SMB Communications - is VoIP secure?

724 views

Published on

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
724
On SlideShare
0
From Embeds
0
Number of Embeds
5
Actions
Shares
0
Downloads
21
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

SMB Communications - is VoIP secure?

  1. 1. SMB CommunicationsIs VoIP Secure?<br />1 - 20<br />
  2. 2. Introduction | Is VoIP Secure?<br />Jonathan Greenwood<br />Managing Director snom UK Ltd<br />&<br />Product Manager – snom ONE<br />
  3. 3. Jonathan Greenwood | Is VoIP Secure?<br />Re-name this <br />presentation to…<br />
  4. 4. Jonathan Greenwood | Is VoIP Secure?<br />Is your house secure?<br />
  5. 5. Jonathan Greenwood | Is VoIP Secure?<br />Leave the door unlocked<br />
  6. 6. Jonathan Greenwood | Is VoIP Secure?<br />
  7. 7. Jonathan Greenwood | Is VoIP Secure?<br />Leave the window open<br />
  8. 8. Jonathan Greenwood | Is VoIP Secure?<br />
  9. 9. Jonathan Greenwood | Is VoIP Secure?<br />Leave the key under the mat<br />
  10. 10. Introduction | Is VoIP Secure?<br />
  11. 11. Jonathan Greenwood | Is VoIP Secure?<br />What happens?<br />
  12. 12. Jonathan Greenwood | Is VoIP Secure?<br />What happens?<br />You will be attacked<br />
  13. 13. Jonathan Greenwood | Is VoIP Secure?<br />There is no difference!<br />
  14. 14. Jonathan Greenwood | Is VoIP Secure?<br />We all have email<br />
  15. 15. Jonathan Greenwood | Is VoIP Secure?<br />User Name<br />and<br />Password<br />
  16. 16. Jonathan Greenwood | Is VoIP Secure?<br />OR<br />
  17. 17. Jonathan Greenwood | Is VoIP Secure?<br />Door, Key<br />and<br />Alarm<br />
  18. 18. Jonathan Greenwood | Is VoIP Secure?<br />User Name<br />and<br />Password<br />990@my-sip-domain.com<br />
  19. 19. Jonathan Greenwood | Is VoIP Secure?<br />Is VoIP different?<br />
  20. 20. Jonathan Greenwood | Is VoIP Secure?<br />NO!<br />
  21. 21. Jonathan Greenwood | Is VoIP Secure?<br />Is VoIP Secure?<br />
  22. 22. Jonathan Greenwood | Is VoIP Secure?<br />Yes and No<br />
  23. 23. Jonathan Greenwood | Is VoIP Secure?<br />No if you<br /><ul><li>Leave your front door open
  24. 24. Leave your windows open
  25. 25. Tell the world your alarm code
  26. 26. Allow the world to guess your alarm code</li></li></ul><li>Jonathan Greenwood | Is VoIP Secure?<br />There is no difference!<br />
  27. 27. Jonathan Greenwood | Is VoIP Secure?<br />Deploy secure VoIP Systems!<br />
  28. 28. Jonathan Greenwood | Is VoIP Secure?<br />Deploy secure VoIP Systems!<br />Basic IT Security<br />
  29. 29. Jonathan Greenwood | Is VoIP Secure?<br />SMB – Can I do it?<br />
  30. 30. Jonathan Greenwood | Is VoIP Secure?<br />Yes<br />
  31. 31. Jonathan Greenwood | Is VoIP Secure?<br />SMB – Is it easy?<br />
  32. 32. Jonathan Greenwood | Is VoIP Secure?<br />Very Easy<br />
  33. 33. Jonathan Greenwood | Is VoIP Secure?<br />SMB – What do you need?<br />
  34. 34. Jonathan Greenwood | Is VoIP Secure?<br /><ul><li>Use the right equipment
  35. 35. Secure Telephone System
  36. 36. Secure IP Phones
  37. 37. Secure PSTN/SIP Connectivity
  38. 38. Security between System and Phones
  39. 39. Create a basic security guide
  40. 40. Employ a trained reseller</li></li></ul><li>Jonathan Greenwood | Is VoIP Secure?<br />What are we trying to protect<br />with VoIP?<br />
