Security Testing Summary of Next-Generation Enterprise VoIP Solution: Unify Inc. OpenScape SBC V8



Similar documents
Cconducted at the Cisco facility and Miercom lab. Specific areas examined

CS5008: Internet Computing

OpenScape Session Border Controller Delivering security, interoperability and cost savings to the enterprise network border

OpenScape UC Firewall and OpenScape Session Border Controller

CYBERTRON NETWORK SOLUTIONS

Comparative Performance and Resilience Test Results - UTM Appliances. Miercom tests comparing Sophos SG Series appliances against the competition

NETWORK PENETRATION TESTS FOR EHR MANAGEMENT SOLUTIONS PROVIDER

Ingate Firewall/SIParator SIP Security for the Enterprise

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs

OpenScape Session Border Controller V7

White Paper A SECURITY GUIDE TO PROTECTING IP PHONE SYSTEMS AGAINST ATTACK. A balancing act

Recommended IP Telephony Architecture

Lab Testing Summary Report

An Introduction to Network Vulnerability Testing

PTSv2 in pills: The Best First for Beginners who want to become Penetration Testers. Self-paced, online, flexible access

Check Point submitted the SWG Secure Web Gateway for

Ethical Hacking Course Layout

Securing SIP Trunks APPLICATION NOTE.

Certified Ethical Hacker Exam Version Comparison. Version Comparison

Security of IPv6 and DNSSEC for penetration testers

Voice Over IP (VoIP) Denial of Service (DoS)


Securing Unified Communications for Healthcare

SAFE-T RSACCESS REPLACEMENT FOR MICROSOFT FOREFRONT UNIFIED ACCESS GATEWAY (UAG)

WHITE PAPER. An Introduction to Network- Vulnerability Testing

CRYPTUS DIPLOMA IN IT SECURITY

COURSE NAME: INFORMATION SECURITY INTERNSHIP PROGRAM

Penetration Testing Service. By Comsec Information Security Consulting

Building A Secure Microsoft Exchange Continuity Appliance

If you know the enemy and know yourself, you need not fear the result of a hundred battles.

ICTTEN5168A Design and implement an enterprise voice over internet protocol and a unified communications network

June 2014 WMLUG Meeting Kali Linux

Industrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1

NETWORK PENETRATION TESTING

Linux Network Security

Radware s Behavioral Server Cracking Protection

Session Border Controllers in Enterprise

Windows Remote Access

REPORT ON AUDIT OF LOCAL AREA NETWORK OF C-STAR LAB

Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits)

DoS/DDoS Attacks and Protection on VoIP/UC

Guidelines for Web applications protection with dedicated Web Application Firewall

Your Voice is Critical. OpenScape Enterprise voice solutions gives power to voice

ENTERPRISE SESSION BORDER CONTROLLERS: SAFEGUARDING TODAY S AND TOMORROW S UNIFIED COMMUNICATIONS

Basics of Internet Security

A Closer Look at Wireless Intrusion Detection: How to Benefit from a Hybrid Deployment Model

Your Voice is Critical. OpenScape Enterprise voice solutions gives power to voice

The Cisco ASA 5500 as a Superior Firewall Solution

Securing Cisco Network Devices (SND)

Deciphering The Prominent Security Tools Ofkali Linux

Best Practices for Securing IP Telephony

CS 356 Lecture 17 and 18 Intrusion Detection. Spring 2013

SECURITY TRENDS & VULNERABILITIES REVIEW 2015

Intro to Firewalls. Summary

IDS 4.0 Roadshow. Module 1- IDS Technology Overview. 2003, Cisco Systems, Inc. All rights reserved. IDS Roadshow

Deploying Firewalls Throughout Your Organization

Network- vs. Host-based Intrusion Detection

a) Encryption is enabled on the access point. b) The conference room network is on a separate virtual local area network (VLAN)

Cyber Essentials. Test Specification

INDUSTRIAL CONTROL SYSTEMS CYBER SECURITY DEMONSTRATION

Quick Start Guide: Utilizing Nessus to Secure Microsoft Azure

CS 665: Computer System Security. Network Security. Usage environment. Sources of vulnerabilities. Information Assurance Module

Solution Review: Siemens Enterprise Communications OpenScape Session Border Controller

IxLoad-Attack: Network Security Testing

Threat Mitigation for VoIP

Cisco Advanced Services for Network Security

SIP Security Controllers. Product Overview

2. From a control perspective, the PRIMARY objective of classifying information assets is to:

Firewalls and Intrusion Detection

Cisco Certified Security Professional (CCSP)

