Security

Is Your UC Secure?

In order to provide comprehensive security, all traffic going into and out of the network should be monitored. Security applications and appliances have to scan and monitor for malware, data leakage, and other threats. With Unified Communications, the threat landscape is a little bigger and a little different. It is as important as ever to monitor traffic and maintain security, but unified communications demand higher bandwidth and QoS (Quality of Service) requirements than standard data traffic, making it an even greater challenge to secure and protect a UC environment while maintaining voice quality. Join Jason Ostrom, Director of the Sipera VIPER Lab, and Eric Winsborrow, Chief Marketing Officer for Sipera Systems and moderator, Erik Lanask, Group Managing Editor at Technology Marketing Corporation, on Tuesday, July 22 at 11:00am ET/ 8:00am PT.

Securing Unified Communications

Corporate networks and computer systems are faced with a variety of threats. Unauthorized access, malware compromise, data leakage, and other threats are fairly common and administrators are used to protecting against them. However, the phone system traditionally has been a separate issue, exposed to soe threats of its own, but a horse of an entirely different color. Even the various attack vectors in the computer system and network infrastructure have typically had a degree of separation. Michael Osterman discusses some of the emerging (or merging as the case may be) threats to corporate networks posed by the implementation of unified communications in this NetworkWorld article.

Sipera Enhances UC Security

In the Press Release from Sipera, it explains that “For enterprises utilizing SIP trunks to connect to their service providers, Sipera not only offers comprehensive security for these SIP trunks, but also addresses key deployment issues by offering additional Session Border Control (SBC) functionality.” SIP trunking is one of the hot trends within the hot trends of VoIP and Unified Communications. Updates to the Sipera IPCS appliance include:

• Certificate provisioning proxy for improved access control
• HTTP/TFTP proxy for web services and configuration, and LDAP proxy for
  directory services, for faster and easier deployment of remote phones
• TLS/SRTP proxy for encryption, further ensuring communications privacy
• Network, device, user, domain, and time of day granular policy
  enforcement.

Nortel Partners With SecureLogix for Voice Security

Nortel has formed an alliance with SecureLogix to enable Nortel VAR’s to market and sell the SecureLogix ETM System and other security services in conjunction with Nortel’s new Voice Security Services offering. Adding to the arsenal already available to Nortel VAR’s, the SecureLogix ETM System provides a powerful voice security and management platform. Nortel customers will be able to optimize their investment in voice technologies, while protecting the voice and data networks from telephony-based attacks and abuses. Unified communications and VoIP are hot technologies that many companies have adopted or are looking at implementing soon, but few have taken the time to understand the security risks or proactively safeguard their unified communications investment. Nortel and SecureLogix are moving in the right direction by recognizing the security concerns and providing products and services to help their customers leverage the benefits of these new technologies securely.

Nortel Delivers UC For Government

Companies generally have confidential information- financial projections, intellectual property, trademarked secret formulas, etc. But, the magnitude of secrecy and the need for confidentiality pale in comparison with a government, especially the United States government. Nortel has developed a new unified communications solution based on their Application Server 5300, which provides the level of service assurance and security that government agencies, and civilian agencies linked with the government require. The new offering complies with IPv6 and Department of Defense (DoD) requirements for secure, resilient VoIP and unified communications. The Nortel appliance also supports multi-level precedence and pre-emption, a DoD system to enable the most critical communications higher priority over existing calls.

Policing Instant Messaging

One of the key building blocks of unified communications is instant messaging. Instant messaging (IM) client software acts as the focal point and primary interface for a variety of unified communications solutions including Microsoft Communicator, and Avaya One-X Communicator. IM has come a long way from its early days as an unauthorized rogue application installed by tech-savvy users. Many organizations have adopted IM as a business tool, but most were reluctant and slow to climb onto the bandwagon. Now, IM is the keystone of next-generation communications. IM still poses a risk though. It can threaten productivity. It can represent an attack vector for malware. It can be a compliance issue. Companies can gain many benefits from the effective use of IM, but they need to provide guidelines for its use in defined, and written policies. Check out Instant Messaging Policies Reduce Risk for more details about the issues and what should be included in a corporate IM policy.

Is Endpoint Security Replacing Network Security?

There have been rumors for some time that the network perimeter is dead. More users are relying on laptop computers connected over wireless networks, or via VPN from a hotel or coffee shop. Users have mobile phones that connect to network resources, and various methods of portable data storage- USB flash drives, mobile phones, digital cameras, MP3 players. If anyone can connect from anywhere and data is coming and going, it becomes virtually impossible to say what is ‘inside’ the network perimeter, and what is ‘outside’ the network perimeter. If all of that is true, should network security even be an issue? Why not declare a time of death, focus on endpoint security solutions and forget about the network? Read The Future of Network Security at Computerworld for a deeper look at this issue, as well as why the rumors of the death of network security might be exaggerated.

Multi-Vendor Firewalls: Managing Them For Fun and Profit

OK, there probably isn’t any profit, and the idea of “fun” may be a bit of a stretch as well. Organizations that have multiple firewalls, from multiple vendors need an efficient way to monitor, manage, and optimize them. Network administrators just keep adding rules on the fly, rarely documenting why they were created. It doesn’t take long before there is a complete, chaotic mess of firewall rules to manage. Doing so across multiple firewalls, particularly from multiple vendors, can be tedious, and virtually impossible. The individual firewall vendors don’t provide tools with the power and flexibility to help make the process more efficient. Thankfully, there are 3rd-party vendors that do. Using one of the the 3rd-party tools, you can review, manage, and optimize firewall rules from multiple vendors and multiple firewalls. Read How to manage your multivendor firewalls like a pro to learn more about these products and how they can help you.

The Insider Threat

I know that it is sort of a “sky is falling”, FUD (Fear, Uncertainty, and Doubt) sort of statement, but the threat from inside your network is significant. While you focus on keeping unauthorized users out, locking down your network perimeter, detecting and blocking incoming malware, etc., your authorized users may be busy at work pushing the boundaries of their access and poking your internal security measures for holes. Then there are those users who are authorized access and unwittingly expose sensitive data, such as placing it unprotected on a USB thumb drive which they subsequently misplace while stopping for a cup of coffee. There are a number of ways- both intentional, and accidental- that your users may pose a bigger threat to your network security than all of the bad, nasty external forces seeking to compromise your systems. Check out How dangerous user behavior puts networks at risk to read the whole article and hopefully pick up some tips you can use to protect your network from the inside as well.

Cisco Confirms VoIP Security Hole

VoIP is the new wireless (unfortunately, wireless is still the new wireless as well). By that, I mean it is the hot new technology that everyone is implementing even though they don’t really know how to properly deploy it and they have even less knowledge of how to secure it. Vendors are guilty too. They rush products to market to take advantage of the popularity, but the products are not designed securely and they are not adequately tested. The result is a bunch of flawed and vulnerable VoIP networks out there, built on essentially beta-version hardware, just waiting to be exploited. At HACK.LU 2007 in Luxembourg this past October, security researcher Joffrey Czarny described a technique to eavesdrop on remote conversations using Cisco VoIP phones. Check out Cisco confirms ability to spy on remote calls with VoIP to learn more about this, and other, VoIP exploits that may affect your cutting edge phone network.