Voxeo Corp, profile picture
Uploaded byVoxeo Corp
740 views

Securing Unified Communications Systems

The document outlines best practices for securing VoIP and IP communications, emphasizing the importance of understanding the ecosystem, endpoints, media, signaling, and identity. It discusses various threats such as toll fraud and identity theft, along with solutions involving encryption and strong authentication. Additionally, it raises concerns about cloud reliability and vendor responsibilities in terms of availability and security.

Embed presentation

Downloaded 60 times
Securing Communications! SpeechTEK New York 2010! Dan York, CISSP
 Director of Conversations, Voxeo
 Best Practices Chair, VoIP Security Alliance
 Author, Seven Deadliest UC Attacks!
About Dan York! www.voipsa.org www.voxeo.com www.blueboxpodcast.com www.7ducattacks.com © Voxeo Corporation
About Voxeo!   Founded in 1999   World’s largest hosted VoiceXML and CCXML platform – Over 82,000 hosted ports globally; hundreds of premise deployments   Over 150,000 developers using Voxeo platforms   The Voxeo difference: Unlocked Communications, Customer Obsession Teams, Communications Passion   www.voxeo.com © Voxeo Corporation
The Change VoIP Brings! SIP SIP Proxy Proxy A SIP B SIP SIP Alice Bob Media (RTP, MSRP, etc.) © Voxeo Corporation
The Larger Reality! SIP SIP SIP SIP SIP Proxy Proxy Proxy Proxy Proxy A SIP B SIP C SIP D SIP N SIP Internet SIP Media Media Alice Proxy Proxy Bob Media A Media B Media © Voxeo Corporation
Once Upon A Time! PSTN PBX Gateways Physical Voicemail Wiring © Voxeo Corporation
1. Understand Your Ecosystem! Mobile Devices IM Application Internet Servers Networks Operating Systems PSTN IP-PBX VoIP Gateways Web IP Social Firewalls Servers Network Networks Physical Directory Voicemail Wiring Servers Desktop Email PCs Database Servers CRM Servers Systems © Voxeo Corporation
2. Understand Your Endpoints!   IP Phones, Smartphones, Softphones   What services are running on them?   Default passwords?   How do you patch/secure them? © Voxeo Corporation
3. Secure Your Media! SIP SIP SIP Proxy Proxy Proxy A SIP B SIP N SIP SIP Alice Eve Bob Media Media © Voxeo Corporation
Secure Media – Hop By Hop! Internet Media Media Alice Proxy Proxy Bob Media A Media B Media © Voxeo Corporation
Secure Media – End to End! Internet Media Media Alice Proxy Proxy Bob Media A Media B Media © Voxeo Corporation
4. Secure Your Signalling! SIP SIP SIP Proxy Proxy Eve Proxy A SIP B SIP SIP N SIP SIP Alice Bob Media © Voxeo Corporation
Signalling Attacks!   Toll Fraud   Identity Theft © Voxeo Corporation
Traditional Telephony! Internet Carrier PSTN PBX Corp  HQ   © Voxeo Corporation
IP Communications! ITSP Internet PBX PSTN Corp  HQ   © Voxeo Corporation
Failover! PBX ITSP Corp  HQ   Internet PSTN PBX Office   A   © Voxeo Corporation
Redundancy / Geography! ITSP (Boston) Internet PBX ITSP (Paris) PSTN Corp  HQ   ITSP (Tokyo) © Voxeo Corporation
5. Secure Your PSTN Connectivity!   Attacks •  Toll Fraud •  Denial of Service •  Spam   Solutions •  Encryption •  Strong Authentication •  Transport Security © Voxeo Corporation
6. Secure Your Identity!   Attacks •  Fraud •  Identity Theft •  Social Engineering   Solutions •  Education •  Lock Down Spoofing •  Strong Identity © Voxeo Corporation
7. Secure Distributed Systems! Laptop UC client WiFi UC System Firewall Internet Café Router Corp  HQ   Mobile Data Network Mobile UC client © Voxeo Corporation
How Do You Securely Federate?! Internet Corporate Corporate Network Network UC UC UC UC System System System System Corp  HQ   Office  A   Corp  HQ   Office  A   Company  A   Company  B   © Voxeo Corporation
What if the Cloud Isnʼt There?! Corporate Internet Network IVR Voicemail IM IM IM Presence Presence Presence Call Call Call Control Control Control Corp  HQ   Office  A   Office  B   PSTN © Voxeo Corporation
Questions About the Cloud!   What kind of availability guarantees / Service Level Agreements (SLAs) does the platform vendor provide?   What kind of geographic redundancy is built into the underlying network?   What kind of network redundancy is built into the underlying network?   What kind of physical redundancy is built into the data centers?   What kind of monitoring does the vendor perform?   What kind of scalability is in the cloud computing platform?   What kind of security, both network and physical, is part of the computing platform?   Finally, what will the vendor do if there is downtime? Will the downtime be reflected in your bill? © Voxeo Corporation
The Way It Used To Be! © Voxeo Corporation
Today...! ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP PSTN ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP © Voxeo Corporation
Resources!   VoIP Security Alliance •  www.voipsa.org •  www.voipsa.org/blog   Hacking Exposed: VoIP •  www.hackingvoip.com   Seven Deadliest Unified Communications Attacks •  www.7ducattacks.com © Voxeo Corporation
Securing Unified Communications Systems