ITEC441- IS Security. Chapter 15 Performing a Penetration Test

Firewall Testing Methodology W H I T E P A P E R

Business Telephony Security

PROFESSIONAL SECURITY SYSTEMS

Using Nessus to Detect Wireless Access Points. March 6, 2015 (Revision 4)

IDS and Penetration Testing Lab ISA656 (Attacker)

Voice over IP Security

Understanding and Defending Against the Modern DDoS Threat

Juniper Networks Secure

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

Build Your Own Security Lab

Avaya SBCE 6.3 Security Configuration and Best

State of New Mexico Statewide Architectural Configuration Requirements. Title: Network Security Standard S-STD Effective Date: April 7, 2005

THE ROLE OF IDS & ADS IN NETWORK SECURITY

Appalachian Regional Commission Evaluation Report. Table of Contents. Results of Evaluation Areas for Improvement... 2

Penetration Testing with Kali Linux

Basic Vulnerability Issues for SIP Security

Jort Kollerie SonicWALL

Certified Ethical Hacker (CEH)

Transcription:

Security Testing Summary of Next-Generation Enterprise VoIP Solution: Unify Inc. OpenScape SBC V8 SR140531D 19 August 2014 Miercom www.miercom.com

Overview Unify Inc. (formerly Siemens Enterprise Communications) engaged Miercom to perform a comprehensive security assessment of a key component of its OpenScape solution portfolio, OpenScape Session Border Controller V8. The purpose of testing was to attempt to uncover security vulnerabilities that could be exploited to detract from proper, normal operation. About OpenScape Session Border Controller V8 is the latest edition of OpenScape SBC, which extends the SIP-based communications and applications of an OpenScape Voice-over-Internet Protocol (VoIP) enterprise network beyond its physical boundary. OpenScape SBC performs three functions, providing: Secure termination of SIP-based trunking from a service provider Secure voice communications for remote workers A connection to each remote branch office in a distributed OpenScape voice deployment Unlike traditional data firewall solutions, OpenScape SBC is specifically designed to provide VoIP traffic security. After terminating a SIP session on its WAN side, outside of the enterprise voice network, OpenScape SBC ensures the traffic is originating from an authorized source and inspects the SIP and media packets for protocol violations or irregularities. Only when the traffic is deemed valid is it passed from the core or LAN side of OpenScape SBC to the OpenScape VoIP enterprise network. OpenScape SBC also enhances security on the end-user network by providing SIP-aware functionality including dynamic Real-time Transport Protocol/Secure Real-time Transport Protocol pin-holing through its internal firewall, stateful SIP protocol validation, Denial of Service (DoS)/Distributed Denial of Service (DDoS) mitigation, and network topology hiding. It also supports Transport Layer Security encryption on core- and access-side SIP signaling interfaces as well as SRTP media encryption on a termination/mediation or pass-through basis. Key Findings and Conclusions OpenScape Session Border Controller V8 was tested against 10,800,231 attacks and protocol mutations launched by state-of-the-art security tools and Miercom scripts An attacker is not able to circumvent the Intrusion Detection System by using a slow rate of traffic to achieve a false login via a brute-force attack Exhibited no vulnerability to the Heartbleed exploit as well as a full range of SIP penetration attacks Maintained normal operation and call functionality while blocking attempted exploits Test Conditions The test environment mirrored an OpenScape voice deployment typical of a mid-sized to large organization that included OpenScape Branch V8 and OpenScape SBC V8. The viability of each attack and the risk of OpenScape SBC being compromised were evaluated. Copyright 2014 Miercom Page 2 SR140531D

The presence of a compromised computer on the enterprise network, such as one that has been taken over by a botnet, was simulated. State-ofthe-art test tools send attacks directly against OpenScape SBC V8. For defense, OpenScape SBC V8 had only its internal firewall. A network security appliance was not present between OpenScape SBC V8 and the attack sources. The methodology for and the execution of the attacks were based on knowledge Miercom has amassed, in collaboration with leading security experts, from decades of work in VoIP deployments as well as security assessments. Unify OpenStage 60/80 SIP phones were utilized in the test environment for call up-time verification. Test Tools Used for Attacks and Vulnerability Scans OpenScape Session Border Controller (SBC) proved resilient to a wide range of threats, including five types of SIP attacks and an IPv4 DoS attack. ~ Miercom Nessus from Tenable Network Security Nmap from nmap.org Burp Suite from Portswigger Ltd. Spirent Studio Security Software on Spirent Mu-8000 appliance Netcat from Hobbit OmniPeek from WildPackets Hydra from The Hacker s Choice Kali Linux from Offensive Software Traffic IQ Professional from idappcom Ltd. Source: Miercom, August 2014 back track Linux Copyright 2014 Miercom Page 3 SR140531D

