Firewalls vs. ESBCs: You May Be Under Attack and Not Even Know It. Mike Reiman Director of Software Solutions

Similar documents
SangomaSBCs Keeping Your VoIP Network Secure. Simon Horton Sangoma

Session Border Controllers in Enterprise

Ingate Firewall/SIParator SIP Security for the Enterprise

White Paper. avaya.com 1. Table of Contents. Starting Points

Architecting a Cloud Solution to VoIP Challenges

PETER CUTLER SCOTT PAGE. November 15, 2011

Migrating to SIP Trunking with AudioCodes Alan Percy Director, Market Development August 2011

What is an E-SBC? WHITE PAPER

November The Business Value of SIP Trunking

Whitepaper SBC Sticker Shock

An Oracle White Paper February Centralized vs. Distributed SIP Trunking: Making an Informed Decision

Analysis of the North American VoIP Access and SIP Trunking Services Market Cloud-style Offerings Accelerate Growth

SBC WHITE PAPER. The Critical Component

Preparing VoIP and Unified Communications Systems for IPv6 Technical Summary September 2014

How To Support An Ip Trunking Service

How the ETM (Enterprise Telephony Management) System Relates to Session Border Controllers (SBCs) A Corporate Whitepaper by SecureLogix Corporation

SIP Trunking. Cisco Press. Christina Hattingh Darryl Sladden ATM Zakaria Swapan. 800 East 96th Street Indianapolis, IN 46240

Session Control Applications for Enterprises

OpenScape Session Border Controller Delivering security, interoperability and cost savings to the enterprise network border

North American VoIP Access and SIP Trunking Services Market New Offerings and Features Attract Mainstream Customers

Consistent Performance on Access Devices. April 2012 WHITE PAPER

Whitepaper. Are Firewalls Enough for End-to-End. VoIP Security

SIP SECURITY JULY 2014

SIP Trunking and the Role of the Enterprise SBC

The Business Value of SIP Trunking

An Oracle White Paper August What Is an Enterprise Session Border Controller?

Innovation in Security. Secure Enterprise U n i f i e d C o m m u n i c a t i o n to protect business assets in the 21st Century

OfficeMaster Gate (Virtual) Enterprise Session Border Controller for Microsoft Lync Server. Quick Start Guide

Acme Packet session border controllers in the enterprise

Microsoft Lync Transforms Business Communications

UC Implementation Strategies

SBC - the UC-glue Security, Interoperability, Reliability. Alexander Kunzi

Brochure. Dialogic BorderNet Session Border Controller Solutions

SIP Trunking DEEP DIVE: The Service Provider

S-Series SBC Interconnect Solutions. A GENBAND Application Note May 2009

VoIP Logic Platform: Peering SIP Trunking

Creating the Unified Multi-Service Demarcation Point

Implementing VoIP monitoring solutions. Deployment note

Opal SIP Trunks. Greg Zweig Sonus Networks Product Management. July, 2010

VOIP THE ULTIMATE GUIDE VERSION /23/2014 onevoiceinc.com

Building the Lync Security Eco System in the Cloud Fact Sheet.

SIP Trunking to Microsoft Lync (Skype for Business) Server

How To Buy A New Phone System

Convergence Technologies Professional (CTP) Course 1: Data Networking

Big Solutions for Small Business

ENTERPRISE SESSION BORDER CONTROLLERS: SAFEGUARDING TODAY S AND TOMORROW S UNIFIED COMMUNICATIONS

Oracle s Solution for Secure Remote Workers. Providing Protected Access to Enterprise Communications

Threat Mitigation for VoIP

Dialogic BorderNet Session Border Controller Solutions

Securing Unified Communications for Healthcare

SIP Trunking Steps to Success, Part One: Key Lessons from IT Managers Who ve Been There

SIP Trunking The Provider s Perspective

APPLICATION NOTE. SIP Trunking Connectivity, Security and Deployment Scenarios. Introduction

Development of SIP-H.323 Gateway Project

SIP Trunking with Microsoft Office Communication Server 2007 R2

Software-Based Session Border Controllers are Critical to the Evolution of Communications

Oracle s SIP Network Consolidation Solutions. Using SIP to Reduce Expenditures and Improve Communications

UC and SIP Trunking Luncheon. Sponsored by:

Level: 3 Credit value: 9 GLH: 80. QCF unit reference R/507/8351. This unit has 6 learning outcomes.

Telephony Denial of Service (TDoS) Attacks. Dan York, CISSP Chair, VoIP Security Alliance

SIP Trunking Success

VoIP / SIP Planning and Disclosure

Enterprise Session Border Controllers Security and More. June 2010

Patton-BroadSoft Auto- Provisioning Solution for SIP Trunks Serving Customer- Chosen IP PBX

CompTIA Convergence Examination Objectives

Communications Transformations 2: Steps to Integrate SIP Trunk into the Enterprise

Session Border Controllers: Securing Real-Time Communications

Dialogic. BorderNet Products Interwork and Connect Seamlessly and Securely at the Network Edge

Copyright and Trademark Statement

Gateways and Their Roles

VOIP SECURITY: BEST PRACTICES TO SAFEGUARD YOUR NETWORK ======

Skype Connect for TDM and IP-PBXs

Open Visual Communications Consortium

Application Note Patton SmartNode in combination with a CheckPoint Firewall for Multimedia security

Allstream Converged IP Telephony

SIP Trunking and Voice over IP

North American VoIP Access and SIP Trunking Services Markets

SIP Trunking and the Enterprise SBC What is the real ROI?

Calculate Your Savings

Is SIP Trunking on Your Horizon? Sue Bradshaw, Technology Writer

VIII. Deployment Schedule

Deploying the ShoreTel IP Telephony Solution with a Meru Networks Wireless LAN

Securing SIP Trunks APPLICATION NOTE.