More Related Content

PPTX
VOIP Presentation
bySteveCampagna91
 
PDF
Securing Communications - VoiceCon Orlando 2010
byVoxeo Corp
 
PDF
07 a t kishore.pdf
byAT Kishore
 
PDF
Scenarios for-context-aware-sip-07-a t kishore.pdf
byAT Kishore
 
PDF
10 fn s15
byScott Foster
 
PDF
Watch out - The Norwegian Version
byOlle E Johansson
 
PDF
10 fn s14
byScott Foster
 
PPTX
Mobile 2 Internet
byTelemune
 
VOIP Presentation
bySteveCampagna91
 
Securing Communications - VoiceCon Orlando 2010
byVoxeo Corp
 
07 a t kishore.pdf
byAT Kishore
 
Scenarios for-context-aware-sip-07-a t kishore.pdf
byAT Kishore
 
10 fn s15
byScott Foster
 
Watch out - The Norwegian Version
byOlle E Johansson
 
10 fn s14
byScott Foster
 
Mobile 2 Internet
byTelemune
 

What's hot

PDF
4th Generation IP for Mobility, Video and Cloud
byEricsson Slides
 
PDF
Siemens: The Evolution of Corporate Communications
byEntel
 
PDF
Video the new voice
byCisco do Brasil
 
PDF
Traffic Management, DPI, Internet Offload Gateway
byContinuous Computing
 
DOCX
Wifi
byAmandeep Kaur
 
PDF
VoIP and You - 2011
byrosecheng
 
PDF
Bio
byglobaloneteam
 
PDF
Meet Xo Core Presentation 2011
byRwaegerle
 
PDF
Network Storage: State of the Industry
byIMEX Research
 
PDF
VOIspeed Presentation
bygvslideshare
 
PDF
How to Optimize VoIP Call Quality Across Multiple Calling Environments
byAshik Jibon
 
PPTX
Luxemburg event - airtight networks
byKappa Data
 
PPTX
WinWire Webinar: Messaging and Networking with Windows Azure
byWinWire Technologies Inc
 
PDF
Disruptive Analysis LTE Summit 2011 voice presentation may 2011
byDean Bubley
 