  41. 41. Jonathan Greenwood | Is VoIP Secure?<br />Traditional telecoms are closed<br />
  42. 42. Jonathan Greenwood | Is VoIP Secure?<br />IP Telephone Systems<br />
  43. 43. Jonathan Greenwood | Is VoIP Secure?<br />IP Telephone Systems<br />Run on networks<br />
  44. 44. Jonathan Greenwood | Is VoIP Secure?<br />Eavesdropping<br /><ul><li>Internal
  45. 45. High risk
  46. 46. Listen to Management calls?</li></li></ul><li>Jonathan Greenwood | Is VoIP Secure?<br />Eavesdropping<br /><ul><li>External
  47. 47. Harder to do
  48. 48. Still possible
  49. 49. Man in Middle</li></li></ul><li>Jonathan Greenwood | Is VoIP Secure?<br />Denial of Service (DOS)<br /><ul><li>System Attack
  50. 50. Flooded by hackers
  51. 51. Chaos OR Fraud
  52. 52. Can your system handle it?</li></li></ul><li>Jonathan Greenwood | Is VoIP Secure?<br />Toll Fraud<br /><ul><li>Breached system
  53. 53. High phone bills
  54. 54. Who pays
  55. 55. Who is responsible?</li></li></ul><li>Jonathan Greenwood | Is VoIP Secure?<br />Lost Voicemail + CDRs<br /><ul><li>Stolen voicemail
  56. 56. Company exposure
  57. 57. Should CDRs be available?
  58. 58. Who called who?</li></li></ul><li>Jonathan Greenwood | Is VoIP Secure?<br />Keep everyone happy<br /><ul><li>Internal users
  59. 59. Home users
  60. 60. Road warriors
  61. 61. Remote offices
  62. 62. Accountant
  63. 63. Business Owner</li></li></ul><li>Jonathan Greenwood | Is VoIP Secure?<br />Who cares?<br /><ul><li>IT Managers secure networks
  64. 64. Can IT administrators listen
  65. 65. VoIP – Lack of security makes great news
  66. 66. Don’t allow an employee tap calls
  67. 67. You should care!</li></li></ul><li>Jonathan Greenwood | Is VoIP Secure?<br />Back to<br />
  68. 68. Jonathan Greenwood | Is VoIP Secure?<br /><ul><li>Use the right equipment
  69. 69. Secure Telephone System
  70. 70. Secure IP Phones
  71. 71. Secure PSTN/SIP Connectivity
  72. 72. Security between System and Phones
  73. 73. Create a basic security guide
  74. 74. Employ a trained reseller</li></li></ul><li>Jonathan Greenwood | Is VoIP Secure?<br /><ul><li>Use the right equipment
  75. 75. Secure Telephone System
  76. 76. Secure IP Phones
  77. 77. Secure PSTN/SIP Connectivty
  78. 78. Security between System and Phones
  79. 79. Create a basic security guide
  80. 80. Employ a trained reseller</li></li></ul><li>Jonathan Greenwood | Is VoIP Secure?<br />IP Phone system must be able do<br /><ul><li>TLS
  81. 81. SRTP
  82. 82. HTTPS
  83. 83. DOS Prevention
  84. 84. Intrusion Prevention
  85. 85. Access Lists</li></li></ul><li>Jonathan Greenwood | Is VoIP Secure?<br />TLS<br /><ul><li>Transport Layer Security
  86. 86. Encrypts SIP packets
  87. 87. Similar to HTTPS
  88. 88. Hides IP addresses, ports
  89. 89. Protects the signalling</li></li></ul><li>Jonathan Greenwood | Is VoIP Secure?<br />
  90. 90. Jonathan Greenwood | Is VoIP Secure?<br />SRTP<br /><ul><li>Secure Voice (RTP)
  91. 91. Encrypts media
  92. 92. If captured you hear white noise</li></li></ul><li>Jonathan Greenwood | Is VoIP Secure?<br />HTTPS<br /><ul><li>Secures the web traffic
  93. 93. Prevents Password loss
  94. 94. Man in the middle grabbing data