Two scanners, Nessus from Tenable Network Security and Nmap from nmap.org, scanned OpenScape SBC V8 to determine what vulnerabilities were present. An active network/host scanner, Nmap provides additional functionality via customized scripts. During this assessment, scripts for SIP attacks, service identification and service fingerprinting were utilized. Spirent Studio Security software generated protocol mutations, many known (published) vulnerabilities and external attacks using test cases and custom scripts. It was housed on a Spirent Mu-8000 appliance. Burp Suite from Portswigger Ltd. is an integrated platform for security testing of Web applications. Tools in the suite work together to support the entire testing process, from initial mapping and analysis of the attack surface to sending attacks to exploit security vulnerabilities. Tools include an intercepting proxy, which enables inspection and modification of traffic between the browser and application, and an intruder, which launches customized attacks. Netcat from Hobbit was used to primarily for service fingerprinting. Also known as the hacker s Swiss Army knife, Netcat creates a socket to any open services. OmniPeek from WildPackets is a network analyzer that provided Miercom visibility into the test environment. Hydra from The Hacker s Choice was used in brute-force testing. A password cracker, Hydra launches a dictionary attack to test for weak or simple passwords on one or many remote hosts running a variety of services. Kali Linux from Offensive Security was utilized to determine that OpenScape SBC V8 is not vulnerable to the Heartbleed exploit. An evolution of back track Linux, Kali Linux has more than 300 penetration testing and security auditing programs. Traffic IQ Professional from idappcom Ltd. can be used for a variety of security, audit and compliance tests. In this assessment, it was used for application penetration testing. back track Linux is an auditing operating system and toolkit for penetration testing. Copyright 2014 Miercom Page 4 SR140531D

Results OpenScape SBC V8 passed 19 tests in the comprehensive security evaluation, which included vulnerability scans, protocol mutation attacks, SIP attacks and DoS attack. It also passed four additional tests, the highlight of which was validation of resilience to the Heartbleed exploit. Snapshot of Security Tests ed by OpenScape Session Border Controller V8 OpenScape SBC V8 withstood vulnerability scans from the Nmap and Nessus tools and was impervious to all protocol-mutation attacks. ~ Miercom Category Action, Assault, Attack Result Vulnerability Scans Protocol Mutation Attacks Metasploit attacks Nmap scan of SBC node interfaces Nmap scan of SIP signaling interfaces Nmap scan of Virtual IP (VIP) ports Nessus scan of Virtual IP (VIP) ports SNMP mutation ICMPv4 mutation IPv4 mutation ARP mutation DoS Attack IPv4 DoS SIP Attacks Invite flooding Call spoofing Enumerating SIP users Deregistering SIP users/devices Brute force SIP attacks Other Heartbleed SSL Source: Miercom, August 2014 Port scanning and enumeration Fragmented attacks (including teardrop, overlapping and tiny fragments) Independent local survivability Copyright 2014 Miercom Page 5 SR140531D

Conclusion Security is crucial for OpenScape Session Border Controller V8 since it operates at a crucial location, the border of an OpenScape VoIP enterprise network. Based on its strong performance in our comprehensive, hands-on security evaluation, OpenScape SBC V8 is up to the task of securely extending the SIP communications and applications of the VoIP network to SIP service providers, remote branch offices and remote users. OpenScape SBC V8 demonstrated the ability to sustain call processing functions while subjected to a variety of attacks and exploits from our state-ofthe-art test tools. Unify s OpenScape Session Border Controller V8 has earned Miercom Certified Secure. About Miercom Founded in 1988, Miercom pioneered the business of independent, hands-on testing of products and services for the enterprise network and communications industry. For over 26 years the company has provided test services and consulting and is considered a leading independent test facility. Private test services include competitive product analyses as well as individual product evaluations. Miercom features comprehensive certification and test programs including: Performance Verified, Certified Secure, Certified Green and Certified Reliable. These certifications are recognized by networking vendors and end-user organizations as an accurate, unbiased validation of the ability of the product or service to perform in a real-world network. Miercom has published hundreds of network-product-comparison analyses in leading trade periodicals and other publications. For more information about Miercom testing and certifications as well as consulting services, please visit www.miercom.com. Copyright 2014 Miercom Page 6 SR140531D

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information