Loading in 2 Seconds...
Loading in 2 Seconds...
Security of SIP-based Voice over IP (VoIP) in enterprise networks. Christina Chalastanis. Agenda Importance of VoIP security in enterprises Threat & Risk Analysis of VoIP in enterprises Securing enterprise VoIP systems Security concepts for SIP mobility in hosted VoIP deployments
Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.
Security of SIP-based Voice over IP (VoIP) in enterprise networks Christina Chalastanis • Agenda • Importance of VoIP security in enterprises • Threat & Risk Analysis of VoIP in enterprises • Securing enterprise VoIP systems • Security concepts for SIP mobility in hosted VoIP deployments • Conclusion November 30th, 2006 Supervisors at Alcatel SEL Dr. S. Rupp Dipl.-Ing. F.J. Banet Supervisors at Universität Stuttgart Prof. Dr. P. Kühn (IKR) Dipl.-Ing. A. Gutscher (IKR) Dipl.-Ing. M.Neubauer
VoIP security in full bloom • Voice over IP Security Alliance (VOIPSA) in early 2005 • VoIP servers and IP phones in the “Top 20 Internet Security Attack Target List” (SANS Institute) in mid-November, 2006 • Massive publication in 2005 and 2006 of • White papers • Recommendations • Articles • New software tools for VoIP attacks • Emergence of new role in enterprises: VoIP administrator
Importance of VoIP security in enterprise networks • Popularity of VoIP increasing in enterprises • Security often considered as secondary, but fundamental • Lack of confidence of enterprises about level of VoIP security • However, VoIP security not utopian • Importance of thorough tailored analysis of threats and risks • VoIP certainly target of predilection of attackers => VoIP security major concern for vendors, manufacturers, researchers, service providers
Hybrid model of VoIP deployment PBX= Private Exchange Branch IP-PBX=Internet Protocol Private Exchange Branch
Threat analysis: characterization of the VoIP system PBX= Private Exchange Branch IP-PBX=Internet Protocol Private Exchange Branch
likelihood Threat & Risk analysis: process impact int./ext risk • Distinction of threats: • Network-based • Application-based • Wireless VoIP • Mobility I= Internal H= High M=Medium M+=Medium-to-high • Process: • VOIPSA Taxonomy used as a frame • Schneier’ attack tree model • Assessment: • Likelihood = motivation ´difficulty [ ´ existing protective measures] • Risk = likelihood ´ impact
Overview of security technical solutions • Encryption of SIP signalling stream and RTP media stream • SIP authentication mechanisms • SIP-aware firewalls • SPIT prevention • VoIP Virtual Private Networks (VPNs) • Voice over WLAN (VoWLAN): WPA2 (802.11i standard) • However: protocols not always implemented in products, interoperability problems, traditional firewalls, vulnerabilities in architectures
Comparison of four major sets of recommendations for VoIP security : Institutions • NIST = National Institute of Standards and Technology (USA) “Security considerations for Voice over IP systems” (Jan. 2005) • BSI = Federal Office for Security in Information Technology (Germ.) “VoIPsec – Studie zur Sicherheit von Voice over Internet Protocol” (Oct. 2005) • NSA = National Security Agency (USA)“Security Guidance for Deploying IP Telephony Systems” (Feb. 2006) • DISA = Defense Information Systems Agency (USA)“Internet Protocol Telephony & Voice over Internet Protocol – Security Technical Implementation Guide – version 2” (Apr. 2006)
Comparison of four major sets of recommendations for VoIP security: Approaches • Classification of recommendations • Areas of network infrastructure (NSA) • Critical points like physical protection, policies for softphones, call privacy and confidentiality, and others (DISA) • Granularity and depth • Superficial (NIST) • Very detailed (BSI, NSA, DISA); it depends on the topics • Categorization of security levels • Security levels defined by the strength of mitigation (NSA) • Security levels defined by the vulnerability severity they have to mitigate (DISA, BSI) • Focus on particular topics
Comparison of four major sets of recommendations for VoIP security: Extract (1/2) Level of security DISA BSI NIST NSA NM = Not mentioned H = High M = Medium
Comparison of four major sets of recommendations for VoIP security: Extract (2/2) Level of security DISA BSI NIST NSA NM = Not mentioned H = High M = Medium no=disagree
Comparison of four major sets of recommendations for VoIP security: Results • Points of divergence: • Subdivision of voice VLAN into further VLANs: number? • Softphones: for which level of security? • Configuration of IP phones at the terminal or through a web interface? • Common points: • Physical protection of VoIP servers: • physically secured areas • access only to authorized personnel • Protection against power cuts • Data and voice segregation : • at least, 1 voice VLAN & 1 data VLAN • Subdivision in “producing VLAN” and “consuming VLAN” • Dedicated DHCP and AAA servers for VoIP • VoIP network protection and internal traffic control • Network Intrusion Detection Systems (NIDS) connected to each switch port • L3 & 4 firewall between voice and data VLANs • Call privacy and confidentiality: VoIP VPNs over the Internet
Comparison of solutions Solution 2: VPN to the enterprise Solution 1: VPN to the VoIP service provider • Mobile workers perceived as external by hosted IP-PBX • Possible configuration of hosted PBX to restrict access to some services => impact of laptop theft lower • Mobile workers perceived as internal by hosted IP-PBX • Impact of laptop theft higher: attacker access all services as an internal worker • Several hops: QoS of voice can be worse
Conclusion • Summary • Modelling of the VoIP migration steps in enterprises • Identification of VoIP-specific security requirements • Comparison of taxonomies • Identification and classification of threats using the Schneier’s attack trees and the VOIPSA taxonomy • Comparison of recommendations published by major institutions • New topic: security in hosted VoIP deployments supporting mobile workers • Conclusions • Confidentiality/Privacy & Integrity/Authenticity most important VoIP security requirements • VOIPSA Threat Taxonomy: best frame for threat analysis • DISA and NSA recommendations: most helpful to enterprises • Small enterprises: ask appropriate questions to VoIP service providers about security mechanisms in hosted solutions • Further work: • Deeper study of the hosted VoIP deployment supporting mobility and optimization of solutions