Security (Suscribirme)
Enlaces
Security in SIP-Based Networks
http://www.recursosvoip.com/docs/english/sipsc_wp.pdf
Fuente: Cisco Systems
Formato: PDF
This paper explores various network security threat models faced by today's Session Initiation Protocol (SIP)-based voice networks, and describes network security solutions based on Cisco SIP-enabled products.
Formato: PDF
This paper explores various network security threat models faced by today's Session Initiation Protocol (SIP)-based voice networks, and describes network security solutions based on Cisco SIP-enabled products.
Security Measures for Converged Networks
http://www.recursosvoip.com/docs/english/ConvergedNetworkSecurityWhitePaper061405.pdf
Fuente: intoto
Formato: PDF
IP networks are based on open standards and prone to threats for various reasons. An attacker tries to access servers to gain access to vital information of an organization or misuse voice services by unauthorized access. The attackers/ fraudsters can be corporate insiders, customers, or any outsider who knows how to exploit the weaknesses of the organization’s system and policies.
IP-based services are also prone to vulnerabilities. Voice services are highly critical and equally subject to attacks. Like IP services, VoIP networks are vulnerable to Denial of Service attacks, worms, viruses, etc.
Formato: PDF
IP networks are based on open standards and prone to threats for various reasons. An attacker tries to access servers to gain access to vital information of an organization or misuse voice services by unauthorized access. The attackers/ fraudsters can be corporate insiders, customers, or any outsider who knows how to exploit the weaknesses of the organization’s system and policies.
IP-based services are also prone to vulnerabilities. Voice services are highly critical and equally subject to attacks. Like IP services, VoIP networks are vulnerable to Denial of Service attacks, worms, viruses, etc.
Security Threats to IP Telephony-Based Networks
http://www.recursosvoip.com/docs/english/Security_Threats_toIP_Telephony-based_Networks.pdf
Fuente: Sys-Security.com
Formato: PDF
Privacy and Security are mandatory requirements with any telephony-based network, and a certain level of security has been achieved with traditional telephony-based networks. On the other hand, IP telephony-based networks, which might be a core part of our Telephony infrastructure in the near future, introduces caveats and security concerns which traditional telephony-based networks do not have to deal with, long forgot about, or learned to cope with. This paper highlights the security risk factors associated with IP telephony-based networks, and compares them, when appropriate, with the public switched telephony network (PSTN) and other traditional telephony-based solutions.
Formato: PDF
Privacy and Security are mandatory requirements with any telephony-based network, and a certain level of security has been achieved with traditional telephony-based networks. On the other hand, IP telephony-based networks, which might be a core part of our Telephony infrastructure in the near future, introduces caveats and security concerns which traditional telephony-based networks do not have to deal with, long forgot about, or learned to cope with. This paper highlights the security risk factors associated with IP telephony-based networks, and compares them, when appropriate, with the public switched telephony network (PSTN) and other traditional telephony-based solutions.
Session Border Control in IMS - An analysis of the requirements for Session Border Control in IMS ne
http://www.recursosvoip.com/docs/english/Data_Connection-SBCinIMS.pdf
Fuente: Data Connection
Formato: PDF
There is a lot of controversy and press coverage over both the role of Session Border Controllers (SBCs) and the design of the IP-Multimedia Subsystem (IMS). In this environment it is difficult to determine what are the real issues for each technology, let alone how they need to work together.
This white paper is aimed at equipment manufacturers looking at building SBC functionality into their product range to target the IMS market, and carriers and consultants looking to understand how an SBC fits into an IMS network.
It explains why IMS networks need session border control and what alternatives are available. It also looks at how these requirements are likely to evolve as services and access methods change, and discusses the function that products targeting this market require.
Formato: PDF
There is a lot of controversy and press coverage over both the role of Session Border Controllers (SBCs) and the design of the IP-Multimedia Subsystem (IMS). In this environment it is difficult to determine what are the real issues for each technology, let alone how they need to work together.
This white paper is aimed at equipment manufacturers looking at building SBC functionality into their product range to target the IMS market, and carriers and consultants looking to understand how an SBC fits into an IMS network.
It explains why IMS networks need session border control and what alternatives are available. It also looks at how these requirements are likely to evolve as services and access methods change, and discusses the function that products targeting this market require.
Session Border Control in IMS - based Converged Networks
http://www.recursosvoip.com/docs/english/73-Converged.pdf
Fuente: Newport Networks
Formato: PDF
Session Border Controllers (SBCs) that can be physically separated into signalling and media elements are an essential part of building converged networks based on an IMS core. Between access and core networks, SBCs provide signalling security, Lawful Interception, Emergency Call Handling and, where required, NAPT, firewalling and traffic policing at the media layer. Additionally, they can direct users to the correct home network. SBCs have the advantage that, unlike most elements in this newly defined architecture, the functionality is deployable today.
