Presentation is loading. Please wait.

Presentation is loading. Please wait.

Securing your move to VoIP… Luis Eguiagaray, Managing Director Professional Services EMEA Lucent Worldwide Services 15 November 2005, Lisbon.

Similar presentations


Presentation on theme: "Securing your move to VoIP… Luis Eguiagaray, Managing Director Professional Services EMEA Lucent Worldwide Services 15 November 2005, Lisbon."— Presentation transcript:

1 Securing your move to VoIP… Luis Eguiagaray, Managing Director Professional Services EMEA Lucent Worldwide Services 15 November 2005, Lisbon

2 2 Lucent Technologies – Proprietary - Use pursuant to company instruction Agenda Telecommunication Market Trends Security Challenges when migrating to VoIP A systematic approach to address security in converged networks Building a comprehensive Next Generation Network Migration Plan Applying lessons learned to secure your move to VoIP Conclusions

3 3 Lucent Technologies – Proprietary - Use pursuant to company instruction Service convergence across networks Active Phone Book Presence and Location Unified Messaging Video Communications Mobile / BB Roaming iLocator Multicast Service People simply want services that fit their lifestyle and are available anywhere, anytime. Internet 2G/3G Packet Mobile Network 802.xx Access Circuit Mobile Network IP Network Cable

4 4 Lucent Technologies – Proprietary - Use pursuant to company instruction Household Communications Spending At Current Prices (% of Total Household Consumption Expenditure) Source: Eurostat 2004 [In 2000 average consumption expenditure of EU households has been EUR per head/year] % Belgium Denmark Germany Greece Spain France Ireland Italy Luxembourg Netherlands Austria Portugal Finland Sweden United Kingdom EU-15 Average United States Linear (EU-15 Average )

5 5 Lucent Technologies – Proprietary - Use pursuant to company instruction Securing your move to VoIP.. Setting the scene.. Convergence of voice and data networks enables blended lifestyle services +implementation of VoIP is taking place +Use of IP-based nets - cost saving and more flexibility +More functionality by employment of smart" software +New end-user services -IP-based nets - security is an issue -New attack types, Unknown vulnerabilities introduced with VoIP +.. But security also provides opportunities

6 6 Lucent Technologies – Proprietary - Use pursuant to company instruction Evolution to the new telecommunications world Operator network, including network elements, applications, … Circuit-switched telecommunications world Applications Network element(s) IP Infrastructure Network element(s ) Third-party Apps The brave new world

7 7 Lucent Technologies – Proprietary - Use pursuant to company instruction Security challenges in the brave new world Apps Network element(s) IP Infrastructure Network element(s ) Third-party Apps Open, standards & IP-based, converged Telecom exposed to the vulnerabilities of open networks and systems Key threats: Availability, Confidentiality, Authenticity & Integrity VoIP open to vulnerabilities & threats in IP, e.g. Denial of Service Topology of network potentially detectable by attackers OA&M and customer data vulnerable if on a common backbone with IP transport

8 8 Lucent Technologies – Proprietary - Use pursuant to company instruction Are you prepared to address the security challenges in a Wireless VoIP network? How vulnerable is my network and business to hackers and other external threats that may bring the service to my customers down? How difficult or easy is it for bad guys to commit fraud and make misusage of the services I provide through my new VoIP network? How do I ensure data integrity so data transmitted through my network arrives at the receiver as it was send by the sender? Where do I stand from a Business Continuity perspective? A comprehensive end-to-end approach to VoIP security is required

9 9 Lucent Technologies – Proprietary - Use pursuant to company instruction A comprehensive end-to-end approach to security is required

10 10 Lucent Technologies – Proprietary - Use pursuant to company instruction Security requires a continuous program to be established People Products Processes

11 11 Lucent Technologies – Proprietary - Use pursuant to company instruction ITU-T x.805 Security Framework provides comprehensive approach for VoIP Security Bell Labs Innovation

12 12 Lucent Technologies – Proprietary - Use pursuant to company instruction VoIP security wont become a problem if you take a uncompromised approach to it VoIP Security assessment by independent 3rd party Take Security into account from day one when implementing VoIP: –In the business case –In the architecture –In the detailed planning & design –In operations & maintenance procedures Deploy best of breed security solutions integrated by trusted and qualified professionals Consider outsourcing of VoIP Security Management => a Security ROI analysis may help to make the right choice Look for partnerships that allow you to provide End-to-End VoIP Security Make sure it scales with the network Make sure it scales with the network