  95. 95. Would you do online banking without</li></li></ul><li>Jonathan Greenwood | Is VoIP Secure?<br />DOS<br />
  96. 96. Jonathan Greenwood | Is VoIP Secure?<br />DOS<br /><ul><li>Can take your entire system down
  97. 97. Can your IP Telephone system continue when under attack?</li></li></ul><li>Jonathan Greenwood | Is VoIP Secure?<br />Intrusion Prevention<br /><ul><li>Blocks IP Addresses (Blacklist)
  98. 98. Allows IP Addresses (Whitelists)
  99. 99. No use of CPU
  100. 100. No processing
  101. 101. Bins rogue SIP packets</li></li></ul><li>Jonathan Greenwood | Is VoIP Secure?<br />
  102. 102. Jonathan Greenwood | Is VoIP Secure?<br />Yes we do IPv6<br />
  103. 103. Jonathan Greenwood | Is VoIP Secure?<br />Intruder Alert! Automatic Email Notification<br />From: thepbx@yourcompany.comSent: Sunday, January 09, 2011 8:57 PMTo: admin@mycompany.com.comSubject: SIP Blacklist<br />Body: Address 69.61.210.157 has been blacklisted. The IP address 69.96.218.157 has been blacklisted for 1440 minutesbecause there were 10 unsuccessful authentication attempts (sip).<br />
  104. 104. Jonathan Greenwood | Is VoIP Secure?<br />Intruder Alert! Automatic Email Notification<br />From: thepbx@yourcompany.comSent: Sunday, January 09, 2011 8:57 PMTo: admin@mycompany.com.comSubject: HTTP Blacklist<br />Body: Address 69.61.210.157 has been blacklisted. The IP address 69.96.218.157 has been blacklisted for 1440 minutesbecause there were 10 unsuccessful authentication attempts (http).<br />
  105. 105. Secure Phone System| snom ONE plus<br />snom ONE plus<br /><ul><li>This one has all those features – and more</li></li></ul><li>Jonathan Greenwood | Is VoIP Secure?<br /><ul><li>Use the right equipment
  106. 106. Secure Telephone System
  107. 107. Secure IP Phones
  108. 108. Secure PSTN/SIP Connectivity
  109. 109. Security between System and Phones
  110. 110. Create a basic security guide
  111. 111. Employ a trained reseller</li></li></ul><li>Jonathan Greenwood | Is VoIP Secure?<br />IP Phones must be able to do<br /><ul><li>TLS
  112. 112. SRTP
  113. 113. HTTPS
  114. 114. Secure or lock down the web interface
  115. 115. Secure provisioning</li></li></ul><li>Jonathan Greenwood | Is VoIP Secure?<br />snom 300<br />snom 320<br />YES!<br />snom 370<br />
  116. 116. Jonathan Greenwood | Is VoIP Secure?<br />snom 821<br />snom 870<br />YES!<br />snom M9<br />(DECT)<br />Meeting Point<br />
  117. 117. Jonathan Greenwood | Is VoIP Secure?<br /><ul><li>Use the right equipment
  118. 118. Secure Telephone System
  119. 119. Secure IP Phones
  120. 120. Secure PSTN/SIP Connectivity
  121. 121. Security between System and Phones
  122. 122. Create a basic security guide
  123. 123. Employ a trained reseller</li></li></ul><li>Jonathan Greenwood | Is VoIP Secure?<br />SIP trunks must<br /><ul><li>Connect via TLS
  124. 124. Media capable of SRTP
  125. 125. HTTPS for provisioning
  126. 126. Or VPN (more overhead)
  127. 127. Or Private network</li></li></ul><li>Secure Phone System| snom ONE plus<br />snom ONE plus<br /><ul><li>Offers Secure SIP Trunk connectivity</li></li></ul><li>Jonathan Greenwood | Is VoIP Secure?<br />SIP trunks to PSTN<br /><ul><li>Connect via TLS
  128. 128. Media capable of SRTP