PDF
fonYou UTR Presentation 19-Nov-2009
byfonuser
 
PDF
Driving true convergence in metro networks a
byEricsson Slides
 
PPTX
NGN voice corporate seminar
byTalkTalk Business
 
PDF
Katina Leisure Mobile 2010
byStevenShields
 
PDF
Wireless lan solutions_for_education
byAdvantec Distribution
 
4th Generation IP for Mobility, Video and Cloud
byEricsson Slides
 
Siemens: The Evolution of Corporate Communications
byEntel
 
Video the new voice
byCisco do Brasil
 
Traffic Management, DPI, Internet Offload Gateway
byContinuous Computing
 
Wifi
byAmandeep Kaur
 
VoIP and You - 2011
byrosecheng
 
Bio
byglobaloneteam
 
Meet Xo Core Presentation 2011
byRwaegerle
 
Network Storage: State of the Industry
byIMEX Research
 
VOIspeed Presentation
bygvslideshare
 
How to Optimize VoIP Call Quality Across Multiple Calling Environments
byAshik Jibon
 
Luxemburg event - airtight networks
byKappa Data
 
WinWire Webinar: Messaging and Networking with Windows Azure
byWinWire Technologies Inc
 
Disruptive Analysis LTE Summit 2011 voice presentation may 2011
byDean Bubley
 
fonYou UTR Presentation 19-Nov-2009
byfonuser
 
Driving true convergence in metro networks a
byEricsson Slides
 
NGN voice corporate seminar
byTalkTalk Business
 
Katina Leisure Mobile 2010
byStevenShields
 
Wireless lan solutions_for_education
byAdvantec Distribution
 

Viewers also liked

PPTX
Presentatie webcare robert lommers 8 maart
byMarketingfacts
 
PDF
20100504 opta jaarverslag 2009 interactief nl
byMarketingfacts
 
PPTX
Presentatie webcare alex van leeuwen buzz capture 8 maart
byMarketingfacts
 
KEY
Sinsai.info - Global ICT Summit
byHal Seki
 
PPTX
Presentatie webcare tjalling smit klm 8 maart definitief
byMarketingfacts
 
PPT
Presentatie Agis Loyalty Facts Café sept. 2010
byMarketingfacts
 
PPTX
#online tuesday The Floor is Yours: Peter doesburg
byMarketingfacts
 
Presentatie webcare robert lommers 8 maart
byMarketingfacts
 
20100504 opta jaarverslag 2009 interactief nl
byMarketingfacts
 
Presentatie webcare alex van leeuwen buzz capture 8 maart
byMarketingfacts
 
Sinsai.info - Global ICT Summit
byHal Seki
 
Presentatie webcare tjalling smit klm 8 maart definitief
byMarketingfacts
 
Presentatie Agis Loyalty Facts Café sept. 2010
byMarketingfacts
 
#online tuesday The Floor is Yours: Peter doesburg
byMarketingfacts
 

Similar to Securing Unified Communications Systems

PDF
Hacking and Attacking VoIP Systems - What You Need To Know
byDan York
 
PPTX
Mwc wip jam jabber sdk final
byCisco Collaboration
 
PDF
Pbx
byguest2fd383
 
PPTX
VoIP – vulnerabilities and attacks
byn|u - The Open Security Community
 
PDF
Efficient Telecommunication Infrastructure with Internet Telephony (VoIP)
byThomas Siegers
 
PDF
Matrix sapex vs grandstream gxe502 x series
byGateway Business Solutions
 
PDF
3. FOMS_ IMS services_Shane_Dempsey
byFOMS011
 
PDF
IPv6 and How It Impacts Communication Applications
byVoxeo Corp
 
PDF
How IPv6 Will Kill Telecom - And What We Need To Do About It
byDan York
 
PDF
SpeechTEK 2009: Securing Cloud Telephony Aug2009
byVoxeo Corp
 
PPT
Gaurav kumar VOIP MMMEC
byGaurav Kumar
 
PDF
Pbx
bypknebler
 
PPTX
Mobility and SmartTAP Recording for Lync
byMUCUGL
 
PDF
Sip trunking slides_-_ot_partner_conference
byThe Fax Guys
 
PPTX
VoIP - seminar at IASRI, New Delhi
byNishikant Taksande
 
PDF
The State of VoIP Security, a.k.a. “Does Anyone Really Give A _____ About VoI...
byDan York
 
