Unified Communications Threat Management (UCTM) The Dark Side of SOA Solutions Roger Toennis
Download ReportTranscript Unified Communications Threat Management (UCTM) The Dark Side of SOA Solutions Roger Toennis
Unified Communications Threat Management (UCTM) The Dark Side of SOA Solutions Roger Toennis Redshift Networks Inc. Sr. Director of Product Management SOA & Unified Communications Deployments SOA $18.2 billion in 2012 IP PBX $12 billion in 2011 UNIFIED COMMUNICATIONS $18 billion in 2011 200k to 300K IP Phones Mobility Customer Contact Deployment of 45K UC Cisco IP Phones Conference IP PBX Deployment of 10K UC Cisco IP Phones Source: Synergy, Datamonitor, Wainhouse, Ovum, Cisco, Avaya 180K IP Phones Total Market UC $30 billion 2011 4% = Security TAM $1.2B 2011 2 January 23-25, 2008 • Miami Beach Convention Center • Miami, Florida USA www.ITEXPO.com The Hype Cycle Defined (Gartner) Trigger SOCIALIZATION DELIVERY 3 January 23-25, 2008 • Miami Beach Convention Center • Miami, Florida USA www.ITEXPO.com Hype Cycle for Enterprise Communications Apps 4 January 23-25, 2008 • Miami Beach Convention Center • Miami, Florida USA www.ITEXPO.com The “Network Complexity” Threat Internal and External Complexity is the Biggest Threat 5 January 23-25, 2008 • Miami Beach Convention Center • Miami, Florida USA www.ITEXPO.com The Expanding Exposure/Threat Landscape Database Server Farm Presence/UC Server Farm Email Server Farm Web Server Farm Enterprise C Enterprise B IP PBX Server Farm Mainframes IPS-DPI DB Firewall Anti-SPAM Enterprise Service Provider Voice Everywhere!!! WiFi BYOB “Broadband” UMA/GSM WiFi/WiMax Dual-Mode Dual-Mode SOHO/Remote January 23-25, 2008 • Miami Beach Convention Center • Miami, Florida USA 6 www.ITEXPO.com Weak Security Evolution to Converged Communications Medium Security High Asset Exposures Strong Security Medium Asset Exposures Low Asset Exposures Integrated Modular Systems January 23-25, 2008 • Miami Beach Convention Center • Miami, Florida USA Distributed Software and Systems 7 www.ITEXPO.com Communications Enabled Business Process (CEBP) Server/Solution Integration = New/Unknown Threat Potential 8 January 23-25, 2008 • Miami Beach Convention Center • Miami, Florida USA www.ITEXPO.com Evolving New Pain Points Emerge - VOIP Threats IP PBX VDOS Unified Messaging / PBX SPIT VPhishing High-Tech company “Advertisement” Network Banks IP PBX East/West banks Network Network Customers Account Number & PIN “Advertisement” NASA / NTT Fake IP PBX Number Harvesting Eavesdropping Toll Fraud IP PBX Major hospital IP PBX “123” FBI IP PBX “Buy $10,000,000” $40 billion loss “100” Network “456” Dad London Network Network “200” 123 456 100 200 300 “Buy $100,000,000” “300” Uncle Delhi Mom Tokyo 9 January 23-25, 2008 • Miami Beach Convention Center • Miami, Florida USA www.ITEXPO.com VOIP and UC Threats CERT Vulnerability Statistics (source: www.cert.org/stats) Security threats to networks in general are increasing over year (CERT Vulnerability Stats) • VOIP, UC and CEBP Applications present several hundreds of threat vectors (additional) • Security awareness within IP telephony is lagging “traditional data” in general 400 Vulnerabilities Reported 350 300 Vulnerability Notes Published 250 200 150 100 50 0 19 95 19 96 