network convergence for banking industry – some basics s.r.balasubramanian advisor – technology...
TRANSCRIPT
Network Convergence for Banking Network Convergence for Banking Industry ndash some basicsIndustry ndash some basics
SRBALASUBRAMANIANAdvisor ndash Technology InfrastructureBarclays Bank PLC19 January 2007
AGENDA
bull Concept of Network Convergence
bull Why Network Convergence
bull What are the types of Convergence
bull Obstructions to Network Convergence
bull Security concerns and Mitigation steps
bull Conclusion
AGENDA
bull Concept of Network Convergencebull Why Network Convergencebull What are the types of Convergencebull Obstructions to Network Convergencebull Security concerns and Mitigation stepsbull Conclusion
Concept of Network Convergence
bull It is a Standard Platform that allows you to integrate Data Voice Fax Video and other Telephony applications
bull It is the passport for the organizationrsquos future success
DefinitionFor the Operator
bull Ability to extend service offering to consumersbull Ability to provide the same level of service across multiple
networksbull Ability to use the same network for Voice Video Data
For the Consumer
bull Ability to move across multiple networksbull Ability to access same or similar levels of services from
anywherebull Ability to cross integrate across multiple networks
Concept of Network Convergence-Contd
What are the motivation FactorsFor Operatorsbull Service bundling generates additional revenuesbull Utilization of capacity in a better waybull Growth potential and sustainabilityFor ApplicationService Providersbull Create service and applications that are available
from anywhere at the same timebull New servicesapplications are made possible (place
shiftingTime shifting technologies)bull Integrating across SilosFor Consumersbull Ubiquitous (being every where at the same time)
access to data and services
AGENDA
bull Concept of Network Convergence
bull Why Network Convergence
bull What are the types of Convergence
bull Obstructions to Network Convergence
bull Security concerns and Mitigation steps
bull Conclusion
Why Network Convergence
bull A vision of the Futurebull Lower Costbull Simplified Provisioning - Reduction in cables cable plants One
medium
bull Easier Management - Due to combination of multiple systems and NW
bull Less Maintenance ndash Because of reduction in the number of cable plants
bull Fewer User Interfaces ndash use of single cable plant with appropriate switching
bull More Rapid Provisioning ndash Existing cables can carry new signals and new services can be engineered
bull Improved service - Due to fewer components service quality improved
bull New services ndash Use of IP as common switching technology More intelligence resides on user equipment Need for fixed services reduced
bull Simplification of userrsquos Life ndash Less cables at user desk
AGENDA
bull Concept of Network Convergence
bull Why Network Convergence
bull What are the types of Convergence
bull Obstructions to Network Convergence
bull Security concerns and Mitigation steps
bull Conclusion
Types of Convergencebull TRANSPORTbull Same physical pipes and transport technology carry multiple services
usually of different customersbull Convergence at this level is primarily used by carriers to provision their
infra strbull Used for local access as well as reducing the customerrsquos overall Telecom
bill
bull SWITCHINGbull Same cable plant carries different types of traffic carries out proper
switchingbull Distinction between services becomes less distinct or disappears entirelybull Users see a bit pipe and services are defined by end - user equipment
bull APPLICATIONbull The same end-user type of device and network handles delivers all contentbull User does not have separate network interface devices
bull TELECOMMUNICATION ITbull Closing of the distinction between Telecom and Information Processing ndash
use of application service providers and Network computingbull Multiple functions provided through one source
Network Architecture for IT and Communications
bull CENTRALIZEDbull Places all the applications mgmt and network connections in a
single pointbull Worked well when networks and computers were expensivebull Initially used by large organizations
bull HORIZONTALbull Resembles an organizational chartbull Large enterprises like banks and schools with off- campus facilities
fit this modelbull The architecture design is flexible and can last a long time
bull HIERARCHICALbull More flexible allows sites to be added easilybull Loss of one site does not bring down the operation of other sitesbull Modular approach can produce a longer lasting solution
bull Architecture of Choice ndash Consistent Obvious (similar to other experiences limiting training expenses and reducing errors) amp Intuitive
AGENDA
bull Concept of Network Convergencebull Why Network Convergencebull What are the types of Convergencebull Obstructions to Network Convergencebull Security concerns and Mitigation stepsbull Conclusion
Obstructions to Network Convergence
bull Inertia needed to change infrastructure ndash You would have invested considerable time material and effort for the existing Network
bull Regulatory ndash Massive Governmental regulatory regime
bull Human Factors ndash users consumers have to be convinced of the benefits
bull Protocol Standards and Compatibility Issues -In some converged services the market has not stabilized thus standards and compatibility remains a potential problem
bull Clash of Cultures - Telecommunication and IT take polar views of how a network should run Telecom staffers believe data Networks are unstable while IT managers tend towards networking (fast packet rates)
bull Need to Interoperate with existing Infrastructure amp Applications -
No new solution will be acceptable if it does not interoperate with existing systems and applications
bull Unproven reliability and availability - In case of major technological changes CEOs want to have POC that new system will perform at levels
equal to or exceeding the existing system
AGENDA
bull Concept of Network Convergence
bull Why Network Convergence
bull What are the types of Convergence
bull Obstructions to Network Convergence
bull Security concerns and Mitigation steps
bull Conclusion
Security concerns on converged Networks
Threats and Attacks - Denial of Service (DoS) ndash Voice
or Network Infrastructurebull 1048707 Malicious codebull 1048707 System vulnerabilitiesbull 1048707 Unauthorized accessbull 1048707 Packet or call floodsbull 1048707 Network or call routingforwarding
disruptionsbull 1048707 Priority queue exhaustionbull 1048707 Invalid connection terminationsbull 1048707 Spam over Internet Telephony (SPIT)bull 1048707 Account lockouts
Security concerns on converged Networks- Contd
Threats and Attacks - Non DoS data or Voice
Service outage
bull Hardware or software failurebull Loss of power or coolingbull Cable cutsbull Improper configurationbull Insufficient change and problem management practices
Security concerns on converged Networks- Contd
bull Threats and Attacks - Environmental Control Issues ndash Power and Cooling
bull Terrorism
bull Utilities
bull Accidental
bull Acts of nature
bull Equipment failure
Threats and Attacks-Vulnerabilities of Converged Networks
bull Attacks against the data network and services can indirectly or directly affect voice services
bull The data network can provide communication paths that permit attacks directly against the voice environment
bull One current area of concern is the use of IP soft phones or other IP voice communications applications on the data network
ndash Prevents the use of strong conventional approaches to logical separation and protection
ndash PCs have demonstrated continued susceptibility to mal ware and spy ware
Security concerns on converged Networks- Contd
Threats and Attacks Malicious Code bull The data industry is very familiar with mal ware
threats and attacks IP voice services will naturally face similar issues
