Agenda Voice Security Architecture VoIP Risk VoIP threats Service disruption Design Consideration...
-
Upload
eustace-berry -
Category
Documents
-
view
214 -
download
1
Transcript of Agenda Voice Security Architecture VoIP Risk VoIP threats Service disruption Design Consideration...
![Page 1: Agenda Voice Security Architecture VoIP Risk VoIP threats Service disruption Design Consideration Attacks.](https://reader035.fdocuments.us/reader035/viewer/2022071807/56649e205503460f94b0c585/html5/thumbnails/1.jpg)
Voip Security
![Page 2: Agenda Voice Security Architecture VoIP Risk VoIP threats Service disruption Design Consideration Attacks.](https://reader035.fdocuments.us/reader035/viewer/2022071807/56649e205503460f94b0c585/html5/thumbnails/2.jpg)
Agenda
• Voice Security• Architecture• VoIP Risk• VoIP threats• Service disruption• Design Consideration• Attacks
![Page 3: Agenda Voice Security Architecture VoIP Risk VoIP threats Service disruption Design Consideration Attacks.](https://reader035.fdocuments.us/reader035/viewer/2022071807/56649e205503460f94b0c585/html5/thumbnails/3.jpg)
Voice Security• Telephony hacker had high degree of skill• Cybercrime activity include: - DOS for extortion - Hijacking for reselling• Voice traffic need different treatment to data• Security control ,policies and technology is
essential to protecting assets
![Page 4: Agenda Voice Security Architecture VoIP Risk VoIP threats Service disruption Design Consideration Attacks.](https://reader035.fdocuments.us/reader035/viewer/2022071807/56649e205503460f94b0c585/html5/thumbnails/4.jpg)
Voice Architecture• Good security starts with good architecture• Three basic Voip paradigm• System evolved from Traditional PBX• System evolved from data switch platform• System design for VoIP
![Page 5: Agenda Voice Security Architecture VoIP Risk VoIP threats Service disruption Design Consideration Attacks.](https://reader035.fdocuments.us/reader035/viewer/2022071807/56649e205503460f94b0c585/html5/thumbnails/5.jpg)
VoIP Risk
Voice change risk by adding :Complexity
New Access pointNew device and protocols
Risk categories that affected is:Line safety
Confidentially & AvailabilityOperational & Financial
Reputation
![Page 6: Agenda Voice Security Architecture VoIP Risk VoIP threats Service disruption Design Consideration Attacks.](https://reader035.fdocuments.us/reader035/viewer/2022071807/56649e205503460f94b0c585/html5/thumbnails/6.jpg)
VoIP Threats• VoIP threats is:• Service disruption• Service interception• Service fraud and abuse
![Page 7: Agenda Voice Security Architecture VoIP Risk VoIP threats Service disruption Design Consideration Attacks.](https://reader035.fdocuments.us/reader035/viewer/2022071807/56649e205503460f94b0c585/html5/thumbnails/7.jpg)
VoIP Threats• VoIP threats is:• Service disruption• Service interception• Service fraud and abuse
![Page 8: Agenda Voice Security Architecture VoIP Risk VoIP threats Service disruption Design Consideration Attacks.](https://reader035.fdocuments.us/reader035/viewer/2022071807/56649e205503460f94b0c585/html5/thumbnails/8.jpg)
VoIP Threats• VoIP threats is:• Service disruption• Service interception• Service fraud and abuse
![Page 9: Agenda Voice Security Architecture VoIP Risk VoIP threats Service disruption Design Consideration Attacks.](https://reader035.fdocuments.us/reader035/viewer/2022071807/56649e205503460f94b0c585/html5/thumbnails/9.jpg)
Service Disruption• Poor design• Attack on PBX include malware• DOS• Equipment failure or rogue device
![Page 10: Agenda Voice Security Architecture VoIP Risk VoIP threats Service disruption Design Consideration Attacks.](https://reader035.fdocuments.us/reader035/viewer/2022071807/56649e205503460f94b0c585/html5/thumbnails/10.jpg)
Design Consideration• Separate data and voice network• Use PVlan• Use NAT• Use Switching device to limit User Agent
interference• Consider UPN(User Personalized Network )• Consider Scalability• End-to end security
![Page 11: Agenda Voice Security Architecture VoIP Risk VoIP threats Service disruption Design Consideration Attacks.](https://reader035.fdocuments.us/reader035/viewer/2022071807/56649e205503460f94b0c585/html5/thumbnails/11.jpg)
Attacks• Common voice attack• Eavesdropping • Packet spoofing and masquerading• Replay attacks• Hijacking and malicious call• Voice mail bombing, SPAM,…