PPTX
Voip
byHarry Sunarsa
 
PDF
Microsoft Lync Teched Eilat
byRonenbenjamin
 
PDF
Voip In College
byFree Open Source Software Technology Lab
 
PDF
Reference sheet of IP telephony terms
byDigium
 
Hacking and Attacking VoIP Systems - What You Need To Know
byDan York
 
Mwc wip jam jabber sdk final
byCisco Collaboration
 
Pbx
byguest2fd383
 
VoIP – vulnerabilities and attacks
byn|u - The Open Security Community
 
Efficient Telecommunication Infrastructure with Internet Telephony (VoIP)
byThomas Siegers
 
Matrix sapex vs grandstream gxe502 x series
byGateway Business Solutions
 
3. FOMS_ IMS services_Shane_Dempsey
byFOMS011
 
IPv6 and How It Impacts Communication Applications
byVoxeo Corp
 
How IPv6 Will Kill Telecom - And What We Need To Do About It
byDan York
 
SpeechTEK 2009: Securing Cloud Telephony Aug2009
byVoxeo Corp
 
Gaurav kumar VOIP MMMEC
byGaurav Kumar
 
Pbx
bypknebler
 
Mobility and SmartTAP Recording for Lync
byMUCUGL
 
Sip trunking slides_-_ot_partner_conference
byThe Fax Guys
 
VoIP - seminar at IASRI, New Delhi
byNishikant Taksande
 
The State of VoIP Security, a.k.a. “Does Anyone Really Give A _____ About VoI...
byDan York
 
Voip
byHarry Sunarsa
 
Microsoft Lync Teched Eilat
byRonenbenjamin
 
Voip In College
byFree Open Source Software Technology Lab
 
Reference sheet of IP telephony terms
byDigium
 

More from Voxeo Corp

PDF
Voxeo Jam Session: What's New in Prophecy 11 and VoiceObjects 11?
byVoxeo Corp
 
PPTX
CCXML For Advanced Communications Applications
byVoxeo Corp
 
PPTX
Voxeo Summit Day 1 - Communications-enabled Business Processes (CEBP)
byVoxeo Corp
 
PDF
Voxeo Summit Day 2 -Voxeo APIs and SDKs
byVoxeo Corp
 
PPTX
Voxeo Summit Day 2 - Advanced CCXML topics
byVoxeo Corp
 
PPTX
Voxeo Summit Day 2 - The science of customer obsession
byVoxeo Corp
 
PPTX
How Do You Hear Me Now?
byVoxeo Corp
 
PPTX
Voxeo Summit Day 2 - Securing customer interactions
byVoxeo Corp
 
PPTX
Voxeo Summit Day 2 - Voxeo CXP - IVR on Steroids
byVoxeo Corp
 
PDF
Voxeo Summit Day 1 - Extending your IVR investment to mobile
byVoxeo Corp
 
PPTX
Voxeo Summit Day 1 - The Art of The Possible
byVoxeo Corp
 
PPTX
Voxeo Summit Day 2 - Real-time communications with WebRTC
byVoxeo Corp
 
PDF
Voxeo Summit Day 2 -What's new in CXP 14
byVoxeo Corp
 
PPTX
Voxeo Summit Day 1 - Lessons learned from large scale deployments
byVoxeo Corp
 
PPTX
Voxeo Summit Day 1 - A view into the Voxeo cloud
byVoxeo Corp
 
PPTX
Voxeo Summit Day 2 - Voxeo CXP for business users
byVoxeo Corp
 
PPTX
Voxeo Summit Day 1 - Customer experience analytics
byVoxeo Corp
 
PPTX
Voxeo Summit Day 2 - Using CXP hotspot analytics
byVoxeo Corp
 
PPTX
Voxeo Summit Day 1 - Prophecy log search
byVoxeo Corp
 
PPTX
Voxeo Summit Day 2 - Creating raving fans
byVoxeo Corp
 
Voxeo Jam Session: What's New in Prophecy 11 and VoiceObjects 11?
byVoxeo Corp
 
CCXML For Advanced Communications Applications
byVoxeo Corp
 
Voxeo Summit Day 1 - Communications-enabled Business Processes (CEBP)
byVoxeo Corp
 