Formato: PDF
Session Border Controllers (SBCs) that can be physically separated into signalling and media elements are an essential part of building converged networks based on an IMS core. Between access and core networks, SBCs provide signalling security, Lawful Interception, Emergency Call Handling and, where required, NAPT, firewalling and traffic policing at the media layer. Additionally, they can direct users to the correct home network. SBCs have the advantage that, unlike most elements in this newly defined architecture, the functionality is deployable today.
Session Border Controller: A Solution for NAT/Firewall Traversal Issues
http://www.recursosvoip.com/docs/english/Session_Border_Controller.pdf
Fuente: Hughes Software Systems
Formato: PDF
Enterprise and residential users gain strategic advantages when their voice, video and data communications run over a single converged IP network infrastructure. Unfortunately, the ability to capitalize on IP communications systems has been severely compromised because all residential and enterprise networks have Firewall and Network Address Translation (NAT) devices. This white paper explores the typical problems faced by NAT/Firewall enabled VoIP network configurations, investigates the advantages and disadvantages of popular solutions to these problems and finally, advocates a solution that is realistic and deployable in today's context.
Formato: PDF
Enterprise and residential users gain strategic advantages when their voice, video and data communications run over a single converged IP network infrastructure. Unfortunately, the ability to capitalize on IP communications systems has been severely compromised because all residential and enterprise networks have Firewall and Network Address Translation (NAT) devices. This white paper explores the typical problems faced by NAT/Firewall enabled VoIP network configurations, investigates the advantages and disadvantages of popular solutions to these problems and finally, advocates a solution that is realistic and deployable in today's context.
SHOUT SVA: Secure VoIP Appliance
http://www.recursosvoip.com/docs/english/shout-v4g-gov.pdf
Fuente: Network Equipment Technologies
Formato: PDF
This paper describes the SHOUT platform which provides the powerful and complete voice over IP (VoIP) solution for the government market. The SHOUT platform supports analog, digital, and native IP voice, as well as port and trunk side serial data, making it a compelling solution for any government agency looking to deploy IP-based voice and data solutions.
Formato: PDF
This paper describes the SHOUT platform which provides the powerful and complete voice over IP (VoIP) solution for the government market. The SHOUT platform supports analog, digital, and native IP voice, as well as port and trunk side serial data, making it a compelling solution for any government agency looking to deploy IP-based voice and data solutions.
SIP Architecture with NAT
http://www.recursosvoip.com/docs/english/sip_architecture_with_nat_v1.0.pdf
Fuente: Siemens
Formato: PDF
This document describes the general requirements for establishing a SIP infrastructure over the Internet. The main focus is on access technologies such as ADSL modems, ADSL Routers and Firewalls. The aim of this document is to show an architecture capable of supporting most of these access technologies.
NAT is a big problem for VoIP communication, mainly because IP addresses are exchanged within higher-level protocols (H.323 & SIP). There are several strategies solving this problem, but none of them is a complete or satisfying solution. At the moment, a combination of several strategies/implementations provides be the best solution.
Formato: PDF
This document describes the general requirements for establishing a SIP infrastructure over the Internet. The main focus is on access technologies such as ADSL modems, ADSL Routers and Firewalls. The aim of this document is to show an architecture capable of supporting most of these access technologies.
NAT is a big problem for VoIP communication, mainly because IP addresses are exchanged within higher-level protocols (H.323 & SIP). There are several strategies solving this problem, but none of them is a complete or satisfying solution. At the moment, a combination of several strategies/implementations provides be the best solution.
SIP Call Security in an Open IP Network
http://www.recursosvoip.com/docs/english/19.pdf
Fuente: Helsinki University of Technology
Formato: PDF
This paper examines the security model and features present in the Session Initiation Protocol (SIP). Security and privacy issues of SIP are important because the protocol is going to be used in many future applications in open IP networks. SIP security builds on established solutions. The currently available security and privacy features of SIP are presented and analyzed. While not perfect, the available features do improve the security of SIP.
Formato: PDF
This paper examines the security model and features present in the Session Initiation Protocol (SIP). Security and privacy issues of SIP are important because the protocol is going to be used in many future applications in open IP networks. SIP security builds on established solutions. The currently available security and privacy features of SIP are presented and analyzed. While not perfect, the available features do improve the security of SIP.