13 13 Lucent Technologies – Proprietary - Use pursuant to company instruction Are you prepared to address the challenges of a Next Generation Network Transformation? Will your next generation architecture support your future services? How will current services be improved by the next generation network? Have you defined a migration strategy? Will you migrate your customers or allow customers to gradually adopt a next generation architecture? How long will a transitional hybrid network environment exist? And what are the financial implications of this network state? What are your priorities for migration? financial payback? office consolidation? services and customer migration timelines? availability of new services? protecting legacy investment?

14 14 Lucent Technologies – Proprietary - Use pursuant to company instruction Cost Benefits of Convergence to All IP network infrastructure Converged All IP networks have significant benefits for cost reduction –Reduction in Site operation expenses Fewer sites Lower operating cost per site –Lower headcount –Greater trunking efficiency in the converged network Fewer trunks trunks freed up for leasing –Potential reduction in access charges Recent examples demonstrated include: - 57% reduction in sites - 63% reduction in OpEx per site - 25% reduction in head count - 43% reduction in trunk provisioning - 80,000 trunks freed with $73m leasing potential Equivalent to 20% of current voice network OpEx

15 15 Lucent Technologies – Proprietary - Use pursuant to company instruction The Network Transition Bubble Operating Expense during Next Generation Network Migration Time Current NetworkHybrid NetworkNextGen Network Operational Expense associated with network migration Capital Investment Required for Next Gen Network Components Present Transition Future Operational Savings Flatten the curve and shorten the interval by using NGN Migration Experts

16 16 Lucent Technologies – Proprietary - Use pursuant to company instruction Are you prepared to address the challenges of a Next Generation Migration? How accurate are your records (engineering, switch, OSS/BSS and billing, service/circuit)? What are the data cleansing requirements? What tool development is required to automate the migration process? What transport infrastructure will be required during the migration? What are your alternative traffic migration points for office services? How will you handle OAM&P during the transitional network? Do you have the operational skills to manage the next generation network? Next Generation Network migration is a complex undertaking and requires a comprehensive, well-thought out approach

17 17 Lucent Technologies – Proprietary - Use pursuant to company instruction Integrated Network Migration Planning The basis for successful migration A systematic, comprehensive migration planning process across five inter-related dimensions. OUR APPROACH TO NEXT GENERATION MIGRATION Network Database Migration Application MigrationOSS/BSS MigrationTraffic Migration Transport Migration What we do: Develop migration plans across five dimensions Whats the deliverable: Integrated network migration plan The manner and order that each of these dimensions is considered within the migration is dependent on the identified migration priorities, which are Service Provider specific

18 18 Lucent Technologies – Proprietary - Use pursuant to company instruction Goal: Create a next-gen network for enterprise customers Network to deliver new services, such as IP Centrex, combined IP services Solution combines network elements and end-end service Lucent selected for technical solution and service support Next-gen network solution for Netia Lucent delivers Next Generation IMS solutions that meet business needs Goal: IMS/VoIP end-to-end security implementation Assess IMS/VoIP security using X.805 and BS7799 security models Implementation of Information Security Management System Customer name not disclosed for security reasons VoIP Security Assessment EU Operator Goal: Create Network incorporating UMTS, HSDPA and IMS HSDPA-enabled network will provide customers with "blended" mobile high-speed data, multimedia, and VoIP services First commercial deployment in Europe Converged Fixed-Mobile Network for O2 21 st Century Network provider to BT Goal: Help BT to create next-gen network Providing multi-vendor core equipment Delivering network integration, deployment and maintenance support for one of the world's largest infrastructure upgrades

19 19 Lucent Technologies – Proprietary - Use pursuant to company instruction Our Migration solutions yield tangible results Offer New Services Quick availability of new lifestyle services Reduce Transitional Operating Costs Minimized issues during transition Operate Cost Efficiently Lower existing Services pricing Innovate for the Future New blended Lifestyle services Typical Benefits –30-40% reduction in interval and cost of OSS application development required for migration –Reduce customer data provisioning interval and costs by 30% –Accelerate traffic migration timeline by 30-40% –Accelerate overall deployment schedule by 20-30% Plus … –Ready platform for new blended services introduction –Increased end customer satisfaction during network transition Business Imperatives End User Needs