Voxeo Summit Day 2 -Voxeo APIs and SDKs
byVoxeo Corp
 
Voxeo Summit Day 2 - Advanced CCXML topics
byVoxeo Corp
 
Voxeo Summit Day 2 - The science of customer obsession
byVoxeo Corp
 
How Do You Hear Me Now?
byVoxeo Corp
 
Voxeo Summit Day 2 - Securing customer interactions
byVoxeo Corp
 
Voxeo Summit Day 2 - Voxeo CXP - IVR on Steroids
byVoxeo Corp
 
Voxeo Summit Day 1 - Extending your IVR investment to mobile
byVoxeo Corp
 
Voxeo Summit Day 1 - The Art of The Possible
byVoxeo Corp
 
Voxeo Summit Day 2 - Real-time communications with WebRTC
byVoxeo Corp
 
Voxeo Summit Day 2 -What's new in CXP 14
byVoxeo Corp
 
Voxeo Summit Day 1 - Lessons learned from large scale deployments
byVoxeo Corp
 
Voxeo Summit Day 1 - A view into the Voxeo cloud
byVoxeo Corp
 
Voxeo Summit Day 2 - Voxeo CXP for business users
byVoxeo Corp
 
Voxeo Summit Day 1 - Customer experience analytics
byVoxeo Corp
 
Voxeo Summit Day 2 - Using CXP hotspot analytics
byVoxeo Corp
 
Voxeo Summit Day 1 - Prophecy log search
byVoxeo Corp
 
Voxeo Summit Day 2 - Creating raving fans
byVoxeo Corp
 

Recently uploaded

PDF
Security Forum Sessions from Houston 2025 Event
byMark Simos
 
PDF
Is It Possible to Have Wi-Fi Without an Internet Provider
bySidra Jefferi
 
PDF
ElyriaSoftware — Powering the Future with Blockchain Innovation
byElyria Software
 
PPTX
Conversational Agents – Building Intelligent Assistants [Virtual Hands-on Wor...
byUiPathCommunity
 
PPTX
Cybersecurity Best Practices - Step by Step guidelines
byYasir Naveed Riaz
 
PDF
Internet_of_Things_IoT_for_Next_Generation_Smart_Systems_Utilizing.pdf
byRoshanSyed12
 
PDF
Day 1 - Cloud Security Strategy and Planning ~ 2nd Sight Lab ~ Cloud Security...
by2nd Sight Lab
 
PDF
Decoding the DNA: The Digital Networks Act, the Open Internet, and IP interco...
byCSUC - Consorci de Serveis Universitaris de Catalunya
 
PDF
Our Digital Tribe_ Cultivating Connection and Growth in Our Slack Community 🌿...
bysanjeetmishra30
 
PPTX
Protecting Data in an AI Driven World - Cybersecurity in 2026
byYasir Naveed Riaz
 
PPTX
Building Cyber Resilience for 2026: Best Practices for a Secure, AI-Driven Bu...
byYasir Naveed Riaz
 
PDF
Usage Control for Process Discovery through a Trusted Execution Environment
byValerioGoretti
 
PPTX
Data Privacy and Protection: Safeguarding Information in a Connected World
byYasir Naveed Riaz
 
PPTX
AI in Cybersecurity: Digital Defense by Yasir Naveed Riaz
byYasir Naveed Riaz
 
PDF
Energy Storage Landscape Clean Energy Ministerial
bySurajitBanerjee38
 
PDF
Making Sense of Raster: From Bit Depth to Better Workflows
bySafe Software
 
PDF
Six Shifts For 2026 (And The Next Six Years)
byDavid Armano
 
PPTX
Kanban India 2025 | Daksh Gupta | Modeling the Models, Generative AI & Kanban
byLeanKanbanIndia
 