bull IP voice services must be concerned with both mal ware attacks in the data environment as well as attacks directed at the voice environment
bull Malicious code can be introduced in a variety of ways
ndash Exploit vulnerabilities in applications or operating system ndash E-mail attachments ndash Instant messaging programs
bull Common attacks and infections ndash Trojan horse worms bots key-loggers root kits and spy ware
Threats and AttacksIdentity Privacy and Integrity Issues
bull Session hi-jackingbull Compromised system
accountsbull Unauthorized call routingbull Unauthorized access to
voice or NW componentsbull Unauthorized data
accessbull Unwanted content
exposurebull Malicious code and spy
ware
bull Social Engineeringbull Phishing schemesbull Network identity
masqueradingbull Voice identity
masqueradingbull Unauthorized NW accessbull Unauthorized access to
voice servicesbull Caller-ID hacksbull Voice mailbox squatting
or redirection
MitigationandRecommendations
Mitigation and RecommendationsDenial of Service (DoS) - Voice or Network Infrastructure
bull Follow ldquoBest Practicesrdquobull Process and procedures for secure configuration
management and operationbull Harden voice and network infrastructure devices thru
embedded or adjunct mechanismsbull Control network traffic to limit exposure to attacks and
minimize damagebull Compartmentalize networks and services for voice and
databull Implement NW access authentication where
possiblefeasible bull Utilize emerging technologies for admission controlbull Utilize verified software and firmware (such as IP phone
firmware)
Mitigation and RecommendationsNon-Dos Data or Voice Service Outages
bull Redundant networks data services and voice services
ndash Diverse paths and diverse providers where possible and appropriate
ndash Provide redundant centralized services that are geographically
dispersedbull Backup and emergency voice servicesbull Redundant and diverse power ndash Multiple feeds circuits UPS generators devices with dual
power suppliesbull Redundant and resilient cooling andor provide
for emergency procedures and equipmentbull Develop disaster recovery plans and procedures
(include backup equipment and backup sites)
Mitigation and RecommendationsEnvironmental Control Issues ndash Power and Cooling
bull Multiple diverse path building power feedsbull Network and voice devices should use diverse building
powerbull Utilize Power-over-Ethernet (PoE)bull Utilize UPS power for infrastructure devicesbull Utilize emergency generator backup power for critical
componentsbull Provision portable AC units for critical infrastructure
componentsbull Develop standards policies and procedures for dealing
with environmental control issues
Mitigation and RecommendationsVulnerabilities of Converged Networks
bull Develop process and procedures for secure configuration
management and operation of NW and voice infrastructure
devices
bull Access authentication particularly in common areas
bull Disable unused services or protocols on voice compartments
bull Restrict access to services or protocols in the voice compartment that are used by management and support
bull Disable embedded data switch ports on IP phones when not
neededdesired (such as lobbies cafeterias etc)
AGENDA
bull Concept of Network Convergence
bull Why Network Convergence
bull What are the types of Convergence
bull Obstructions to Network Convergence
bull Security concerns and Mitigation steps
bull Conclusion
Conclusions
bull Look at Convergence on a broad anglebull Donrsquot focus too much on Technological
capabilities alonebull You need not be market leader Best to be market
followerbull Be agile work smarter Identify new challenges
earlybull Respond more effectively and compete more
successfullybull Ensure compliance Manage all forms of risks
more effectivelybull Integrate your channels to market effectively
through converged IT and communication servicesbull Protect - Detect - React to Security breaches
Thank Youamp
Your questions are welcome
Contact yesarebeyahoocom
- PowerPoint Presentation
- AGENDA
- Slide 3
- Concept of Network Convergence
- Concept of Network Convergence-Contd
- Slide 6
- Why Network Convergence
- Slide 8
- Types of Convergence
- Network Architecture for IT and Communications
- Slide 11
- Obstructions to Network Convergence
- Slide 13
- Security concerns on converged Networks
- Security concerns on converged Networks- Contd
- Slide 16
- Threats and Attacks-Vulnerabilities of Converged Networks
- Slide 18
- Threats and Attacks Identity Privacy and Integrity Issues
- Slide 20
- Mitigation and Recommendations Denial of Service (DoS) - Voice or Network Infrastructure
- Mitigation and Recommendations Non-Dos Data or Voice Service Outages
- Mitigation and Recommendations Environmental Control Issues ndash Power and Cooling
- Mitigation and Recommendations Vulnerabilities of Converged Networks
- Slide 25
- Conclusions
- Slide 27
-
AGENDA
bull Concept of Network Convergence
bull Why Network Convergence
bull What are the types of Convergence
bull Obstructions to Network Convergence
bull Security concerns and Mitigation steps
bull Conclusion
AGENDA
bull Concept of Network Convergencebull Why Network Convergencebull What are the types of Convergencebull Obstructions to Network Convergencebull Security concerns and Mitigation stepsbull Conclusion
Concept of Network Convergence
bull It is a Standard Platform that allows you to integrate Data Voice Fax Video and other Telephony applications
bull It is the passport for the organizationrsquos future success
DefinitionFor the Operator
bull Ability to extend service offering to consumersbull Ability to provide the same level of service across multiple
networksbull Ability to use the same network for Voice Video Data
For the Consumer
bull Ability to move across multiple networksbull Ability to access same or similar levels of services from
anywherebull Ability to cross integrate across multiple networks
Concept of Network Convergence-Contd
What are the motivation FactorsFor Operatorsbull Service bundling generates additional revenuesbull Utilization of capacity in a better waybull Growth potential and sustainabilityFor ApplicationService Providersbull Create service and applications that are available
from anywhere at the same timebull New servicesapplications are made possible (place
shiftingTime shifting technologies)bull Integrating across SilosFor Consumersbull Ubiquitous (being every where at the same time)
access to data and services
AGENDA
bull Concept of Network Convergence
bull Why Network Convergence
bull What are the types of Convergence
bull Obstructions to Network Convergence
bull Security concerns and Mitigation steps
bull Conclusion
Why Network Convergence
bull A vision of the Futurebull Lower Costbull Simplified Provisioning - Reduction in cables cable plants One
medium
bull Easier Management - Due to combination of multiple systems and NW
bull Less Maintenance ndash Because of reduction in the number of cable plants
bull Fewer User Interfaces ndash use of single cable plant with appropriate switching
bull More Rapid Provisioning ndash Existing cables can carry new signals and new services can be engineered
bull Improved service - Due to fewer components service quality improved
bull New services ndash Use of IP as common switching technology More intelligence resides on user equipment Need for fixed services reduced
bull Simplification of userrsquos Life ndash Less cables at user desk
AGENDA
bull Concept of Network Convergence
bull Why Network Convergence
bull What are the types of Convergence
bull Obstructions to Network Convergence
bull Security concerns and Mitigation steps
bull Conclusion
Types of Convergencebull TRANSPORTbull Same physical pipes and transport technology carry multiple services
usually of different customersbull Convergence at this level is primarily used by carriers to provision their
infra strbull Used for local access as well as reducing the customerrsquos overall Telecom
bill
bull SWITCHINGbull Same cable plant carries different types of traffic carries out proper