20 20 Lucent Technologies – Proprietary - Use pursuant to company instruction Conclusions Convergence allows creation of new blended lifestyle services to grow revenue Convergence to IP provides significant opportunities, but security is a challenge that needs to be addressed A comprehensive approach to security that takes all aspects into account is required No one size fits all solutions –An integrated migration plan based on specific Service Provider or Enterprise priorities provides the basis for successful reliable migration to an All IP infrastructure Lucent Worldwide Services migration and security expertise enables a secure move to VoIP

21 21 Lucent Technologies – Proprietary - Use pursuant to company instruction Lucent – enabling your Next Generation Migration success This document is protected under the copyright laws of the United States and other countries as an unpublished work. This document contains information that is proprietary and confidential to Lucent Technologies or its technical alliance partners. No information contained within or directly referenced in connection with this document whether written or verbal, shall be disclosed or duplicated, used or disclosed in whole or in part for any purpose other than to evaluate Lucent Technologies. Any use or disclosure in whole or in part of this information without the express written permission of Lucent Technologies is prohibited. © 2005 Lucent Technologies. All rights reserved. Printed in the USA. Note: Any mention of benefits, including savings targets, is a rough order of magnitude estimate only, and as such does not constitute a final offer. Any final offer including pricing is subject to due diligence.

22 22 Lucent Technologies – Proprietary - Use pursuant to company instruction Appendix About Lucent Worldwide Services Contact details: Luis Eguiagaray Tel:

23 23 Lucent Technologies – Proprietary - Use pursuant to company instruction Three Security Layers (Following ITU X.805) 1 - Infrastructure Security Layer: Fundamental Building Blocks of Networks, Services and Applications. Examples: –Individual Routers, Switches, Servers, –Point-to-Point WAN Links, –Ethernet Links. 2 - Services Security Layer: Services Provided to End-Users. Examples: –Frame Relay, ATM, IP, –Cellular, WiFi, –VoIP, QoS, IM, Location Services, –800-Services. 3 - Applications Security Layer: Network-Based Applications Accessed by End-Users. Examples: –Web Browsing, –Directory Assistance, – , –E-Commerce. Security Services

24 24 Lucent Technologies – Proprietary - Use pursuant to company instruction 1-Access Control 2-Authentication 3-Non-repudiation 4-Data Confidentiality 5-Communication Security 6-Data Integrity 7-Availability 8-Privacy Limit & Control Access to Network Elements, Services & Applications. Examples: Password, ACL, Firewall. Prevent Ability to Deny that an Activity on the Network Occurred. Examples: System Logs, Digital Signatures. Ensure Information Only Flows from Source to Destination Examples: VPN, MPLS, L2TP. Ensure network elements, services and application available to legitimate users Examples: IDS/IPS, network redundancy, BC/DR. Provide Proof of Identity. Examples: Shared Secret, PKI, Digital Signature, Digital Certificate. Ensure Confidentiality of Data Example: Encryption. Ensure Data is Received as Sent or Retrieved as Stored. Examples: MD5, Digital Signature, Anti-Virus Software. Ensure Identification and Network Use is Kept Private. Examples: NAT, Encryption. 8 Security Dimensions Address the Breadth of Network Vulnerabilities Security Services

25 25 Lucent Technologies – Proprietary - Use pursuant to company instruction Lucent: a world-class company with proven capabilities ABOUT LUCENT Global, world-class expertise Track record of success –Trusted partner to the largest 30 service providers, governments, and enterprises worldwide –260+ customers –Over 100 years of carrier-grade experience –Installed more than 105,000 spread spectrum base stations, of which more than 65,000 are 3G-enabled –32,000 professionals worldwide –Presence in over 65 countries 4 Global Network Operations Centers (GNOCs) 60+ engineering and technical service centers around the world –Network expertise and most powerful innovation engine in the world: Bell Labs –Six Nobel Prizes shared by Lucent scientists We design and deliver the systems, services and software that drive next-generation communications networks

