Voice over internet protocol voip security affects on the ip network architecture
Download
1 / 11

Voice over Internet Protocol (VoIP) Security Affects on the IP Network Architecture - PowerPoint PPT Presentation


  • 297 Views
  • Updated On :

Voice over Internet Protocol (VoIP) Security Affects on the IP Network Architecture. Net@Edu Conference ICS – Wireless Group Meeting Tempe, Arizona February 6, 2005 Jose J. Valdes, Jr. Colorado State University. Convergence.

Related searches for Voice over Internet Protocol (VoIP) Security Affects on the IP Network Architecture

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Voice over Internet Protocol (VoIP) Security Affects on the IP Network Architecture' - Donna


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Voice over internet protocol voip security affects on the ip network architecture l.jpg

Voice over Internet Protocol (VoIP) SecurityAffects on the IP Network Architecture

Net@Edu Conference

ICS – Wireless Group Meeting

Tempe, Arizona

February 6, 2005

Jose J. Valdes, Jr.

Colorado State University


Convergence l.jpg
Convergence

  • “Today’s networks are being architected with converged, real time, voice, data, and video applications in mind.”(1)

  • “It is this ability to integrate voice, data, and video applications using a single network infrastructure that makes deployment of IP telephony platform a essential step toward creating a next-generation network.” (1)

  • The next-generation network has different and extended architectural requirements, in part because of VoIP, e.g., security.


Voip security l.jpg
VoIP Security

  • “Security must prevent theft of service, authenticate users, and repel a range of attacks from outside and inside the firewall.” (2)

  • “With the introduction of VOIP, the need for security is compounded because now we must protect two invaluable assets, our data and our voice.” (3) (video and mobile).

  • “The key to securing VOIP is to use the security mechanisms like those deployed in the data networks (firewall, encryption, anti-virus, pop-up protection, O.S. updates,etc.).” (3)


Voip security challenges l.jpg

Quality of Service (QoS)

Latency

Jitter

Packet loss

Security Breaches

Access

Disruption

Confidentiality and privacy

Network Elements

Denial of Service (DoS)

Power failure

Viruses, Trojan Horse

Physical security

Operating System

Life and Safety (E-911)

802.11

Protocols

H.323

SIP

VoIP Security Challenges


Quality of service qos l.jpg
Quality of Service (QoS)

  • “Quality of Service (QoS) refers to the capacity of a network to provide better service to selected network traffic over various technologies …, and IP routed networks …” (4)

  • Latency is the time it takes for data to get from the source to the destination and is introduced from various network and VoIP components, e.g., encryption encoding and decoding.

  • Jitter is introduced when data packets have different latency and packets become out of sequence.

  • Packet loss is when data packets do not arrive at the destination or arrive too late to be processed.

    (4)


Slide6 l.jpg
QOS

  • “The key to conquering QoS issues like latency and bandwidth congestion is speed.”(3)

  • “…every facet of network traversal must be completed quickly in VoIP.” (3)

  • Firewalls/NAT traversal and traffic encryption/decryption are latency producers and network congestion generators, but must effective means to secure a network. The “good and bad news”.


Security breaches l.jpg
Security Breaches

  • Access

    • Unauthentication - intrusion detection and application access control

    • Protection and updating of administrative passwords

  • Disruption

    • Denial of Service (DoS) – VLAN, firewall, routers, digital certificates

    • Network congestion – QoS, increased bandwidth

  • Confidentiality and Privacy

    • Eavesdropping & IP spoofing


Network elements l.jpg
Network Elements

  • Denial of Service (DoS) – see slide # 7

  • Power failure – UPS, generators

  • Viruses, Trojan Horse – application and O.S. patches and updates, security policies

  • Physical security – access controls, policies

  • Operating System – patches, updates

  • Life and Safety (E-911) – static IP address, relocation policies

  • 802.11 evolving IP mobile devices or dual mode with cellular


Ip security profiles l.jpg
IP Security Profiles

  • ITU – T H.234 v2 & v3 defines different security profiles for product interoperability under the H.323 suite of protocols’ Annex D, E, and F. Suite designed for real time audio, video, multimedia, and data.

  • SIP security features described in RFC 3261 (IETF). Designed for VoIP and updated for video and messaging.

  • Some will argue that these protocols were designed from different perspectives.


Bottom line and discussion l.jpg
Bottom Line and Discussion

  • Expectations for VoIP will be based on the performance and availability of legacy telephony systems!!

  • How will VoIP affect the IP network architecture?

  • Will “traditional” IP security mechanisms and policies be effective or detrimental to VoIP on a convergent network?

  • How to identify the accommodations or “trade offs” that will be acceptable in support of VoIP on a convergent network?


References l.jpg
References

  • Broadcom. “Critical Steps for Successful VoIP Deployment.” White Paper October 2004 Broadcom Corporation Irvine, CA.

  • Shore, Joel. “IP Telephony Security: An Overview.” NetworkWorld URL: networkworld@reprintbuyer.com

  • Kuhn, R.D., Walsh, T.J., & Fries, S., “Security Considerations for Voice Over IP Systems: Recommendations of the National Institute of Standards and Technology.” National Institute of Standards and Technology, Gaithersburg, MD. January 2005.

  • Cisco. “Internetworking Technology Handbook.” 2003. URL: http://www.cisco.com/univercd/cc/td/doc/cisintwrk/ito_doc (26 October 2004)

  • Tucker, G.S., “Voice Over Internet Protocol (VoIP) and Security.” GIAC Security Essentials Certification (GSEC), v1.4c, option 1, 26 October 2004