19 97 19 98 19 99 20 00 20 01 20 02 20 03 20 04 4500 4000 3500 3000 2500 2000 1500 1000 500 0 • Year 10 January 23-25, 2008 • Miami Beach Convention Center • Miami, Florida USA www.ITEXPO.com VOIP/UC Attacks Timeline GARTNER (2007) Enterprises that don’t spend on IP Telephony Security today will end up spending 20% of their Security Operations Budget on it in 2011. SPAM Blackhat Announces Vulnerability Microsoft Announces Vulnerability Loveletter $8B Loss Spyware Code Red $2.6B Loss Trojans Worms Virus 42% BotNet Slammer $2B Loss VOIP Phishing Cisco,Blackhat VOIP announce VOIP SPIT vulnerabilities UC attacks VOIP Vmail Spoof NASA VOIP Utility Data toVoice Pena - $1M VOIP Stealth - $26M Toll Fraud Panama - $100K Application 2005 $22B loss - SPAM Infrastructure Layer 1-4 Layer 5-7 Enterprises that are proactive in nature will only Bank of America spend 5% of IP Telephony Security St. Barbara Bank East Coast Bank 7% 5% 1995 2000 2005 January 23-25, 2008 • Miami Beach Convention Center • Miami, Florida USA 2010 11 www.ITEXPO.com Current Solutions are Lacking!! SMTP SIP, SCCP, H323, RTP Unprotected IP/UDP/TCP ICMP/IP Anomaly TCP Protocol Anomalies Anomalies SIP/RTP Unprotected Exposed Ports Weak Permissions EMAIL SPAM VOICE SPAM (SPIT) Unprotected ICMP Floods TCP / SYNC FLOOD Brute Force Attacks HTTP Viruses SIP RTP TLS Floods Unprotected Worms Malware Buffer Overflows Registration Hijacking Toll Fraud Call Forwarding Impersonation Spoofing Collaboration Session Tear Down Illegal Media Injection Redirection 1000s Of Other Attacks January 23-25, 2008 • Miami Beach Convention Center • Miami, Florida USA Unprotected Mixing Unprotected Unprotected 12 www.ITEXPO.com Emerging Awareness of VoIP/UC Vulnerabilities GARTNER (2007) • “Enterprises that don’t spend on IP Telephony Security today will end up spending 20% of their Security Operations Budget on it in 2011. • “Enterprises that are proactive in nature will only spend 5% of IP Telephony Security” Yankee Group 13 January 23-25, 2008 • Miami Beach Convention Center • Miami, Florida USA www.ITEXPO.com Visibility & Control of Multiple Enterprise Domains Enterprise C CEBP Solutions Enterprise B Database Server Farm Web Server Farm 4 DB Firewall Desktop Data & Voice VLAN Email Server Farm 5 VLAN Security 3 IPS-DPI Microsoft OCS Service Provider Anti-SPAM IP PBX, 1 VoIP VLAN A. Remote User VoIP B. SIP Trunking IP PBX, 2 Presence IP PBX/Presence/UM Server Farm WiFi VoIP Wireless Security Dual-Mode UMA/GSM WiFi/WiMax Enterprise A Dual-Mode 14 January 23-25, 2008 • Miami Beach Convention Center • Miami, Florida USA www.ITEXPO.com IT Needs Better "Visibility" & "Control" at the… 1. Corporate Network Edge • 2. WAN Mobility/Home Office/Branch Office/SIP trunking Corporate “Wireless Network” Edge • 3. Campus/Inbuilding WiFi-DECT VoIP Server DMZ • • 4. Critical Reliability Voice Assets PBX/Conference Bridges/IP Phones UC "Desktop/Server" Integrations • 5. Next generation Desktop UC solutions (OCS/IBM Lotus/Etc) CEBP "Server to Server" and “Server to Hosted Service” Integrations. • • Voice Enabled Oracle/SAP, Voice Enabled Salesforce.com Voice Alerts for Supply Chain, Converged B2B Federations , etc. 15 January 23-25, 2008 • Miami Beach Convention Center • Miami, Florida USA www.ITEXPO.com