switchingbull Distinction between services becomes less distinct or disappears entirelybull Users see a bit pipe and services are defined by end - user equipment
bull APPLICATIONbull The same end-user type of device and network handles delivers all contentbull User does not have separate network interface devices
bull TELECOMMUNICATION ITbull Closing of the distinction between Telecom and Information Processing ndash
use of application service providers and Network computingbull Multiple functions provided through one source
Network Architecture for IT and Communications
bull CENTRALIZEDbull Places all the applications mgmt and network connections in a
single pointbull Worked well when networks and computers were expensivebull Initially used by large organizations
bull HORIZONTALbull Resembles an organizational chartbull Large enterprises like banks and schools with off- campus facilities
fit this modelbull The architecture design is flexible and can last a long time
bull HIERARCHICALbull More flexible allows sites to be added easilybull Loss of one site does not bring down the operation of other sitesbull Modular approach can produce a longer lasting solution
bull Architecture of Choice ndash Consistent Obvious (similar to other experiences limiting training expenses and reducing errors) amp Intuitive
AGENDA
bull Concept of Network Convergencebull Why Network Convergencebull What are the types of Convergencebull Obstructions to Network Convergencebull Security concerns and Mitigation stepsbull Conclusion
Obstructions to Network Convergence
bull Inertia needed to change infrastructure ndash You would have invested considerable time material and effort for the existing Network
bull Regulatory ndash Massive Governmental regulatory regime
bull Human Factors ndash users consumers have to be convinced of the benefits
bull Protocol Standards and Compatibility Issues -In some converged services the market has not stabilized thus standards and compatibility remains a potential problem
bull Clash of Cultures - Telecommunication and IT take polar views of how a network should run Telecom staffers believe data Networks are unstable while IT managers tend towards networking (fast packet rates)
bull Need to Interoperate with existing Infrastructure amp Applications -
No new solution will be acceptable if it does not interoperate with existing systems and applications
bull Unproven reliability and availability - In case of major technological changes CEOs want to have POC that new system will perform at levels
equal to or exceeding the existing system
AGENDA
bull Concept of Network Convergence
bull Why Network Convergence
bull What are the types of Convergence
bull Obstructions to Network Convergence
bull Security concerns and Mitigation steps
bull Conclusion
Security concerns on converged Networks
Threats and Attacks - Denial of Service (DoS) ndash Voice
or Network Infrastructurebull 1048707 Malicious codebull 1048707 System vulnerabilitiesbull 1048707 Unauthorized accessbull 1048707 Packet or call floodsbull 1048707 Network or call routingforwarding
disruptionsbull 1048707 Priority queue exhaustionbull 1048707 Invalid connection terminationsbull 1048707 Spam over Internet Telephony (SPIT)bull 1048707 Account lockouts
Security concerns on converged Networks- Contd
Threats and Attacks - Non DoS data or Voice
Service outage
bull Hardware or software failurebull Loss of power or coolingbull Cable cutsbull Improper configurationbull Insufficient change and problem management practices
Security concerns on converged Networks- Contd
bull Threats and Attacks - Environmental Control Issues ndash Power and Cooling
bull Terrorism
bull Utilities
bull Accidental
bull Acts of nature
bull Equipment failure
Threats and Attacks-Vulnerabilities of Converged Networks
bull Attacks against the data network and services can indirectly or directly affect voice services
bull The data network can provide communication paths that permit attacks directly against the voice environment
bull One current area of concern is the use of IP soft phones or other IP voice communications applications on the data network
ndash Prevents the use of strong conventional approaches to logical separation and protection
ndash PCs have demonstrated continued susceptibility to mal ware and spy ware
Security concerns on converged Networks- Contd
Threats and Attacks Malicious Code bull The data industry is very familiar with mal ware
threats and attacks IP voice services will naturally face similar issues
bull IP voice services must be concerned with both mal ware attacks in the data environment as well as attacks directed at the voice environment
bull Malicious code can be introduced in a variety of ways
ndash Exploit vulnerabilities in applications or operating system ndash E-mail attachments ndash Instant messaging programs
bull Common attacks and infections ndash Trojan horse worms bots key-loggers root kits and spy ware
Threats and AttacksIdentity Privacy and Integrity Issues
bull Session hi-jackingbull Compromised system
accountsbull Unauthorized call routingbull Unauthorized access to
voice or NW componentsbull Unauthorized data
accessbull Unwanted content
exposurebull Malicious code and spy
ware
bull Social Engineeringbull Phishing schemesbull Network identity
masqueradingbull Voice identity
masqueradingbull Unauthorized NW accessbull Unauthorized access to
voice servicesbull Caller-ID hacksbull Voice mailbox squatting
or redirection
MitigationandRecommendations
Mitigation and RecommendationsDenial of Service (DoS) - Voice or Network Infrastructure
bull Follow ldquoBest Practicesrdquobull Process and procedures for secure configuration
management and operationbull Harden voice and network infrastructure devices thru
embedded or adjunct mechanismsbull Control network traffic to limit exposure to attacks and
minimize damagebull Compartmentalize networks and services for voice and
databull Implement NW access authentication where
possiblefeasible bull Utilize emerging technologies for admission controlbull Utilize verified software and firmware (such as IP phone
firmware)
Mitigation and RecommendationsNon-Dos Data or Voice Service Outages
bull Redundant networks data services and voice services
ndash Diverse paths and diverse providers where possible and appropriate
ndash Provide redundant centralized services that are geographically
dispersedbull Backup and emergency voice servicesbull Redundant and diverse power ndash Multiple feeds circuits UPS generators devices with dual
power suppliesbull Redundant and resilient cooling andor provide
for emergency procedures and equipmentbull Develop disaster recovery plans and procedures
(include backup equipment and backup sites)
Mitigation and RecommendationsEnvironmental Control Issues ndash Power and Cooling
bull Multiple diverse path building power feedsbull Network and voice devices should use diverse building
powerbull Utilize Power-over-Ethernet (PoE)bull Utilize UPS power for infrastructure devicesbull Utilize emergency generator backup power for critical
componentsbull Provision portable AC units for critical infrastructure
componentsbull Develop standards policies and procedures for dealing
with environmental control issues
Mitigation and RecommendationsVulnerabilities of Converged Networks
bull Develop process and procedures for secure configuration
management and operation of NW and voice infrastructure
devices
bull Access authentication particularly in common areas
bull Disable unused services or protocols on voice compartments
bull Restrict access to services or protocols in the voice compartment that are used by management and support
bull Disable embedded data switch ports on IP phones when not
neededdesired (such as lobbies cafeterias etc)
AGENDA
bull Concept of Network Convergence
bull Why Network Convergence
bull What are the types of Convergence
bull Obstructions to Network Convergence
bull Security concerns and Mitigation steps
bull Conclusion