PPTX
From Backup to Resilience: How MSPs Are Preparing for 2026
byMSP360
 
PPTX
Chapter 3 Introduction to number system.pptx
byGetachewAbera9
 
Security Forum Sessions from Houston 2025 Event
byMark Simos
 
Is It Possible to Have Wi-Fi Without an Internet Provider
bySidra Jefferi
 
ElyriaSoftware — Powering the Future with Blockchain Innovation
byElyria Software
 
Conversational Agents – Building Intelligent Assistants [Virtual Hands-on Wor...
byUiPathCommunity
 
Cybersecurity Best Practices - Step by Step guidelines
byYasir Naveed Riaz
 
Internet_of_Things_IoT_for_Next_Generation_Smart_Systems_Utilizing.pdf
byRoshanSyed12
 
Day 1 - Cloud Security Strategy and Planning ~ 2nd Sight Lab ~ Cloud Security...
by2nd Sight Lab
 
Decoding the DNA: The Digital Networks Act, the Open Internet, and IP interco...
byCSUC - Consorci de Serveis Universitaris de Catalunya
 
Our Digital Tribe_ Cultivating Connection and Growth in Our Slack Community 🌿...
bysanjeetmishra30
 
Protecting Data in an AI Driven World - Cybersecurity in 2026
byYasir Naveed Riaz
 
Building Cyber Resilience for 2026: Best Practices for a Secure, AI-Driven Bu...
byYasir Naveed Riaz
 
Usage Control for Process Discovery through a Trusted Execution Environment
byValerioGoretti
 
Data Privacy and Protection: Safeguarding Information in a Connected World
byYasir Naveed Riaz
 
AI in Cybersecurity: Digital Defense by Yasir Naveed Riaz
byYasir Naveed Riaz
 
Energy Storage Landscape Clean Energy Ministerial
bySurajitBanerjee38
 
Making Sense of Raster: From Bit Depth to Better Workflows
bySafe Software
 
Six Shifts For 2026 (And The Next Six Years)
byDavid Armano
 
Kanban India 2025 | Daksh Gupta | Modeling the Models, Generative AI & Kanban
byLeanKanbanIndia
 