SIP, NAT, and Firewalls
http://www.recursosvoip.com/docs/english/Ther0005_SIP.pdf
Fuente: Columbia University Department of Computer Science
Formato: PDF
The work presented in this Master’s Thesis is an examination of how the SIP signaling, which occurs when a so called IP Telephony session is set up, will be able to traverse firewalls. It is necessary to solve the problems/issues that SIP brings about when the SIP messages traverse firewalls if this protocol ever will gain popularity. In order to set up those data streams needed for transporting the sound in an IP telephony session the client enters his IP address and a port number in the SDP part of the SIP message to tell the other party where he should sent his audio data. Here is where problems occurs with the firewall. It needs to understand and interpret what the SIP message says to be able to set up rules for allowing traffic to pass through the firewall to these addresses. The problem is extended by the fact that it is common today to use “private addresses” on the LAN. These addresses are not allowed to exist on the Internet and thus the firewall software must remove this address and replace it with an address that is allowed on the Internet. A Network Address Translator (NAT) in the firewall normally does this together with Application Level Gateways (ALGs).
Formato: PDF
The work presented in this Master’s Thesis is an examination of how the SIP signaling, which occurs when a so called IP Telephony session is set up, will be able to traverse firewalls. It is necessary to solve the problems/issues that SIP brings about when the SIP messages traverse firewalls if this protocol ever will gain popularity. In order to set up those data streams needed for transporting the sound in an IP telephony session the client enters his IP address and a port number in the SDP part of the SIP message to tell the other party where he should sent his audio data. Here is where problems occurs with the firewall. It needs to understand and interpret what the SIP message says to be able to set up rules for allowing traffic to pass through the firewall to these addresses. The problem is extended by the fact that it is common today to use “private addresses” on the LAN. These addresses are not allowed to exist on the Internet and thus the firewall software must remove this address and replace it with an address that is allowed on the Internet. A Network Address Translator (NAT) in the firewall normally does this together with Application Level Gateways (ALGs).
Solving the Firewall and NAT Traversal Issues for Multimedia over IP Services
http://www.recursosvoip.com/docs/english/33-NAT-Traversal.pdf
Fuente: Newport Networks
Formato: PDF
Service Providers are looking at IP-based voice and multimedia services to solve some of their business challenges. For local access companies, including incumbents, LECs etc. this is about retaining business customers. For ISPs, it is about increasing revenue and profit by offering voice and multimedia services in addition to existing data/Internet services. For long-distance carriers, it is about reducing costs – particularly for interconnection with other providers. Finally, wholesale carriers want to offer enhanced services to their Service Provider customers and reduce their interconnection costs.
Unfortunately, a number of technical problems have, to date, prevented Service Providers and carriers alike from realising these benefits. Today, the most significant of these is to provide secure connection to subscribers behind NAT (Network Address Translation) devices and Firewalls. Overcoming this challenge will lead to widespread deployment of profitable voice and multimedia services over IP to any subscriber with a broadband connection.
This White Paper describes the various proposals for solving the NAT and Firewall traversal problems and shows how the Newport Networks 1460 session border controller provides the preferred solution for Service Providers.
Formato: PDF
Service Providers are looking at IP-based voice and multimedia services to solve some of their business challenges. For local access companies, including incumbents, LECs etc. this is about retaining business customers. For ISPs, it is about increasing revenue and profit by offering voice and multimedia services in addition to existing data/Internet services. For long-distance carriers, it is about reducing costs – particularly for interconnection with other providers. Finally, wholesale carriers want to offer enhanced services to their Service Provider customers and reduce their interconnection costs.
Unfortunately, a number of technical problems have, to date, prevented Service Providers and carriers alike from realising these benefits. Today, the most significant of these is to provide secure connection to subscribers behind NAT (Network Address Translation) devices and Firewalls. Overcoming this challenge will lead to widespread deployment of profitable voice and multimedia services over IP to any subscriber with a broadband connection.
This White Paper describes the various proposals for solving the NAT and Firewall traversal problems and shows how the Newport Networks 1460 session border controller provides the preferred solution for Service Providers.
The Ingate SIParator
http://www.recursosvoip.com/docs/english/White_paper_SIParator.pdf
Fuente: Ingate Systems
Formato: PDF
With the standardization of SIP as the Internet protocol for applications such as VoIP, instant messaging and IP telephony, businesses are eager to adapt their existing hardware to accept SIP. However, far too many companies have made substantial investments into legacy firewall technologies that are not capable of supporting this type of communication. In addition, enterprises are reluctant to touch existing security infrastructure for fear of creating security breaches. The award-winning Ingate SIParator addresses these issues by offering the introduction of a SIP-capable communications infrastructure while preserving the investment made in legacy firewalls.
Formato: PDF
With the standardization of SIP as the Internet protocol for applications such as VoIP, instant messaging and IP telephony, businesses are eager to adapt their existing hardware to accept SIP. However, far too many companies have made substantial investments into legacy firewall technologies that are not capable of supporting this type of communication. In addition, enterprises are reluctant to touch existing security infrastructure for fear of creating security breaches. The award-winning Ingate SIParator addresses these issues by offering the introduction of a SIP-capable communications infrastructure while preserving the investment made in legacy firewalls.