Conclusions
bull Look at Convergence on a broad anglebull Donrsquot focus too much on Technological
capabilities alonebull You need not be market leader Best to be market
followerbull Be agile work smarter Identify new challenges
earlybull Respond more effectively and compete more
successfullybull Ensure compliance Manage all forms of risks
more effectivelybull Integrate your channels to market effectively
through converged IT and communication servicesbull Protect - Detect - React to Security breaches
Thank Youamp
Your questions are welcome
Contact yesarebeyahoocom
- PowerPoint Presentation
- AGENDA
- Slide 3
- Concept of Network Convergence
- Concept of Network Convergence-Contd
- Slide 6
- Why Network Convergence
- Slide 8
- Types of Convergence
- Network Architecture for IT and Communications
- Slide 11
- Obstructions to Network Convergence
- Slide 13
- Security concerns on converged Networks
- Security concerns on converged Networks- Contd
- Slide 16
- Threats and Attacks-Vulnerabilities of Converged Networks
- Slide 18
- Threats and Attacks Identity Privacy and Integrity Issues
- Slide 20
- Mitigation and Recommendations Denial of Service (DoS) - Voice or Network Infrastructure
- Mitigation and Recommendations Non-Dos Data or Voice Service Outages
- Mitigation and Recommendations Environmental Control Issues ndash Power and Cooling
- Mitigation and Recommendations Vulnerabilities of Converged Networks
- Slide 25
- Conclusions
- Slide 27
-
AGENDA
bull Concept of Network Convergencebull Why Network Convergencebull What are the types of Convergencebull Obstructions to Network Convergencebull Security concerns and Mitigation stepsbull Conclusion
Concept of Network Convergence
bull It is a Standard Platform that allows you to integrate Data Voice Fax Video and other Telephony applications
bull It is the passport for the organizationrsquos future success
DefinitionFor the Operator
bull Ability to extend service offering to consumersbull Ability to provide the same level of service across multiple
networksbull Ability to use the same network for Voice Video Data
For the Consumer
bull Ability to move across multiple networksbull Ability to access same or similar levels of services from
anywherebull Ability to cross integrate across multiple networks
Concept of Network Convergence-Contd
What are the motivation FactorsFor Operatorsbull Service bundling generates additional revenuesbull Utilization of capacity in a better waybull Growth potential and sustainabilityFor ApplicationService Providersbull Create service and applications that are available
from anywhere at the same timebull New servicesapplications are made possible (place
shiftingTime shifting technologies)bull Integrating across SilosFor Consumersbull Ubiquitous (being every where at the same time)
access to data and services
AGENDA
bull Concept of Network Convergence
bull Why Network Convergence
bull What are the types of Convergence
bull Obstructions to Network Convergence
bull Security concerns and Mitigation steps
bull Conclusion
Why Network Convergence
bull A vision of the Futurebull Lower Costbull Simplified Provisioning - Reduction in cables cable plants One
medium
bull Easier Management - Due to combination of multiple systems and NW
bull Less Maintenance ndash Because of reduction in the number of cable plants
bull Fewer User Interfaces ndash use of single cable plant with appropriate switching
bull More Rapid Provisioning ndash Existing cables can carry new signals and new services can be engineered
bull Improved service - Due to fewer components service quality improved
bull New services ndash Use of IP as common switching technology More intelligence resides on user equipment Need for fixed services reduced
bull Simplification of userrsquos Life ndash Less cables at user desk
AGENDA
bull Concept of Network Convergence
bull Why Network Convergence
bull What are the types of Convergence
bull Obstructions to Network Convergence
bull Security concerns and Mitigation steps
bull Conclusion
Types of Convergencebull TRANSPORTbull Same physical pipes and transport technology carry multiple services
usually of different customersbull Convergence at this level is primarily used by carriers to provision their
infra strbull Used for local access as well as reducing the customerrsquos overall Telecom
bill
bull SWITCHINGbull Same cable plant carries different types of traffic carries out proper
switchingbull Distinction between services becomes less distinct or disappears entirelybull Users see a bit pipe and services are defined by end - user equipment
bull APPLICATIONbull The same end-user type of device and network handles delivers all contentbull User does not have separate network interface devices
bull TELECOMMUNICATION ITbull Closing of the distinction between Telecom and Information Processing ndash
use of application service providers and Network computingbull Multiple functions provided through one source
Network Architecture for IT and Communications
bull CENTRALIZEDbull Places all the applications mgmt and network connections in a
single pointbull Worked well when networks and computers were expensivebull Initially used by large organizations
bull HORIZONTALbull Resembles an organizational chartbull Large enterprises like banks and schools with off- campus facilities
fit this modelbull The architecture design is flexible and can last a long time
bull HIERARCHICALbull More flexible allows sites to be added easilybull Loss of one site does not bring down the operation of other sitesbull Modular approach can produce a longer lasting solution
bull Architecture of Choice ndash Consistent Obvious (similar to other experiences limiting training expenses and reducing errors) amp Intuitive
AGENDA
bull Concept of Network Convergencebull Why Network Convergencebull What are the types of Convergencebull Obstructions to Network Convergencebull Security concerns and Mitigation stepsbull Conclusion
Obstructions to Network Convergence
bull Inertia needed to change infrastructure ndash You would have invested considerable time material and effort for the existing Network
bull Regulatory ndash Massive Governmental regulatory regime
bull Human Factors ndash users consumers have to be convinced of the benefits
bull Protocol Standards and Compatibility Issues -In some converged services the market has not stabilized thus standards and compatibility remains a potential problem
bull Clash of Cultures - Telecommunication and IT take polar views of how a network should run Telecom staffers believe data Networks are unstable while IT managers tend towards networking (fast packet rates)
bull Need to Interoperate with existing Infrastructure amp Applications -
No new solution will be acceptable if it does not interoperate with existing systems and applications
bull Unproven reliability and availability - In case of major technological changes CEOs want to have POC that new system will perform at levels
equal to or exceeding the existing system
AGENDA
bull Concept of Network Convergence
bull Why Network Convergence
bull What are the types of Convergence
bull Obstructions to Network Convergence
bull Security concerns and Mitigation steps
bull Conclusion
Security concerns on converged Networks
Threats and Attacks - Denial of Service (DoS) ndash Voice
or Network Infrastructurebull 1048707 Malicious codebull 1048707 System vulnerabilitiesbull 1048707 Unauthorized accessbull 1048707 Packet or call floodsbull 1048707 Network or call routingforwarding
disruptionsbull 1048707 Priority queue exhaustionbull 1048707 Invalid connection terminationsbull 1048707 Spam over Internet Telephony (SPIT)bull 1048707 Account lockouts
Security concerns on converged Networks- Contd
Threats and Attacks - Non DoS data or Voice
Service outage
bull Hardware or software failurebull Loss of power or coolingbull Cable cutsbull Improper configurationbull Insufficient change and problem management practices
Security concerns on converged Networks- Contd