EarthLink Business SIP Trunking. NEC SV8300 IP PBX Customer Configuration Guide

Sonus and Lync Enterprise Voice

NSW Government. Telecommunications: SIP (Session Initiation Protocol) Standard

Solution Review: Siemens Enterprise Communications OpenScape Session Border Controller

How To Use An Apa Sip (Sip) To Improve Your Business

Opal SIP Trunks. Greg Zweig Sonus Networks Product Management. July, 2010

SIP Trunking: The New Normal in the Cloud Era

nexvortex SIP Trunking Implementation & Planning Guide V1.5

Risk Free Migration to Lync Kevin Isacks, VP SBC & CA Development

Microsoft Lync and SIP trunking - Ensuring multi-vendor technology success with Prognosis

Is SIP Trunking on Your Horizon?

SIP Trunking Guide: Get More For Your Money 07/17/2014 WHITE PAPER

MULTIPOINT VIDEO CALLING

Enterprise Video Conferencing

VoIP Logic Platform Feature SIP Trunking

Oracle s Contact Center Communications Solution. Improve Business Agility, Customer Satisfaction and Economics

Transcription:

Firewalls vs. ESBCs: You May Be Under Attack and Not Even Know It Mike Reiman Director of Software Solutions

Edgewater Networks Overview Based in San Jose, California, Edgewater Networks was founded in November 2002 We are a leading provider of Enterprise Session Border Controllers (ESBCs) Over 200 Service Provider Partners Over 300,000 Systems Shipped Our products are sold to SMBs and Enterprises through leading service providers and other channels Over 6 Million Sessions Since 2010 Over 18 Million Endpoints under Management

Agenda SIP Attacks They Can Happen To Anyone Industry Statistics The Prevalence of Attacks The Cost of Toll Fraud Changing the Landscape Difference Between Firewalls and ESBCs Q&A

SIP Attacks It Can Happen to Anyone Hackers are smart Automated tools bombard the network Bogs down network Can rack up thousands of dollars in toll fraud Incredibly difficult to identify as constantly moving Breaches on converged network 185K Requests for Access to Corporate Voice Services ESBC blocks 180K Illegitimate Requests December 2014 All 185K Requests passed by next gen, application aware Firewall

Industry Statistics Revenue (US$ Billions) Trunks (Millions) $10 As SIP proliferates with staggering growth rates... $8 $6 $4 $2 $0 Revenue Trunks CY11 CY12 CY13 CY14 CY15 CY16 CY17 CY18 Infonetics Research: SIP Trunking Services Market Size and Forecasts, Oct. 2014 Business Cloud VoIP and UC Services Market Size and Forecasts, Aug. 2014 40 35 30 25 20 15 10 5 0... Attacks are on the rise... Monthly fraud cases reported up 121% in the last 5 years SIP Hacking accounts for over 25% of all cases Cost of SIP Hacking is estimated at $11.7 billion Communications Fraud Control Association - 2014 Annual Survey And, despite awareness, customers are not addressing them. 91% of businesses cite security as a critical concern when selecting a SIP provider But, 52% connect SIP Trunks natively to their PBX Source: Infonetics Research, UC Cloud and On-Premises Strategies and Vendor Leadership: North American Enterprise Survey, March 2015

Changing Attack Targets Smaller firms with little or no IT staff are becoming targets for Fraud Attacks Atlanta architecture firm - $166K New York dry cleaning chain - $147K Albany consulting company - $200K Larger firms and their Service Providers not sure who should be responsible for security

Industry Statistics

How They re Happening PBX Feature Server SIP Trunk PRI SIP Trunk Public IP Cloud 3G/LTE Partners

How They re Happening Feature Server IP-PBX ISDN TDM Public IP Cloud 3G/LTE Partners

What s the Common Denominator? All deployments had a firewall A firewall was NOT enough

Understand the OSI Stack OSI model differentiates functions of firewalls vs ESBCs Firewalls control Layer 2 to Layer 4 ESBCs control Layer 2 to Layer 4, but excels in Layer 7 functionality

Firewalls and the OSI Model Static technology Turn on / off interfaces throughout its 3 layers Firewalls don t control these layers QoS issues in VoIP network will occur here Firewall changes are made only at these layers

ESBCs Fit into the OSI Model Take traffic management to the next level Security and application concerns managed through a single network management solution ESBCs coordinate security policy management at Layers 2 and 4 and application resource allocation at Layer 7 with message handling at Layer 5 Quality issues do NOT affect end-users

Advantage of ESBCs over Firewalls Session Layer (5) control Presentation Layer (6) control Application Layer (7) control Protocol transcoding Visibility into voice KPIs (jitter, latency, throughput, etc.) Dynamic policy control for communications applications

ESBCs Ensure VoIP Security Protecting from malicious attacks Toll fraud protection Encryption Topology hiding IP traffic management

There s a Place for Both H.323/SIP Call Control Public IP Cloud 3G/LTE Demarcation Point Partners

Two Choices for Deployment Option 1 Option 2 Connect SIP trunks directly to ESBCs Let ESBC take lead on security and traffic management Firewalls take lead w/esbc on interior Prioritizes QoS, enable interoperability across all communications applications Connect SIP trunks directly to ESBCs

Conclusion Total VoIP Security Firewalls alone are not enough to guarantee VoIP Security Without an SBC, IT groups fight QoS fires that can be difficult to resolve

Questions? www.edgewaternetworks.com sales@edgewaternetworks.com (408) 351-7200 Next Webinar: October 15, 2015 Market Analysis for UC & Hosted Services in the SMB Market: Building the Best Offer to Meet Market Needs http://bit.ly/smbresearch2

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information