26 26 Lucent Technologies – Proprietary - Use pursuant to company instruction Quingdao South Korea Phoenix Lucent Worldwide Services (LWS): a world leading network integrator Bracknell Groot-Bijgaarden Hilversum Nuremberg Paris Alcobendas India Hong Kong Shanghai Beijing Singapore Saudi Arabia Sydney Atlanta MA - Hyannis, Marlborough, Maynard, Merrimack Valley, North Andover, MA NJ - Holmdel, Murray Hill, Whippany MD - Hunt Valley (TAC), Columbia Markham, Ontario CO - Denver, Highlands Ranch CA - Alameda Technical Assistance Center Global Network Operations Center Dublin Tokyo Taiwan Melbourne Venezuela Brazil Argentina Puerto Rico Mexico City ILLisle Call Center 60+ Global network, call and technical centers Serve 30 carriers and 120 companies in 47+ countries 10,000+ network experts End-to-end capabilities include: –Professional –Deployment –Maintenance –Managed Services ABOUT LUCENT WORLDWIDE SERVICES Note: locations may have multiple sites Legend Thousands of experts, supporting products of hundreds of vendors, one service delivery methodology

27 27 Lucent Technologies – Proprietary - Use pursuant to company instruction Our full lifecycle of services utilize a proven methodology to address your business security needs Assess organization & network to reveal security exposures & mitigation options Penetration testing Benchmark existing security program against industry best- practices Identify impacts of potential risks to the networks and business Quantify impacts in financial terms Assess risk tolerance Security policy and program development Incident response planning Staff security awareness Design & configure security architecture Create policies Deploy security systems/elements OUR APPROACH TO SECURITY Manage events Monitor events Administration of security policies Security Services

28 28 Lucent Technologies – Proprietary - Use pursuant to company instruction We customize your Security solution, drawing on our breadth of services and expertise Security Assessment Policy and Program Development Design and Implementation Security Consulting: Understand the risk and create a solution to protect your network Business Continuity Services: Plan for and enable secure ongoing operations Penetration Testing Risk Assessment Impact Analysis Plan Design and Development Plan Testing Plan Maintenance Gap Analysis Managed Firewall Assessment Planning & Design Implementation Maintain & Manage Managed VPN Managed Intrusion Detection Business Analysis Managed Security Services: Outsource key elements of your security solution ROI Framework OUR APPROACH TO SECURITY

29 29 Lucent Technologies – Proprietary - Use pursuant to company instruction Lucent can help you navigate these challenging paths OUR POINT OF VIEW ON SECURITY –Lucent IS Networks 25 years of experience in high-security wireline, wireless, voice and data –Highest-quality consultants using consistent methodology 50+ CISSP experts, Master Recovery Planner credentials –Security experience complemented with strong partnerships critical partnerships strengthen end-to-end solutions delivered –1000+ security engagements spanning service providers, enterprises, government, even the DoD –Hundreds of patents in security and Bell Labs leadership cryptography, biometrics, firewalls, denial of service, virus detection –Leadership role in key standards bodies OSAC, NSTAC, NRIC, WERT, ANSI, ATIS, IETF ITU x.805 –Thought leadership multiple areas of security including wireless security and zero-day attacks –Comprehensive multivendor capabilities can manage numerous products from best of breed vendors, such as Enterasys and Cisco –Proven approach we make any network more secure, regardless of technology –Knowledge Management leverage learnings from numerous successful security engagements –Best-in-class security technology developed by Bell Labs or partners, is used to protect your network –End-to-end capabilities with global reach from policies to technology to Business Continuity to Managed Security Why Lucent for Security Services? Unparalleled experience and expertise Pioneering research and industry leadership Multivendor, proven approach Dr. Arjen Lenstra Karl Rauscher Bell Labs Expertise Enterasys Alliance Partner of the Year