The SIP Protocol and Firewall Traversal
http://www.recursosvoip.com/docs/english/IntertexSIPWhitePaper.pdf
Fuente: Intertex
Formato: PDF
SIP (Session Initiation Protocol) is an Internet protocol for setting up sessions between users. It can be used for IP Telephony (voice and video), Presence, Instant Messaging, Conferencing and more. SIP is expected to have the same impact on Internet usage for IP Communication as SMTP had for email and HTTP had for the Web.
Protocols like SIP, setting up sessions between users present special problems when the users are residing on networks with a private address space (NAT) or when the users are protected by a firewall. Intertex (SOHO products) and Ingate (Enterprise products) have implemented unique SIP transparent Firewalls and NATs, by incorporating a SIP proxy and a SIP registrar dynamically controlling the firewall.
Formato: PDF
SIP (Session Initiation Protocol) is an Internet protocol for setting up sessions between users. It can be used for IP Telephony (voice and video), Presence, Instant Messaging, Conferencing and more. SIP is expected to have the same impact on Internet usage for IP Communication as SMTP had for email and HTTP had for the Web.
Protocols like SIP, setting up sessions between users present special problems when the users are residing on networks with a private address space (NAT) or when the users are protected by a firewall. Intertex (SOHO products) and Ingate (Enterprise products) have implemented unique SIP transparent Firewalls and NATs, by incorporating a SIP proxy and a SIP registrar dynamically controlling the firewall.
VeriSign IP Voice Brokering Services: IP Telephony Integration Services for Carriers
http://www.recursosvoip.com/docs/english/004266.pdf
Fuente: VeriSign
Formato: PDF
With the increasing complexity of today's technology environment and the continued growth of the hacker community, companies are experiencing difficulty in establishing the appropriate levels of security. With a dedicated team in place, the team can continually monitor and manage security systems such as Intrusion Detection Systems (IDSs), Intrusion Prevention Systems (IPSs), and firewalls. Conversely, VeriSign Managed Security Services (MSS) customers benefit from the wealth of threat data collected through the VeriSign TeraGuard architecture and the 24/7 expert analysis of that information. This paper will delve into the specific components of the TeraGuard architecture, offering the reader a detailed view of how VeriSign technology, combined with expert management and monitoring, helps organizations mitigate their risk potential.
Formato: PDF
With the increasing complexity of today's technology environment and the continued growth of the hacker community, companies are experiencing difficulty in establishing the appropriate levels of security. With a dedicated team in place, the team can continually monitor and manage security systems such as Intrusion Detection Systems (IDSs), Intrusion Prevention Systems (IPSs), and firewalls. Conversely, VeriSign Managed Security Services (MSS) customers benefit from the wealth of threat data collected through the VeriSign TeraGuard architecture and the 24/7 expert analysis of that information. This paper will delve into the specific components of the TeraGuard architecture, offering the reader a detailed view of how VeriSign technology, combined with expert management and monitoring, helps organizations mitigate their risk potential.
VeriSign NetDiscovery: Lawful Intercept and Subpoena Compliance Solutions
http://www.recursosvoip.com/docs/english/001927.pdf
Fuente: VeriSign
Formato: PDF
Maintaining compliance with government mandates can overburden a Communications Service Provider's (CSP's) resources across various organizations (Engineering, Operations, and Legal/Regulatory). Responding to the increasing number of government requests for lawful interception and customer records can pull time, money, and resources away from serving your core customer base for revenue-generating activities. VeriSign has proven success in the outsourced implementation of government-mandated issues such as Local Number Portability (LNP) and Communications Assistance for Law Enforcement Act (CALEA).With the VeriSign NetDiscovery service, VeriSign is meeting the needs of telecom network operators, cable operators, Internet service providers, and broadband providers with an outsourced solution for assisting government agencies with lawful interception and requests for subscriber records.
Formato: PDF
Maintaining compliance with government mandates can overburden a Communications Service Provider's (CSP's) resources across various organizations (Engineering, Operations, and Legal/Regulatory). Responding to the increasing number of government requests for lawful interception and customer records can pull time, money, and resources away from serving your core customer base for revenue-generating activities. VeriSign has proven success in the outsourced implementation of government-mandated issues such as Local Number Portability (LNP) and Communications Assistance for Law Enforcement Act (CALEA).With the VeriSign NetDiscovery service, VeriSign is meeting the needs of telecom network operators, cable operators, Internet service providers, and broadband providers with an outsourced solution for assisting government agencies with lawful interception and requests for subscriber records.
