Copyright© 2005 Avaya Inc. All rights reserved Integrated Management Overview February, 2006.
Copyright© 2003 Avaya Inc. All rights reserved Copyright© 2002 Avaya Inc. All rights reserved...
-
Upload
valentin-albarran -
Category
Documents
-
view
220 -
download
0
Transcript of Copyright© 2003 Avaya Inc. All rights reserved Copyright© 2002 Avaya Inc. All rights reserved...
![Page 1: Copyright© 2003 Avaya Inc. All rights reserved Copyright© 2002 Avaya Inc. All rights reserved Avaya – Proprietary Use pursuant to Company instructions.](https://reader035.fdocuments.in/reader035/viewer/2022062315/5665b4451a28abb57c9098ab/html5/thumbnails/1.jpg)
Copyright© 2003 Avaya Inc. All rights reservedCopyright© 2002 Avaya Inc. All rights reserved Avaya – Proprietary Use pursuant to Company instructions
Seguridad de la voz en Redes Convergentes
Miguel PascualSolution Architec para IP Telephony
![Page 2: Copyright© 2003 Avaya Inc. All rights reserved Copyright© 2002 Avaya Inc. All rights reserved Avaya – Proprietary Use pursuant to Company instructions.](https://reader035.fdocuments.in/reader035/viewer/2022062315/5665b4451a28abb57c9098ab/html5/thumbnails/2.jpg)
2
• Usando contraseñas adecuadas en los servidores
• Usando Antivirus
• Usando diferentes tipos de Firewalls
1. Static Filtering
2. Dynamic Filtering (Stateful Inspection)
3. Proxy
4. NAT/PNAT
• Usando IDS (Intruder Detection Systems)
• Combination of firewall and IDS is best
• Accesos Remotos y autentificación
• Esquemas de autentificación
• Passwords, PINs, Keywords, Tokens, Cryptocards, Smartcards, Digital
Cetificates anf private keys (PKI), PAP/CHAP, RADIUS, Kerberos, TACAS+
• Seguridad adicional
• Using VPNs, traffic is encrypted so confidentiality is guaranteed
¿Como protegemos nuestra red?
![Page 3: Copyright© 2003 Avaya Inc. All rights reserved Copyright© 2002 Avaya Inc. All rights reserved Avaya – Proprietary Use pursuant to Company instructions.](https://reader035.fdocuments.in/reader035/viewer/2022062315/5665b4451a28abb57c9098ab/html5/thumbnails/3.jpg)
3
Redes Convergentes
• Voz y datos en la misma red
• Infraestructura de red simplificada
• Menor coste de propiedad y administración
• Rápido desarrollo e implantación de aplicaciones– CRM
– Mensajeria Unificada
– video
• Aplicaciones y servicios distribuidos por la red
![Page 4: Copyright© 2003 Avaya Inc. All rights reserved Copyright© 2002 Avaya Inc. All rights reserved Avaya – Proprietary Use pursuant to Company instructions.](https://reader035.fdocuments.in/reader035/viewer/2022062315/5665b4451a28abb57c9098ab/html5/thumbnails/4.jpg)
4
Dirección de la tecnologia
2000 2000
Worldwide Worldwide IP TelephonyIP TelephonyLines ShippedLines Shipped(Millions)(Millions)
Worldwide Worldwide IP TelephonyIP TelephonyLines ShippedLines Shipped(Millions)(Millions)
39.6
32.7
24.6
17.0
8.8
5.0
0.7 2.0
40M40M
30M30M
20M20M
10M10M
2004 2004 2007 2007
![Page 5: Copyright© 2003 Avaya Inc. All rights reserved Copyright© 2002 Avaya Inc. All rights reserved Avaya – Proprietary Use pursuant to Company instructions.](https://reader035.fdocuments.in/reader035/viewer/2022062315/5665b4451a28abb57c9098ab/html5/thumbnails/5.jpg)
5
According to the Communications Fraud Control Association, communications fraud will represent $12 billion in losses in 2003!