30 30 Lucent Technologies – Proprietary - Use pursuant to company instruction Defined a Security ROI model for a proposed corporate-wide security program, assessing business drivers and risk exposures, with sensitivity analysis, to deliver a defensible value estimate. Reduced financial risk due to litigation, penalties, etc., and determined best future projects to achieve higher revenue and strategic goals. Quantified value of security program for a service provider LWS consistently delivers security and reliability for their clients Addressed security risks by producing a detailed roadmap to align policies, procedures and management control systems. Reduced security exposures and validated regulatory compliance. Centralized policy management across 27 areas. Helped an insurance carrier reduce risks Supported a communications firms revenue-creating potential by assessing networks, integrating managed firewall solutions, and developing a comprehensive security program, which created the critical underlying foundation for effective risk control and incident management. Strengthened Intermedias revenues Enabled Alestra to drive productivity OUR APPROACH TO SECURITY Delivered over $1M in productivity benefits for a large Mexican telecommunications carrier, through a comprehensive security incident response process & methodology that significantly reduced downtime, sped incident recovery & improved customer satisfaction.

31 31 Lucent Technologies – Proprietary - Use pursuant to company instruction Execution Expertise Business Value of Solution Delivered + + LWS Security Services enables unparalleled protection of your organizations and your customers information = = Address security most effectively … by partnering with LWS OUR APPROACH TO SECURITY –Address all security- related demands –Achieve end-to-end, integrated solutions … from policies to staffing –Implement non- disruptively –Provide single point of accountability –Extensive experience and industry leadership –External perspective for comprehensive risk assessment –Highest-quality solutions … no matter what the vendor technology –Realize an optimal solution with best individual elements, enabling future viability and evolution –Create an integrated approach designed to combine organizational and technical elements to maximize security –Control total cost of ownership via Managed Services model –Control cost of security-related staffing without sacrificing quality Would you trust the reliability, privacy, availability and security of your network to something that wasnt proven?

32 32 Lucent Technologies – Proprietary - Use pursuant to company instruction Our methodology manages end-to-end complexity to deliver superior Migration solutions Network Business Consultancy OUR APPROACH TO NEXT GENERATION MIGRATION Network Migration Consultancy Migration Implementation Managed Services Custom Software Development (Migration Tools & Interfaces) Planning & Design (End-to-end Network Design, Security) Maintenance Services Planning & Design (Solution Architecture)

33 33 Lucent Technologies – Proprietary - Use pursuant to company instruction We customize your Next Generation Migration Solution, drawing on our breadth of services and expertise Professional Consulting: Define a viable and secure NGN Migration solution Deployment: Create and implement the NGN Migration solution Assessment Planning & Design Implementation Maintain & Manage Business Analysis Maintenance & Management: Outsource key elements of your NGN Migration Solution OUR APPROACH TO NEXT GENERATION MIGRATION Network Migration Consultancy Maintenance Services (RTS, OTS, RES) Managed Services Network Business Consulting Planning & Design (End-to-End Network Design, Security) Migration Implementation Custom Software Development (Migration Tools & Interfaces) Planning & Design (Solution Architecture)

34 34 Lucent Technologies – Proprietary - Use pursuant to company instruction Transport Migration An analysis of the infrastructure requirements required to support each network state: TDM, hybrid, & IP states OSS/BSS Migration Creation of a plan to migrate the OSS/BSS environment to achieve the vision for the next generation network, while maintaining operational continuity throughout the transition Application Migration An evaluation of the ongoing need for currently available services and the most effective means to deploy these services on the next generation network Traffic Migration An evaluation of migration scenarios for moving services from the current to the next generation network Network Database Migration An evaluation of network database information in the current TDM environment and development of mapping techniques for provisioning in the new IP network Network Business Consulting Development and value assessment of network migration strategies and scenarios Network Migration Consultancy A systematic, comprehensive migration planning process across 5 dimensions: transport, network database, application, OSS/BSS, and traffic Next Generation Migration Services Professional Consulting Define a viable and secure NGN Migration solution Planning & Design (End-to-End Network Design, Security) Development of the specific network design plan to implement a secure next generation architecture Migration Implementation A comprehensive execution of the migration process Custom Software Development (Tools & Interfaces) An evaluation of tool and interface recommendations across the 5 dimensions of migration planning and development of custom software (tools) ABOUT LWS: OUR SERVICES PORTFOLIO FOR NEXT GENERATION MIGRATION Deployment Create and implement the NGN Migration solution across 5 dimensions Planning & Design (Solution Architecture) Development of the solution architecture to meet the needs of the next generation network

