIP
More informationWLAN Security Why Your Firewall, VPN, and IEEE 802.11i Aren t Enough to Protect Your Network
WLAN Security Why Your Firewall, VPN, and IEEE 802.11i Aren t Enough to Protect Your Network 339 N. Bernardo Avenue, Suite 200 Mountain View, CA 94043 www.airtightnetworks.net Executive Summary Wireless
More informationBeyond Quality of Service (QoS) Preparing Your Network for a Faster Voice over IP (VoIP)/ IP Telephony (IPT) Rollout with Lower Operating Costs
Beyond Quality of Service (QoS) Preparing Your Network for a Faster Voice over IP (VoIP)/ IP Telephony (IPT) Rollout with Lower Operating Costs Beyond Quality of Service (QoS) Cost Savings Unrealized THE
More informationCMSC 421, Operating Systems. Fall 2008. Security. URL: http://www.csee.umbc.edu/~kalpakis/courses/421. Dr. Kalpakis
CMSC 421, Operating Systems. Fall 2008 Security Dr. Kalpakis URL: http://www.csee.umbc.edu/~kalpakis/courses/421 Outline The Security Problem Authentication Program Threats System Threats Securing Systems
More informationFirewalls, Tunnels, and Network Intrusion Detection
Firewalls, Tunnels, and Network Intrusion Detection 1 Part 1: Firewall as a Technique to create a virtual security wall separating your organization from the wild west of the public internet 2 1 Firewalls
More informationDomain 6.0: Network Security
ExamForce.com CompTIA Network+ N10-004 Study Guide 1 Domain 6.0: Network Security Chapter 6 6.1 Explain the function of hardware and software security devices Network based firewall, Host based firewall
More informationBasic Vulnerability Issues for SIP Security
Introduction Basic Vulnerability Issues for SIP Security By Mark Collier Chief Technology Officer SecureLogix Corporation mark.collier@securelogix.com The Session Initiation Protocol (SIP) is the future
More informationTop Five Ways to Protect Your Network. A MainNerve Whitepaper
A MainNerve Whitepaper Overview The data security challenges within the business world have never been as challenging as they are today. Not only must organizations providers comply with stringent State
More informationConnecting MPLS Voice VPNs Enabling the Secure Interconnection of Inter-Enterprise VoIP
Connecting MPLS Voice VPNs Enabling the Secure Interconnection of Inter-Enterprise VoIP Connecting MPLS Voice VPNs Enabling the secure interconnection of Inter-Enterprise VoIP Executive Summary: MPLS Virtual
More informationAustin Peay State University
1 Austin Peay State University Identity Theft Operating Standards (APSUITOS) I. PROGRAM ADOPTION Austin Peay State University establishes Identity Theft Operating Standards pursuant to the Federal Trade
More informationComplete Protection against Evolving DDoS Threats
Complete Protection against Evolving DDoS Threats AhnLab, Inc. Table of Contents Introduction... 2 The Evolution of DDoS Attacks... 2 Typical Protection against DDoS Attacks... 3 Firewalls... 3 Intrusion
More informationSecure networks are crucial for IT systems and their
ISSA The Global Voice of Information Security Network Security Architecture By Mariusz Stawowski ISSA member, Poland Chapter Secure networks are crucial for IT systems and their proper operation. Essential
More information