Presentation is loading. Please wait.

Presentation is loading. Please wait.

VoIP Security Sip.EDU workshop February 2007 Walt Magnussen, Ph.D. Director TAMU ITEC.

Published byJocelyn Martin Modified over 8 years ago

Similar presentations

Presentation on theme: "VoIP Security Sip.EDU workshop February 2007 Walt Magnussen, Ph.D. Director TAMU ITEC."— Presentation transcript:

1 VoIP Security Sip.EDU workshop February 2007 Walt Magnussen, Ph.D. Director TAMU ITEC

2 VoIP security Major issues –Span of control is often under separate entities on campus –What is included – RTC VoIP H.323 and SIP video IM IPTV –Separate network (virtual or physical) or converged. –Is VoIP just another application or a service with specific requirements –Is security a good or bad thing (layer 8, 9 and 10 issue)

3 Crux of problem RTC traffic has specific requirements ITU-T G.1050

4 What to include: VoIP currently propritory versions of H.323 and SIP Video Conf. Mostly H.323 migrating to SIP IM - also supports SIP IPTV

5 Network solutions Separate IP network – if so why change from TDM in the first place Separate Virtual Network (VLANs) –Not really complete seperation but good enough? All on one network –Best effort – not recommended –QoS – costly to manage

6 Security Approaches Three ways to architect security –Open –Use campus firewall –Use Session Border Controller for Voice

7 Open approach Feel that: –security breaks more things than it fixes (adds latency, jitter etc. –Security is the responsibilty of the end device, not the network Any security device tends to break the true peer-to-peer relationship of SIP

8 Use campus firewall Firewalls can be either state-free or statefull –Because of separation signaling and media, must be statefull –Firewalls can do deep packet inspection but may still miss many VoIP specific vulnerabilites (fuzzing, SPIT and sequential dialing)

9 Session Border Controller Acts as back-to-back user agent. Can add other voice specific features –Peering redirects –MOS based call redirect –NAT transversal assistance –Transcoding with some –Error concelement (i.e. echo) –Access point for Lawful Intercept (CALEA)

10 SBC demonstration A view of the TAMU ITEC Acme Packet SBC.

11 SBC manufactures Acme Packet Nextone Ditech

12 Future directions VoIP authentication and encryption –Proposals include: TLS – used to encrypt signaling stream SRTP – used to encrypt media stream http://www.tmcnet.com/voip/1104/FeatureSecurity.htm http://www.tmcnet.com/voip/1104/FeatureSecurity.htm VPN clients not easy to implement on hardphones (wireline and wireless)

13 Questions ? Contact info: –Walt Magnussen, Ph.D. –ITEC Director –telecom@tamu.edutelecom@tamu.edu –979-845-5588

Download ppt "VoIP Security Sip.EDU workshop February 2007 Walt Magnussen, Ph.D. Director TAMU ITEC."

Similar presentations

The leader in session border control for trusted, first class interactive communications.

The leader in session border control for trusted, first class interactive communications.
The leader in session border control

The leader in session border control
Caltech Proprietary Videoconferencing Security in VRVS 3.0 and Future Videoconferencing Security in VRVS 3.0 and Future Kun Wei California Institute of.

Caltech Proprietary Videoconferencing Security in VRVS 3.0 and Future Videoconferencing Security in VRVS 3.0 and Future Kun Wei California Institute of.
IMS and Security Sri Ramachandran NexTone. 2 CONFIDENTIAL © 2006, NexTone Communications. All rights Traditional approaches to Security - The CIA principle.

IMS and Security Sri Ramachandran NexTone. 2 CONFIDENTIAL © 2006, NexTone Communications. All rights Traditional approaches to Security - The CIA principle.
Figure 7-1 Softswitch Components Signaling Gateway Feature Server Softswitch Universal Media Gateway SGCP SIP MGCP MGCP (Media Gateway Control Protocol)

Figure 7-1 Softswitch Components Signaling Gateway Feature Server Softswitch Universal Media Gateway SGCP SIP MGCP MGCP (Media Gateway Control Protocol)
Saif Bin Ghelaita Director of Technologies & Standards TRA UAE

Saif Bin Ghelaita Director of Technologies & Standards TRA UAE
SIP Trunking A VASP Perspective Thomas Roel Convergence Sales Engineer 651.796.7043

SIP Trunking A VASP Perspective Thomas Roel Convergence Sales Engineer
Addressing Security Issues IT Expo East 2011. Addressing Security Issues Unified Communications SIP Communications in a UC Environment.

Addressing Security Issues IT Expo East Addressing Security Issues Unified Communications SIP Communications in a UC Environment.
SESSION BORDER CONTROLLER

SESSION BORDER CONTROLLER
SIP Explained Gary Audin Delphi, Inc. Sponsored by

SIP Explained Gary Audin Delphi, Inc. Sponsored by
Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.

Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.
Nicolas FISCHBACH Senior Manager, IP Engineering/Security - COLT Telecom - version 1.0 Voice over IP (VoIP)

Nicolas FISCHBACH Senior Manager, IP Engineering/Security - COLT Telecom - version 1.0 Voice over IP (VoIP)
1 Voice over Internet Protocol (VoIP) Security Affects on the IP Network Architecture Conference ICS – Wireless Group Meeting Tempe, Arizona.

1 Voice over Internet Protocol (VoIP) Security Affects on the IP Network Architecture Conference ICS – Wireless Group Meeting Tempe, Arizona.
January 23-26, 2007 Ft. Lauderdale, Florida An introduction to SIP Simon Millard Professional Services Manager Aculab.

January 23-26, 2007 Ft. Lauderdale, Florida An introduction to SIP Simon Millard Professional Services Manager Aculab.
Solutions for SIP The SIP enabler We enable SIP communication for business What the E-SBC can do for you.

Solutions for SIP The SIP enabler We enable SIP communication for business What the E-SBC can do for you.
Enabling SIP to the Enterprise Steve Johnson, Ingate Systems Security: How SIP Improves Telephony.

Enabling SIP to the Enterprise Steve Johnson, Ingate Systems Security: How SIP Improves Telephony.
H. 323 and firewalls: Problem Statement and Solution Framework Author: Melinda Shore, Nokia Presenter: Shannon McCracken.

H. 323 and firewalls: Problem Statement and Solution Framework Author: Melinda Shore, Nokia Presenter: Shannon McCracken.
Session border control applications

Session border control applications
CounterPath Corporation William Khris Kendrick: – Director of Business Development and Channel Marketing – www.counterpath.com www.counterpath.com –

CounterPath Corporation William Khris Kendrick: – Director of Business Development and Channel Marketing – –
IMS – The future of Fixed Mobile Convergence EduCause Walt Magnussen Ph.D. 12 October, 2010.

IMS – The future of Fixed Mobile Convergence EduCause Walt Magnussen Ph.D. 12 October, 2010.

Similar presentations

Ads by Google