35 35 Lucent Technologies – Proprietary - Use pursuant to company instruction What Analysts and Operators are saying… The simplified infrastructure of convergence gives carriers a platform to build new services, enabling them to compete for the emerging $70 billion network-services market. Telcoms Other Merger, The Wall Street Journal via Factiva News and Business Information Service May 17, 2005 We believe that opex could fall by 30% (driven by headcount cuts of 3040%) and capex by 10%-15%. Integrated Operators IP: They Holy Grail for Telcos, Credit Suisse Equity Research, March 10, 2005 BT has indicated that annual cost savings at the network edge/aggregation level are around £250m (equivalent to around 2.5% of current wireline costs) Integrated Operators IP: They Holy Grail for Telcos, Credit Suisse Equity Research, March 10, 2005 KPN aims to reduce opex by 150m per year over the next three years during the first phase of its network migration (the move to an all IP core), with these cost savings rising to 200m per annum by 2008 when the company is deploying IP in the access network…IT spend will fall by 50% compared to current levels Integrated Operators IP: They Holy Grail for Telcos, Credit Suisse Equity Research, March 10, 2005 Telcoms Other Merger The Wall Street Journal via Factiva News and Business Information Service May 17, 2005 Convergence will simplify…by unifying operations onto one common, packet-based infrastructure, dramatically reducing the number of systems, people, and facilities required to support the networks

36 36 Lucent Technologies – Proprietary - Use pursuant to company instruction LWS has proven its capability… Business Analysis & Assessment Planning & Design Migration Consultancy & Implementation Developed interfaces from an X.25 network to an IP network for an Asian provider Successfully completed over 1000 switch migrations (1AESS, 5ESS, DMS, GTD5) Migrated 3000 T1s into ATM PVC T1s to create additional capacity for a U.S. Wireless SP Developed scripts and methodologies to rapidly migrate traffic (100,000 DS0s in 8 days) for a large Wireless SP Partnered with large NAR SP to refine Wavelength Augmentation process & performed 350 wavelength optical migrations at 50 locations Completed split of NavisCore database for large U.S. SP Broadband network to provide additional growth Designed a multivendor VoIP architecture for Asian SP, resulting in >$1 million CAPEX savings Streamlined Telemars network management operations and improved quality of services to customers Provided end-to-end support to plan, design, engineer, install & integrate 460+ cell sites for wireless SP Developed a Security ROI model for wireline SP to ensure maximum value of protecting cash flows as services are being migrated onto its IP/MPLS network Assessed over 300 process flows and identified back office operational improvements to support Reliances 10 million subscribers OUR APPROACH TO NEXT GENERATION MIGRATION

37 37 Lucent Technologies – Proprietary - Use pursuant to company instruction Experience ExpertiseBusiness Value + + Lucent Worldwide Services leverages its expertise to execute the highest-value Next Generation Migration solution = = Optimal results in Migration … by partnering with LWS OUR APPROACH TO NEXT GENERATION MIGRATION –Successfully completed worldwide migration projects across multivendor platforms (including switch migrations, 75+ wireless swap-outs of 2.4M+ subscribers) –Completed migration of 3000 T1s into ATM PVC T1s to create additional capacity –Extensive experience moving, testing and completing traffic migration in support of switch replacements (100,000 DS0s in 8 days) –Assessed 300+ process flows & identified back-office operational improvements to support 10M subscribers –Upgraded & integrated nationwide multivendor optical transport network (50 locations & 350 wavelengths of capacity) Migration experts averaging over 20 years industry experience Bell Labs capabilities & tools (research in XML technology and millions invested in migration tools) Comprehensive and systematic planning, interface & tool development, and execution services across all dimensions of the migration Proven methodologies with Network Engagement Methodology and Knowledge Management processes –Minimized risks due to the systematic planning process –Minimized operational costs during transition network period –Minimized customer impact and dissatisfaction with new service introductions, operations and maintenance –New revenues from new service introductions enabled by next generation network implementation


Download ppt "Securing your move to VoIP… Luis Eguiagaray, Managing Director Professional Services EMEA Lucent Worldwide Services 15 November 2005, Lisbon."

Similar presentations


Ads by Google