Redes Convergentes
• Seguridad de IT tradicional enfocada en la red de datos
• La red de voz tiene diferentes problemas de seguridad
• La cada vez mayor integración de las redes, produce nuevos problemas de vulnerabilidad
• La voz y los datos ahora se enfrentan a los mismos peligros
Foco de la empresa en seguridad:
![Page 6: Copyright© 2003 Avaya Inc. All rights reserved Copyright© 2002 Avaya Inc. All rights reserved Avaya – Proprietary Use pursuant to Company instructions.](https://reader035.fdocuments.in/reader035/viewer/2022062315/5665b4451a28abb57c9098ab/html5/thumbnails/6.jpg)
6
Componentes
Media/Call ServersProcesamiento de Llamadas
Media Gateway
EndpointsIP, SIP, Digital o Analogico
IP
WAN
PSTNLAN
IP Phones Digital / Analog Phones
IP
IP
![Page 7: Copyright© 2003 Avaya Inc. All rights reserved Copyright© 2002 Avaya Inc. All rights reserved Avaya – Proprietary Use pursuant to Company instructions.](https://reader035.fdocuments.in/reader035/viewer/2022062315/5665b4451a28abb57c9098ab/html5/thumbnails/7.jpg)
7
Seguridad en la red de voz
• Entornos locales ( LAN, campus )
– Encriptación
• Señalización y voz
– Fiabilidad
• Arquitectura y topología
• redundancia
• Entornos remotos ( WAN )
![Page 8: Copyright© 2003 Avaya Inc. All rights reserved Copyright© 2002 Avaya Inc. All rights reserved Avaya – Proprietary Use pursuant to Company instructions.](https://reader035.fdocuments.in/reader035/viewer/2022062315/5665b4451a28abb57c9098ab/html5/thumbnails/8.jpg)
8
Seguridad del tráfico de voz con IPSec VPNs
Seguro, pero No efectivo
Avaya Security Gateway 203(IPSec VPN Gateway)
A%&78%$%ef
Avaya Security Gateway 5(IPSec VPN Gateway)
![Page 9: Copyright© 2003 Avaya Inc. All rights reserved Copyright© 2002 Avaya Inc. All rights reserved Avaya – Proprietary Use pursuant to Company instructions.](https://reader035.fdocuments.in/reader035/viewer/2022062315/5665b4451a28abb57c9098ab/html5/thumbnails/9.jpg)
9
Media EncryptionTM
• Tráfico de voz seguro
• La encriptación en los telefonos y Media Gateway
• Encryption entre todo tipo de dispositivos de la red IP
– IP Phone - IP Phone
– IP Phone - Media Gateway
– Media gateway - Media Gateway
A%&78%$%ef
Sin coste adicional!!!
Solo Avaya!!!
![Page 10: Copyright© 2003 Avaya Inc. All rights reserved Copyright© 2002 Avaya Inc. All rights reserved Avaya – Proprietary Use pursuant to Company instructions.](https://reader035.fdocuments.in/reader035/viewer/2022062315/5665b4451a28abb57c9098ab/html5/thumbnails/10.jpg)
10
Decodificar tráfico IP
• Cliente: No necesitamos encriptar el tráfico de voz ya que no hay nada confidencial
• Hacker capturan las conversaciones y las ponen en Internet
• La compañía puede ser clasificada de insegura
Riesgo es Reputación
Non AvayaVoIP phone
Non AvayaVoIP phone
Hacker http://vomit.xtdnet.nl/
![Page 11: Copyright© 2003 Avaya Inc. All rights reserved Copyright© 2002 Avaya Inc. All rights reserved Avaya – Proprietary Use pursuant to Company instructions.](https://reader035.fdocuments.in/reader035/viewer/2022062315/5665b4451a28abb57c9098ab/html5/thumbnails/11.jpg)
11
H.323 Link Encryption
G650
IP Phone
7777
IPSI
CLANVoIP Engine
(a.k.a. Prowler)
IP Phone
7777
![Page 12: Copyright© 2003 Avaya Inc. All rights reserved Copyright© 2002 Avaya Inc. All rights reserved Avaya – Proprietary Use pursuant to Company instructions.](https://reader035.fdocuments.in/reader035/viewer/2022062315/5665b4451a28abb57c9098ab/html5/thumbnails/12.jpg)
12
IPSI Link Security
AdminAdminVirtual Network
Encrypted IPSI Control (AES)
IPSI
IPSI
IPSI
VoIP Engine CLAN VoIP Engine CLAN VoIP Engine CLAN
IPSI IPSI
Redundant Encrypted IPSI Control (AES)