Data Sheet Cisco Advanced Services for Network Security IP Communications networking the convergence of data, voice, and video onto a single network offers opportunities for reducing communication costs and complexities, as well as increasing productivity, mobility, and resilience. The key to unlocking these advantages is the confidence that your IP telephony network is secure and protected from disruption. Numerous threats, from device failures to malicious attacks, affect the integrity, privacy, and availability of voice services. To maximize security, Cisco Systems recommends an integrated system that includes multiple layers of security technology to best ensure that your IP telephony systems and services are protected. Cisco Advanced Services for Network Security offers a comprehensive IP telephony security review service to help generate new levels of IP telephony system integrity and protect your voice system efficiency and productivity benefits. Cisco consultants perform a comprehensive review of an organization s security program, including security policy and procedures, network security design, and IP telephony system security, including detailed recommendations on how to improve IP telephony security. Extending in-depth expertise in network security to IP telephony, Advanced Services security experts deliver a consistent and proven methodology for analyzing IP telephony security. The goal is to provide recommendations for comprehensive system-level protection of the IP telephony network, including design improvements that extend the security capabilities of the network to voice services. As a result, this service helps preserve and enhance your existing investment in Cisco infrastructure, security technology, and IP Communications solutions. The benefits of this service include: Mitigate IP telephony security threats Identify security vulnerabilities and deviations from corporate security policy and industry best practices Improve the integrity, privacy, and availability of voice services Recommend IP telephony security infrastructure design and system improvements that enable multilayer, integrated voice and data security Increase network administration and IT staff productivity Enable the deployment of consistent, efficient IP telephony security policies and procedures Lower the total cost of ownership (TCO) for IP telephony Improve voice operating procedures by ensuring the consistent deployment of security controls, such as revision update processes, system configuration, and server hardening Reduce the network TCO Enable existing network security capabilities for IP telephony, and prepare for future IP telephony integration and deployment initiatives 2004 Cisco Systems, Inc. All rights reserved. Page 1 of 5
The service engagement includes: IP Telephony Security Policy and Procedure Review Advanced Services consultants perform an in-depth review of your IP telephony security policies and procedures such as information security documentation, IP telephony operations, communications management, and voice access control. IP Telephony Security Infrastructure Review Voice security engineers review and analyze critical IP telephony systems, such as Cisco CallManager, Cisco IP phones, and Cisco Unity software to better secure against unauthorized access, identity spoofing, toll fraud, and application layer threats. Recommendations include actions for operating system hardening, phone hardening, user authentication, intrusion detection, and secure remote access. Network Security Design Review Network engineers perform a security design review to identify vulnerabilities and deviations from corporate policy and industry best practice that may compromise the security of the IP telephony infrastructure. Analysis includes actions to improve IP telephony security, such as hardware redundancy, VLANs, firewalling, switch security, voice gateway security, traffic filtering, and intrusion detection. Design recommendations for network topology, device placement, and connectivity improvements are provided, and protocol, policy, and feature recommendations are documented. IP Telephony Vulnerability Test Using advanced specialized assessment tools, security engineers test for and exploit vulnerabilities within the IP telephony infrastructure to identify security exposures. This vulnerability test allows organizations to assess their ability to detect and respond to threats to the IP telephony infrastructure and to validate voice security policy and procedures. Detailed test results report unauthorized voice and system access and provide recommendations for allowing organizations to make architecture, policy, and configuration improvements to help prevent future exploitation. Page 2 of 5
Capabilities and Methodology Capabilities Security Policy and Procedure Review Review information security policy documentation for IP telephony, such as access control, virus checking, incident reporting and recovery, security monitoring, and data integrity. Review IP telephony operational procedures for virus protection, incident management, network backup/restore, security monitoring, and application revision procedures. Review IP telephony and network access control procedures, including privilege management, user authentication, password protection, and remote access. Review organizational procedures for managing network security, including roles and responsibilities, cross-functional decision making, and change management. IP Telephony Security Infrastructure Review Perform host and operating system discovery of IP telephony systems and identify and verify deployed network services. Verify that security is in place for all deployed voice features. Perform voice server security review to ensure that all server and configuration best practices are implemented. Verify that recommended antivirus software is installed and perform an antivirus configuration review. Ensure host intrusion detection is correctly tuned and configured on IP telephony system servers. Network Security Design Review Perform an architecture and design review of the network infrastructure that supports the IP telephony service. Identify and analyze IP telephony security architecture and design vulnerabilities. Perform a voice access layer configuration review to ensure that all security features and best practices are implemented. Provide a detailed security analysis of voice and network components, including: Voice gateways Remote-access devices Intrusion detection systems Firewalls Routers and switches Security management systems Recommend improvements to topology, components, functions, and features. Develop sample configurations for firewalls, intrusion detection systems, routers, switches, voice gateways, VPNs, and access-control servers. IP Telephony Vulnerability Test Page 3 of 5
Capabilities and Methodology Perform an automated scan of IP telephony systems to discover and test services. Simulate a controlled network attack to determine potential system, application, and network device vulnerabilities/ Manually perform techniques to exploit and confirm identified vulnerabilities. Perform secondary exploitations, including exploitation of trust relationships between hosts and password vulnerabilities. Perform automated IP telephony device configuration reviews to identify security risks. Review device administration practices including password verification of IP telephony infrastructure devices. Analyze and present test results, including recommended voice security operation policies and procedures. Methodology Hold a preassessment meeting to gather information and initiate the review. Hold an onsite information gathering. Schedule onsite vulnerability testing. Provide an onsite presentation of preliminary IP telephony security gap analysis and findings. Present final IP telephony security gap analysis and findings. Deliverables An document that includes an executive summary, detailed findings, and a recommended action plan. Detailed findings include data on IP telephony system security vulnerabilities, recommendations for improving IP telephony security policy and procedures, and a prioritized action plan for IP telephony and network security design and configuration improvements. The Cisco Difference: People, Process, Tools, and Partners Cisco Advanced Services for Network Security offers certified experts, in-depth technical knowledge, specialized tools and methodologies, and industry-leading security research labs to deliver high-quality network security services. Cisco consultants and engineers help minimize the risk to valuable business assets by working with your team to plan, design, implement, and optimize network security solutions that are critical to managing the evolving information security threat. Contact your Cisco representative to find out more about how Cisco Advanced Services experts can help you to mitigate network security threats, help improve your staff s productivity, and reduce the TCO for your network. Page 4 of 5
Copyright 2004 Cisco Systems, Inc. All rights reserved. Cisco, Cisco Systems, the Cisco Systems logo, and Cisco Unity are registered trademarks or trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries. All other trademarks mentioned in this document or Website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0401R) Page 5 of 5