From Backup to Resilience: How MSPs Are Preparing for 2026
byMSP360
 
Chapter 3 Introduction to number system.pptx
byGetachewAbera9
 

Securing Unified Communications Systems

  • 1.
    Securing Communications! SpeechTEK NewYork 2010! Dan York, CISSP
 Director of Conversations, Voxeo
 Best Practices Chair, VoIP Security Alliance
 Author, Seven Deadliest UC Attacks!
  • 2.
    About Dan York! www.voipsa.org www.voxeo.com www.blueboxpodcast.com www.7ducattacks.com © Voxeo Corporation
  • 3.
    About Voxeo!   Founded in 1999   World’s largest hosted VoiceXML and CCXML platform – Over 82,000 hosted ports globally; hundreds of premise deployments   Over 150,000 developers using Voxeo platforms   The Voxeo difference: Unlocked Communications, Customer Obsession Teams, Communications Passion   www.voxeo.com © Voxeo Corporation
  • 4.
    The Change VoIPBrings! SIP SIP Proxy Proxy A SIP B SIP SIP Alice Bob Media (RTP, MSRP, etc.) © Voxeo Corporation
  • 5.
    The Larger Reality! SIP SIP SIP SIP SIP Proxy Proxy Proxy Proxy Proxy A SIP B SIP C SIP D SIP N SIP Internet SIP Media Media Alice Proxy Proxy Bob Media A Media B Media © Voxeo Corporation
  • 6.
    Once Upon ATime! PSTN PBX Gateways Physical Voicemail Wiring © Voxeo Corporation
  • 7.
    1. Understand YourEcosystem! Mobile Devices IM Application Internet Servers Networks Operating Systems PSTN IP-PBX VoIP Gateways Web IP Social Firewalls Servers Network Networks Physical Directory Voicemail Wiring Servers Desktop Email PCs Database Servers CRM Servers Systems © Voxeo Corporation
  • 8.
    2. Understand YourEndpoints!   IP Phones, Smartphones, Softphones   What services are running on them?   Default passwords?   How do you patch/secure them? © Voxeo Corporation
  • 9.
    3. Secure YourMedia! SIP SIP SIP Proxy Proxy Proxy A SIP B SIP N SIP SIP Alice Eve Bob Media Media © Voxeo Corporation
  • 10.
    Secure Media –Hop By Hop! Internet Media Media Alice Proxy Proxy Bob Media A Media B Media © Voxeo Corporation
  • 11.
    Secure Media –End to End! Internet Media Media Alice Proxy Proxy Bob Media A Media B Media © Voxeo Corporation
  • 12.
    4. Secure YourSignalling! SIP SIP SIP Proxy Proxy Eve Proxy A SIP B SIP SIP N SIP SIP Alice Bob Media © Voxeo Corporation
  • 13.
    Signalling Attacks!   Toll Fraud   Identity Theft © Voxeo Corporation
  • 14.
    Traditional Telephony! Internet Carrier PSTN PBX Corp  HQ   © Voxeo Corporation
  • 15.
    IP Communications! ITSP Internet PBX PSTN Corp  HQ   © Voxeo Corporation
  • 16.
    Failover! PBX ITSP Corp  HQ   Internet PSTN PBX Office   A   © Voxeo Corporation
  • 17.
    Redundancy / Geography! ITSP (Boston) Internet PBX ITSP (Paris) PSTN Corp  HQ   ITSP (Tokyo) © Voxeo Corporation
  • 18.
    5. Secure YourPSTN Connectivity!   Attacks •  Toll Fraud •  Denial of Service •  Spam   Solutions •  Encryption •  Strong Authentication •  Transport Security © Voxeo Corporation
  • 19.
    6. Secure YourIdentity!   Attacks •  Fraud •  Identity Theft •  Social Engineering   Solutions •  Education •  Lock Down Spoofing •  Strong Identity © Voxeo Corporation
  • 20.
    7. Secure DistributedSystems! Laptop UC client WiFi UC System Firewall Internet Café Router Corp  HQ   Mobile Data Network Mobile UC client © Voxeo Corporation
  • 21.
    How Do YouSecurely Federate?! Internet Corporate Corporate Network Network UC UC UC UC System System System System Corp  HQ   Office  A   Corp  HQ   Office  A   Company  A   Company  B   © Voxeo Corporation
  • 22.
    What if theCloud Isnʼt There?! Corporate Internet Network IVR Voicemail IM IM IM Presence Presence Presence Call Call Call Control Control Control Corp  HQ   Office  A   Office  B   PSTN © Voxeo Corporation
  • 23.
    Questions About theCloud!   What kind of availability guarantees / Service Level Agreements (SLAs) does the platform vendor provide?   What kind of geographic redundancy is built into the underlying network?   What kind of network redundancy is built into the underlying network?   What kind of physical redundancy is built into the data centers?   What kind of monitoring does the vendor perform?   What kind of scalability is in the cloud computing platform?   What kind of security, both network and physical, is part of the computing platform?   Finally, what will the vendor do if there is downtime? Will the downtime be reflected in your bill? © Voxeo Corporation
  • 24.
    The Way ItUsed To Be! © Voxeo Corporation
  • 25.
    Today...! ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP PSTN ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP © Voxeo Corporation
  • 26.
    Resources!   VoIP Security Alliance •  www.voipsa.org •  www.voipsa.org/blog   Hacking Exposed: VoIP •  www.hackingvoip.com   Seven Deadliest Unified Communications Attacks •  www.7ducattacks.com © Voxeo Corporation