bull Threats and Attacks - Environmental Control Issues ndash Power and Cooling
bull Terrorism
bull Utilities
bull Accidental
bull Acts of nature
bull Equipment failure
Threats and Attacks-Vulnerabilities of Converged Networks
bull Attacks against the data network and services can indirectly or directly affect voice services
bull The data network can provide communication paths that permit attacks directly against the voice environment
bull One current area of concern is the use of IP soft phones or other IP voice communications applications on the data network
ndash Prevents the use of strong conventional approaches to logical separation and protection
ndash PCs have demonstrated continued susceptibility to mal ware and spy ware
Security concerns on converged Networks- Contd
Threats and Attacks Malicious Code bull The data industry is very familiar with mal ware
threats and attacks IP voice services will naturally face similar issues
bull IP voice services must be concerned with both mal ware attacks in the data environment as well as attacks directed at the voice environment
bull Malicious code can be introduced in a variety of ways
ndash Exploit vulnerabilities in applications or operating system ndash E-mail attachments ndash Instant messaging programs
bull Common attacks and infections ndash Trojan horse worms bots key-loggers root kits and spy ware
Threats and AttacksIdentity Privacy and Integrity Issues
bull Session hi-jackingbull Compromised system
accountsbull Unauthorized call routingbull Unauthorized access to
voice or NW componentsbull Unauthorized data
accessbull Unwanted content
exposurebull Malicious code and spy
ware
bull Social Engineeringbull Phishing schemesbull Network identity
masqueradingbull Voice identity
masqueradingbull Unauthorized NW accessbull Unauthorized access to
voice servicesbull Caller-ID hacksbull Voice mailbox squatting
or redirection
MitigationandRecommendations
Mitigation and RecommendationsDenial of Service (DoS) - Voice or Network Infrastructure
bull Follow ldquoBest Practicesrdquobull Process and procedures for secure configuration
management and operationbull Harden voice and network infrastructure devices thru
embedded or adjunct mechanismsbull Control network traffic to limit exposure to attacks and
minimize damagebull Compartmentalize networks and services for voice and
databull Implement NW access authentication where
possiblefeasible bull Utilize emerging technologies for admission controlbull Utilize verified software and firmware (such as IP phone
firmware)
Mitigation and RecommendationsNon-Dos Data or Voice Service Outages
bull Redundant networks data services and voice services
ndash Diverse paths and diverse providers where possible and appropriate
ndash Provide redundant centralized services that are geographically
dispersedbull Backup and emergency voice servicesbull Redundant and diverse power ndash Multiple feeds circuits UPS generators devices with dual
power suppliesbull Redundant and resilient cooling andor provide
for emergency procedures and equipmentbull Develop disaster recovery plans and procedures
(include backup equipment and backup sites)
Mitigation and RecommendationsEnvironmental Control Issues ndash Power and Cooling
bull Multiple diverse path building power feedsbull Network and voice devices should use diverse building
powerbull Utilize Power-over-Ethernet (PoE)bull Utilize UPS power for infrastructure devicesbull Utilize emergency generator backup power for critical
componentsbull Provision portable AC units for critical infrastructure
componentsbull Develop standards policies and procedures for dealing
with environmental control issues
Mitigation and RecommendationsVulnerabilities of Converged Networks
bull Develop process and procedures for secure configuration
management and operation of NW and voice infrastructure
devices
bull Access authentication particularly in common areas
bull Disable unused services or protocols on voice compartments
bull Restrict access to services or protocols in the voice compartment that are used by management and support
bull Disable embedded data switch ports on IP phones when not
neededdesired (such as lobbies cafeterias etc)
AGENDA
bull Concept of Network Convergence
bull Why Network Convergence
bull What are the types of Convergence
bull Obstructions to Network Convergence
bull Security concerns and Mitigation steps
bull Conclusion
Conclusions
bull Look at Convergence on a broad anglebull Donrsquot focus too much on Technological
capabilities alonebull You need not be market leader Best to be market
followerbull Be agile work smarter Identify new challenges
earlybull Respond more effectively and compete more
successfullybull Ensure compliance Manage all forms of risks
more effectivelybull Integrate your channels to market effectively
through converged IT and communication servicesbull Protect - Detect - React to Security breaches
Thank Youamp
Your questions are welcome
Contact yesarebeyahoocom
- PowerPoint Presentation
- AGENDA
- Slide 3
- Concept of Network Convergence
- Concept of Network Convergence-Contd
- Slide 6
- Why Network Convergence
- Slide 8
- Types of Convergence
- Network Architecture for IT and Communications
- Slide 11
- Obstructions to Network Convergence
- Slide 13
- Security concerns on converged Networks
- Security concerns on converged Networks- Contd
- Slide 16
- Threats and Attacks-Vulnerabilities of Converged Networks
- Slide 18
- Threats and Attacks Identity Privacy and Integrity Issues
- Slide 20
- Mitigation and Recommendations Denial of Service (DoS) - Voice or Network Infrastructure
- Mitigation and Recommendations Non-Dos Data or Voice Service Outages
- Mitigation and Recommendations Environmental Control Issues ndash Power and Cooling
- Mitigation and Recommendations Vulnerabilities of Converged Networks
- Slide 25
- Conclusions
- Slide 27
-
Concept of Network Convergence
bull It is a Standard Platform that allows you to integrate Data Voice Fax Video and other Telephony applications
bull It is the passport for the organizationrsquos future success
DefinitionFor the Operator
bull Ability to extend service offering to consumersbull Ability to provide the same level of service across multiple
networksbull Ability to use the same network for Voice Video Data
For the Consumer
bull Ability to move across multiple networksbull Ability to access same or similar levels of services from
anywherebull Ability to cross integrate across multiple networks
Concept of Network Convergence-Contd
What are the motivation FactorsFor Operatorsbull Service bundling generates additional revenuesbull Utilization of capacity in a better waybull Growth potential and sustainabilityFor ApplicationService Providersbull Create service and applications that are available
from anywhere at the same timebull New servicesapplications are made possible (place
shiftingTime shifting technologies)bull Integrating across SilosFor Consumersbull Ubiquitous (being every where at the same time)
access to data and services
AGENDA
bull Concept of Network Convergence
bull Why Network Convergence
bull What are the types of Convergence
bull Obstructions to Network Convergence
bull Security concerns and Mitigation steps
bull Conclusion
Why Network Convergence
bull A vision of the Futurebull Lower Costbull Simplified Provisioning - Reduction in cables cable plants One
medium
bull Easier Management - Due to combination of multiple systems and NW
bull Less Maintenance ndash Because of reduction in the number of cable plants
bull Fewer User Interfaces ndash use of single cable plant with appropriate switching
bull More Rapid Provisioning ndash Existing cables can carry new signals and new services can be engineered
bull Improved service - Due to fewer components service quality improved
bull New services ndash Use of IP as common switching technology More intelligence resides on user equipment Need for fixed services reduced
bull Simplification of userrsquos Life ndash Less cables at user desk
AGENDA
bull Concept of Network Convergence
