Infocom Security Events in Asia

Events, Seminars, Workshops, Training

Conferences, Trade shows and Exhibitions

Security Best Practices for Enterprise VoIP


I. Benefits of Extending Unified Communications

  • Cost-effective transport for common applications such as placing voice calls, participating in video conferences, exchanging instant messages (IMs), and more.
  • Increase productivity and improve collaboration.
  • Decrease telecommunications charges
  • Business Continuity
  • Mobility
  • Opportunity for more seamless outsourcing

II. Trends in Communications Security: VoIP and Unified Communications

  • Security trends: effects of the economy, geo-politics, cyber-war
  • VoIP, unified communications and security risks: no longer merely theory
    • How is it different from data applications
    • Limitations of Existing Data Security Solutions
  • Primary threats and risks
    • Reconnaissance
    • Spoofing
    • Eavesdropping
    • Weak Authentication
    • Signaling and Media Manipulation
    • DoS/DDoS
    • VoIP Spam / Phishing
    • Fuzzing
    • Service Theft/Fraud
    • Regulatory and Compliance
    • VoIP-to-Data Exploits
    • New VoIP-specific Threats
      • Gaining access to the network using a VoIP phone
      • Exploiting the management interface of a VoIP phone
      • Negotiating less secure signaling and media encryption options
      • Voicemail flooding

III. Adopting and Enforcing VoIP/UC Security Best Practices

  • Perform a VoIP/UC vulnerability assessment
  • Implementation of strong UC policies
  • Police interconnection points with VoIP/UC-specific firewall
  • Apply sophisticated VoIP/UC-specifi c intrusion prevention techniques
  • Data security best practices needed for VoIP/UC
  • Other VoIP/UC security best practices

IV. Comprehensive VoIP/UC Security

The ideal comprehensive VoIP/UC security solution would incorporate three core functions, such as:

  1. VoIP/UC threat prevention
  2. Secure VoIP/UC Acccess
  3. VoIP/UC Policy UC compliance

V. Chief Security Architecture Considerations for VoIP and UC deployments

  • Case studies
  • Security architectures for extended enterprise, remote office applications, distributed call centers
  • Access control and authentication
  • SIP trunk termination and security
  • Securing IP PBX and VLAN Deployments
  • Unified Communications Security Life Cycle

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)