  129. 129. Internal Network only
  130. 130. Private network to PSTN</li></li></ul><li>Secure Phone System| snom ONE plus<br /> Internally Secure – Private communication<br />snom ONE plus<br /><ul><li>Offers Secure SIP Trunk connectivity</li></li></ul><li>Jonathan Greenwood | Is VoIP Secure?<br />Carrier Grade SIP Exchange Platform<br />
  131. 131. Jonathan Greenwood | Is VoIP Secure?<br /><ul><li>Use the right equipment
  132. 132. Secure Telephone System
  133. 133. Secure IP Phones
  134. 134. Secure PSTN/SIP Connectivity
  135. 135. Security between System and Phones
  136. 136. Create a basic security guide
  137. 137. Employ a trained reseller</li></li></ul><li>Jonathan Greenwood | Is VoIP Secure?<br />IP Phones must communicate with a Secure Telephone System<br /><ul><li>TLS
  138. 138. SRTP
  139. 139. HTTPS
  140. 140. Certificates</li></li></ul><li>Jonathan Greenwood | Is VoIP Secure?<br />IP Phones must communicate with a Secure Telephone System<br /><ul><li>Install Certificates
  141. 141. IP Phone
  142. 142. IP Telephone System</li></li></ul><li>Jonathan Greenwood | Is VoIP Secure?<br /> Security - Not an after thought!<br />
  143. 143. Jonathan Greenwood | Is VoIP Secure?<br />Auto Provision IP Phones<br /><ul><li>Install Certificates
  144. 144. Telephone System Provisions the phone
  145. 145. Strong passwords
  146. 146. HTTPS</li></li></ul><li>Jonathan Greenwood | Is VoIP Secure?<br />Auto Provision IP Phones<br /><ul><li>Lock Registration to
  147. 147. Phones MAC address
  148. 148. HTTPS Username and Password
  149. 149. Trusted IP Address</li></li></ul><li>Jonathan Greenwood | Is VoIP Secure?<br />Auto Provision IP Phones<br /><ul><li>Lock Registration to </li></li></ul><li>Jonathan Greenwood | Is VoIP Secure?<br /><ul><li>Use the right equipment
  150. 150. Secure Telephone System
  151. 151. Secure IP Phones
  152. 152. Secure PSTN/SIP Connectivity
  153. 153. Security between System and Phones
  154. 154. Create a basic security guide
  155. 155. Employ a trained reseller</li></li></ul><li>Jonathan Greenwood | Is VoIP Secure?<br />This is easy - Passwords<br /><ul><li>Secure, strong passwords
  156. 156. Change them every month
  157. 157. Force secure passwords</li></li></ul><li>Jonathan Greenwood | Is VoIP Secure?<br />This is easy - Passwords<br /><ul><li>Monitor passwords
  158. 158. Weak password</li></li></ul><li>Jonathan Greenwood | Is VoIP Secure?<br />This is easy – Template Deployments<br /><ul><li>Change template deployments
  159. 159. Hackers target template deployments
  160. 160. Known passwords
  161. 161. Easy target</li></li></ul><li>Jonathan Greenwood | Is VoIP Secure?<br />This is easy – Simple Policy<br /><ul><li>Different passwords for
  162. 162. Web Interface
  163. 163. SIP Passwords
  164. 164. PIN Numbers</li></li></ul><li>Jonathan Greenwood | Is VoIP Secure?<br />This is easy – Limit Dial Plans<br /><ul><li>Block numbers
  165. 165. Add a Pin Number</li></li></ul><li>Jonathan Greenwood | Is VoIP Secure?<br />This is easy – Back up<br />
  166. 166. Jonathan Greenwood | Is VoIP Secure?<br /><ul><li>Use the right equipment
  167. 167. Secure Telephone System
  168. 168. Secure IP Phones
  169. 169. Secure PSTN/SIP Connectivity