bull Why Network Convergence
bull What are the types of Convergence
bull Obstructions to Network Convergence
bull Security concerns and Mitigation steps
bull Conclusion
Types of Convergencebull TRANSPORTbull Same physical pipes and transport technology carry multiple services
usually of different customersbull Convergence at this level is primarily used by carriers to provision their
infra strbull Used for local access as well as reducing the customerrsquos overall Telecom
bill
bull SWITCHINGbull Same cable plant carries different types of traffic carries out proper
switchingbull Distinction between services becomes less distinct or disappears entirelybull Users see a bit pipe and services are defined by end - user equipment
bull APPLICATIONbull The same end-user type of device and network handles delivers all contentbull User does not have separate network interface devices
bull TELECOMMUNICATION ITbull Closing of the distinction between Telecom and Information Processing ndash
use of application service providers and Network computingbull Multiple functions provided through one source
Network Architecture for IT and Communications
bull CENTRALIZEDbull Places all the applications mgmt and network connections in a
single pointbull Worked well when networks and computers were expensivebull Initially used by large organizations
bull HORIZONTALbull Resembles an organizational chartbull Large enterprises like banks and schools with off- campus facilities
fit this modelbull The architecture design is flexible and can last a long time
bull HIERARCHICALbull More flexible allows sites to be added easilybull Loss of one site does not bring down the operation of other sitesbull Modular approach can produce a longer lasting solution
bull Architecture of Choice ndash Consistent Obvious (similar to other experiences limiting training expenses and reducing errors) amp Intuitive
AGENDA
bull Concept of Network Convergencebull Why Network Convergencebull What are the types of Convergencebull Obstructions to Network Convergencebull Security concerns and Mitigation stepsbull Conclusion
Obstructions to Network Convergence
bull Inertia needed to change infrastructure ndash You would have invested considerable time material and effort for the existing Network
bull Regulatory ndash Massive Governmental regulatory regime
bull Human Factors ndash users consumers have to be convinced of the benefits
bull Protocol Standards and Compatibility Issues -In some converged services the market has not stabilized thus standards and compatibility remains a potential problem
bull Clash of Cultures - Telecommunication and IT take polar views of how a network should run Telecom staffers believe data Networks are unstable while IT managers tend towards networking (fast packet rates)
bull Need to Interoperate with existing Infrastructure amp Applications -
No new solution will be acceptable if it does not interoperate with existing systems and applications
bull Unproven reliability and availability - In case of major technological changes CEOs want to have POC that new system will perform at levels
equal to or exceeding the existing system
AGENDA
bull Concept of Network Convergence
bull Why Network Convergence
bull What are the types of Convergence
bull Obstructions to Network Convergence
bull Security concerns and Mitigation steps
bull Conclusion
Security concerns on converged Networks
Threats and Attacks - Denial of Service (DoS) ndash Voice
or Network Infrastructurebull 1048707 Malicious codebull 1048707 System vulnerabilitiesbull 1048707 Unauthorized accessbull 1048707 Packet or call floodsbull 1048707 Network or call routingforwarding
disruptionsbull 1048707 Priority queue exhaustionbull 1048707 Invalid connection terminationsbull 1048707 Spam over Internet Telephony (SPIT)bull 1048707 Account lockouts
Security concerns on converged Networks- Contd
Threats and Attacks - Non DoS data or Voice
Service outage
bull Hardware or software failurebull Loss of power or coolingbull Cable cutsbull Improper configurationbull Insufficient change and problem management practices
Security concerns on converged Networks- Contd
bull Threats and Attacks - Environmental Control Issues ndash Power and Cooling
bull Terrorism
bull Utilities
bull Accidental
bull Acts of nature
bull Equipment failure
Threats and Attacks-Vulnerabilities of Converged Networks
bull Attacks against the data network and services can indirectly or directly affect voice services
bull The data network can provide communication paths that permit attacks directly against the voice environment
bull One current area of concern is the use of IP soft phones or other IP voice communications applications on the data network
ndash Prevents the use of strong conventional approaches to logical separation and protection
ndash PCs have demonstrated continued susceptibility to mal ware and spy ware
Security concerns on converged Networks- Contd
Threats and Attacks Malicious Code bull The data industry is very familiar with mal ware
threats and attacks IP voice services will naturally face similar issues
bull IP voice services must be concerned with both mal ware attacks in the data environment as well as attacks directed at the voice environment
bull Malicious code can be introduced in a variety of ways
ndash Exploit vulnerabilities in applications or operating system ndash E-mail attachments ndash Instant messaging programs
bull Common attacks and infections ndash Trojan horse worms bots key-loggers root kits and spy ware
Threats and AttacksIdentity Privacy and Integrity Issues
bull Session hi-jackingbull Compromised system
accountsbull Unauthorized call routingbull Unauthorized access to
voice or NW componentsbull Unauthorized data
accessbull Unwanted content
exposurebull Malicious code and spy
ware
bull Social Engineeringbull Phishing schemesbull Network identity
masqueradingbull Voice identity
masqueradingbull Unauthorized NW accessbull Unauthorized access to
voice servicesbull Caller-ID hacksbull Voice mailbox squatting
or redirection
MitigationandRecommendations
Mitigation and RecommendationsDenial of Service (DoS) - Voice or Network Infrastructure
bull Follow ldquoBest Practicesrdquobull Process and procedures for secure configuration
management and operationbull Harden voice and network infrastructure devices thru
embedded or adjunct mechanismsbull Control network traffic to limit exposure to attacks and
minimize damagebull Compartmentalize networks and services for voice and
databull Implement NW access authentication where
possiblefeasible bull Utilize emerging technologies for admission controlbull Utilize verified software and firmware (such as IP phone
firmware)
Mitigation and RecommendationsNon-Dos Data or Voice Service Outages
bull Redundant networks data services and voice services
ndash Diverse paths and diverse providers where possible and appropriate
ndash Provide redundant centralized services that are geographically
dispersedbull Backup and emergency voice servicesbull Redundant and diverse power ndash Multiple feeds circuits UPS generators devices with dual
power suppliesbull Redundant and resilient cooling andor provide
for emergency procedures and equipmentbull Develop disaster recovery plans and procedures
(include backup equipment and backup sites)
Mitigation and RecommendationsEnvironmental Control Issues ndash Power and Cooling
bull Multiple diverse path building power feedsbull Network and voice devices should use diverse building
powerbull Utilize Power-over-Ethernet (PoE)bull Utilize UPS power for infrastructure devicesbull Utilize emergency generator backup power for critical
componentsbull Provision portable AC units for critical infrastructure
componentsbull Develop standards policies and procedures for dealing
with environmental control issues
Mitigation and RecommendationsVulnerabilities of Converged Networks
bull Develop process and procedures for secure configuration
management and operation of NW and voice infrastructure
devices
bull Access authentication particularly in common areas
bull Disable unused services or protocols on voice compartments
bull Restrict access to services or protocols in the voice compartment that are used by management and support
bull Disable embedded data switch ports on IP phones when not
neededdesired (such as lobbies cafeterias etc)
AGENDA
bull Concept of Network Convergence
bull Why Network Convergence
bull What are the types of Convergence
bull Obstructions to Network Convergence
bull Security concerns and Mitigation steps
bull Conclusion
Conclusions
bull Look at Convergence on a broad anglebull Donrsquot focus too much on Technological
capabilities alonebull You need not be market leader Best to be market
followerbull Be agile work smarter Identify new challenges
earlybull Respond more effectively and compete more
successfullybull Ensure compliance Manage all forms of risks
more effectivelybull Integrate your channels to market effectively
through converged IT and communication servicesbull Protect - Detect - React to Security breaches
Thank Youamp
Your questions are welcome
Contact yesarebeyahoocom
- PowerPoint Presentation
- AGENDA
- Slide 3
- Concept of Network Convergence
- Concept of Network Convergence-Contd
- Slide 6
- Why Network Convergence
- Slide 8
- Types of Convergence
- Network Architecture for IT and Communications
- Slide 11
- Obstructions to Network Convergence
- Slide 13
- Security concerns on converged Networks
- Security concerns on converged Networks- Contd
- Slide 16
- Threats and Attacks-Vulnerabilities of Converged Networks
- Slide 18
- Threats and Attacks Identity Privacy and Integrity Issues
- Slide 20
- Mitigation and Recommendations Denial of Service (DoS) - Voice or Network Infrastructure
- Mitigation and Recommendations Non-Dos Data or Voice Service Outages
- Mitigation and Recommendations Environmental Control Issues ndash Power and Cooling
- Mitigation and Recommendations Vulnerabilities of Converged Networks
- Slide 25
- Conclusions
- Slide 27
-
Concept of Network Convergence-Contd
What are the motivation FactorsFor Operatorsbull Service bundling generates additional revenuesbull Utilization of capacity in a better waybull Growth potential and sustainabilityFor ApplicationService Providersbull Create service and applications that are available
from anywhere at the same timebull New servicesapplications are made possible (place
shiftingTime shifting technologies)bull Integrating across SilosFor Consumersbull Ubiquitous (being every where at the same time)
access to data and services
AGENDA
bull Concept of Network Convergence
bull Why Network Convergence
bull What are the types of Convergence
bull Obstructions to Network Convergence
bull Security concerns and Mitigation steps
bull Conclusion
Why Network Convergence
bull A vision of the Futurebull Lower Costbull Simplified Provisioning - Reduction in cables cable plants One
medium
bull Easier Management - Due to combination of multiple systems and NW
bull Less Maintenance ndash Because of reduction in the number of cable plants
bull Fewer User Interfaces ndash use of single cable plant with appropriate switching
bull More Rapid Provisioning ndash Existing cables can carry new signals and new services can be engineered
bull Improved service - Due to fewer components service quality improved
bull New services ndash Use of IP as common switching technology More intelligence resides on user equipment Need for fixed services reduced
bull Simplification of userrsquos Life ndash Less cables at user desk
AGENDA
bull Concept of Network Convergence
bull Why Network Convergence
bull What are the types of Convergence
bull Obstructions to Network Convergence
bull Security concerns and Mitigation steps
bull Conclusion
Types of Convergencebull TRANSPORTbull Same physical pipes and transport technology carry multiple services
usually of different customersbull Convergence at this level is primarily used by carriers to provision their
infra strbull Used for local access as well as reducing the customerrsquos overall Telecom
bill
bull SWITCHINGbull Same cable plant carries different types of traffic carries out proper
switchingbull Distinction between services becomes less distinct or disappears entirelybull Users see a bit pipe and services are defined by end - user equipment
bull APPLICATIONbull The same end-user type of device and network handles delivers all contentbull User does not have separate network interface devices
bull TELECOMMUNICATION ITbull Closing of the distinction between Telecom and Information Processing ndash
use of application service providers and Network computingbull Multiple functions provided through one source
Network Architecture for IT and Communications
bull CENTRALIZEDbull Places all the applications mgmt and network connections in a
single pointbull Worked well when networks and computers were expensivebull Initially used by large organizations
bull HORIZONTALbull Resembles an organizational chartbull Large enterprises like banks and schools with off- campus facilities
fit this modelbull The architecture design is flexible and can last a long time
bull HIERARCHICALbull More flexible allows sites to be added easilybull Loss of one site does not bring down the operation of other sitesbull Modular approach can produce a longer lasting solution
bull Architecture of Choice ndash Consistent Obvious (similar to other experiences limiting training expenses and reducing errors) amp Intuitive
AGENDA
bull Concept of Network Convergencebull Why Network Convergencebull What are the types of Convergencebull Obstructions to Network Convergencebull Security concerns and Mitigation stepsbull Conclusion
Obstructions to Network Convergence
bull Inertia needed to change infrastructure ndash You would have invested considerable time material and effort for the existing Network
bull Regulatory ndash Massive Governmental regulatory regime
bull Human Factors ndash users consumers have to be convinced of the benefits
bull Protocol Standards and Compatibility Issues -In some converged services the market has not stabilized thus standards and compatibility remains a potential problem
bull Clash of Cultures - Telecommunication and IT take polar views of how a network should run Telecom staffers believe data Networks are unstable while IT managers tend towards networking (fast packet rates)
bull Need to Interoperate with existing Infrastructure amp Applications -
No new solution will be acceptable if it does not interoperate with existing systems and applications
bull Unproven reliability and availability - In case of major technological changes CEOs want to have POC that new system will perform at levels
equal to or exceeding the existing system
AGENDA
bull Concept of Network Convergence
bull Why Network Convergence
bull What are the types of Convergence
bull Obstructions to Network Convergence
bull Security concerns and Mitigation steps
bull Conclusion
Security concerns on converged Networks
Threats and Attacks - Denial of Service (DoS) ndash Voice
or Network Infrastructurebull 1048707 Malicious codebull 1048707 System vulnerabilitiesbull 1048707 Unauthorized accessbull 1048707 Packet or call floodsbull 1048707 Network or call routingforwarding
disruptionsbull 1048707 Priority queue exhaustionbull 1048707 Invalid connection terminationsbull 1048707 Spam over Internet Telephony (SPIT)bull 1048707 Account lockouts
Security concerns on converged Networks- Contd
Threats and Attacks - Non DoS data or Voice
Service outage
bull Hardware or software failurebull Loss of power or coolingbull Cable cutsbull Improper configurationbull Insufficient change and problem management practices
Security concerns on converged Networks- Contd
bull Threats and Attacks - Environmental Control Issues ndash Power and Cooling
bull Terrorism
bull Utilities
bull Accidental
bull Acts of nature
bull Equipment failure
Threats and Attacks-Vulnerabilities of Converged Networks
bull Attacks against the data network and services can indirectly or directly affect voice services