  170. 170. Security between System and Phones
  171. 171. Create a basic security guide
  172. 172. Employ a trained reseller</li></li></ul><li>Jonathan Greenwood | Is VoIP Secure?<br />Which Reseller?<br /><ul><li>Look for Certified Reseller Partners
  173. 173. Look for Manufacturer Partner Programs
  174. 174. Look on a Manufacturer’s website
  175. 175. Contact the Manufacturer – ask who?</li></li></ul><li>Jonathan Greenwood | Is VoIP Secure?<br />snom Channel Partner Program<br /><ul><li>Designed for resellers
  176. 176. Aimed at resellers of VoIP</li></li></ul><li>Jonathan Greenwood | Is VoIP Secure?<br />snom Channel Website<br /><ul><li>Aimed to support resellers
  177. 177. Sales and Product advice
  178. 178. Make resellers feel wanted
  179. 179. Makes for a good working relationship
  180. 180. Give the customer some comfort
  181. 181. http://www.snomchannel.co.uk</li></li></ul><li>Jonathan Greenwood | Is VoIP Secure?<br />
  182. 182. Jonathan Greenwood | Is VoIP Secure?<br />snom Certified Engineers (SCE)<br /><ul><li>Certified Resellers
  183. 183. Not just Technical
  184. 184. Sales and Support Trained
  185. 185. Marketing Support</li></li></ul><li>Jonathan Greenwood | Is VoIP Secure?<br />What happens when it goes wrong?<br />
  186. 186. Jonathan Greenwood | Is VoIP Secure?<br />Disaster can strike<br /><ul><li>A customer on an insecure PBX
  187. 187. Not ours 
  188. 188. 8000 calls from midnight until 7am
  189. 189. Credit limit stopped at £400.00
  190. 190. SIP trunking provider is the good guy here</li></li></ul><li>Jonathan Greenwood | Is VoIP Secure?<br />Disaster can strike<br /><ul><li>If that was the PSTN –
  191. 191. Next months bill
  192. 192. 1+ months to find out
  193. 193. Big bills
  194. 194. Who is responsible?</li></li></ul><li>Jonathan Greenwood | Is VoIP Secure?<br />Disaster can strike<br /><ul><li>Who is responsible?
  195. 195. Carriers
  196. 196. Poor installation
  197. 197. Poor password policy
  198. 198. Poor management</li></li></ul><li>Jonathan Greenwood | Is VoIP Secure?<br />Don’t do this<br />
  199. 199. Jonathan Greenwood | Is VoIP Secure?<br />
  200. 200. Jonathan Greenwood | Is VoIP Secure?<br />Instead - Do do this<br />
  201. 201. Jonathan Greenwood | Is VoIP Secure?<br />Employ <br /><ul><li>snom Certified Reseller
  202. 202. Trained on Sales and Support
  203. 203. Security aware
  204. 204. Backed by the Manufacturer</li></li></ul><li>Jonathan Greenwood | Is VoIP Secure?<br />Deploy <br />
  205. 205. Jonathan Greenwood | Is VoIP Secure?<br />Are you a Reseller?<br /><ul><li>snom Certified Engineer (SCE)?
  206. 206. Join today
  207. 207. Receive training
  208. 208. Sales, Marketing and support
  209. 209. Priority support
  210. 210. Sales
  211. 211. Deployment</li></li></ul><li>Jonathan Greenwood | Is VoIP Secure?<br />Are you a Customer?<br /><ul><li>Look at our products
  212. 212. Security is always first
  213. 213. 16 years in VoIP - SIP
  214. 214. Worldwide supply
  215. 215. Local UK office
  216. 216. We are here to help</li></li></ul><li>Jonathan Greenwood | Is VoIP Secure?<br />Visit our stand – find out more<br /> Stand 717<br />
  217. 217. Jonathan Greenwood | Is VoIP Secure?<br />Thank you<br />Any Questions?<br />

×