bull The data network can provide communication paths that permit attacks directly against the voice environment
bull One current area of concern is the use of IP soft phones or other IP voice communications applications on the data network
ndash Prevents the use of strong conventional approaches to logical separation and protection
ndash PCs have demonstrated continued susceptibility to mal ware and spy ware
Security concerns on converged Networks- Contd
Threats and Attacks Malicious Code bull The data industry is very familiar with mal ware
threats and attacks IP voice services will naturally face similar issues
bull IP voice services must be concerned with both mal ware attacks in the data environment as well as attacks directed at the voice environment
bull Malicious code can be introduced in a variety of ways
ndash Exploit vulnerabilities in applications or operating system ndash E-mail attachments ndash Instant messaging programs
bull Common attacks and infections ndash Trojan horse worms bots key-loggers root kits and spy ware
Threats and AttacksIdentity Privacy and Integrity Issues
bull Session hi-jackingbull Compromised system
accountsbull Unauthorized call routingbull Unauthorized access to
voice or NW componentsbull Unauthorized data
accessbull Unwanted content
exposurebull Malicious code and spy
ware
bull Social Engineeringbull Phishing schemesbull Network identity
masqueradingbull Voice identity
masqueradingbull Unauthorized NW accessbull Unauthorized access to
voice servicesbull Caller-ID hacksbull Voice mailbox squatting
or redirection
MitigationandRecommendations
Mitigation and RecommendationsDenial of Service (DoS) - Voice or Network Infrastructure
bull Follow ldquoBest Practicesrdquobull Process and procedures for secure configuration
management and operationbull Harden voice and network infrastructure devices thru
embedded or adjunct mechanismsbull Control network traffic to limit exposure to attacks and
minimize damagebull Compartmentalize networks and services for voice and
databull Implement NW access authentication where
possiblefeasible bull Utilize emerging technologies for admission controlbull Utilize verified software and firmware (such as IP phone
firmware)
Mitigation and RecommendationsNon-Dos Data or Voice Service Outages
bull Redundant networks data services and voice services
ndash Diverse paths and diverse providers where possible and appropriate
ndash Provide redundant centralized services that are geographically
dispersedbull Backup and emergency voice servicesbull Redundant and diverse power ndash Multiple feeds circuits UPS generators devices with dual
power suppliesbull Redundant and resilient cooling andor provide
for emergency procedures and equipmentbull Develop disaster recovery plans and procedures
(include backup equipment and backup sites)
Mitigation and RecommendationsEnvironmental Control Issues ndash Power and Cooling
bull Multiple diverse path building power feedsbull Network and voice devices should use diverse building
powerbull Utilize Power-over-Ethernet (PoE)bull Utilize UPS power for infrastructure devicesbull Utilize emergency generator backup power for critical
componentsbull Provision portable AC units for critical infrastructure
componentsbull Develop standards policies and procedures for dealing
with environmental control issues
Mitigation and RecommendationsVulnerabilities of Converged Networks
bull Develop process and procedures for secure configuration
management and operation of NW and voice infrastructure
devices
bull Access authentication particularly in common areas
bull Disable unused services or protocols on voice compartments
bull Restrict access to services or protocols in the voice compartment that are used by management and support
bull Disable embedded data switch ports on IP phones when not
neededdesired (such as lobbies cafeterias etc)
AGENDA
bull Concept of Network Convergence
bull Why Network Convergence
bull What are the types of Convergence
bull Obstructions to Network Convergence
bull Security concerns and Mitigation steps
bull Conclusion
Conclusions
bull Look at Convergence on a broad anglebull Donrsquot focus too much on Technological
capabilities alonebull You need not be market leader Best to be market
followerbull Be agile work smarter Identify new challenges
earlybull Respond more effectively and compete more
successfullybull Ensure compliance Manage all forms of risks
more effectivelybull Integrate your channels to market effectively
through converged IT and communication servicesbull Protect - Detect - React to Security breaches
Thank Youamp
Your questions are welcome
Contact yesarebeyahoocom
- PowerPoint Presentation
- AGENDA
- Slide 3
- Concept of Network Convergence
- Concept of Network Convergence-Contd
- Slide 6
- Why Network Convergence
- Slide 8
- Types of Convergence
- Network Architecture for IT and Communications
- Slide 11
- Obstructions to Network Convergence
- Slide 13
- Security concerns on converged Networks
- Security concerns on converged Networks- Contd
- Slide 16
- Threats and Attacks-Vulnerabilities of Converged Networks
- Slide 18
- Threats and Attacks Identity Privacy and Integrity Issues
- Slide 20
- Mitigation and Recommendations Denial of Service (DoS) - Voice or Network Infrastructure
- Mitigation and Recommendations Non-Dos Data or Voice Service Outages
- Mitigation and Recommendations Environmental Control Issues ndash Power and Cooling
- Mitigation and Recommendations Vulnerabilities of Converged Networks
- Slide 25
- Conclusions
- Slide 27
-
AGENDA
bull Concept of Network Convergence
bull Why Network Convergence
bull What are the types of Convergence
bull Obstructions to Network Convergence
bull Security concerns and Mitigation steps
bull Conclusion
Why Network Convergence
bull A vision of the Futurebull Lower Costbull Simplified Provisioning - Reduction in cables cable plants One
medium
bull Easier Management - Due to combination of multiple systems and NW
bull Less Maintenance ndash Because of reduction in the number of cable plants
bull Fewer User Interfaces ndash use of single cable plant with appropriate switching
bull More Rapid Provisioning ndash Existing cables can carry new signals and new services can be engineered
bull Improved service - Due to fewer components service quality improved
bull New services ndash Use of IP as common switching technology More intelligence resides on user equipment Need for fixed services reduced
bull Simplification of userrsquos Life ndash Less cables at user desk
AGENDA
bull Concept of Network Convergence
bull Why Network Convergence
bull What are the types of Convergence
bull Obstructions to Network Convergence
bull Security concerns and Mitigation steps
bull Conclusion
Types of Convergencebull TRANSPORTbull Same physical pipes and transport technology carry multiple services
usually of different customersbull Convergence at this level is primarily used by carriers to provision their
infra strbull Used for local access as well as reducing the customerrsquos overall Telecom
bill
bull SWITCHINGbull Same cable plant carries different types of traffic carries out proper
switchingbull Distinction between services becomes less distinct or disappears entirelybull Users see a bit pipe and services are defined by end - user equipment
bull APPLICATIONbull The same end-user type of device and network handles delivers all contentbull User does not have separate network interface devices
bull TELECOMMUNICATION ITbull Closing of the distinction between Telecom and Information Processing ndash
use of application service providers and Network computingbull Multiple functions provided through one source
Network Architecture for IT and Communications
bull CENTRALIZEDbull Places all the applications mgmt and network connections in a
single pointbull Worked well when networks and computers were expensivebull Initially used by large organizations
bull HORIZONTALbull Resembles an organizational chartbull Large enterprises like banks and schools with off- campus facilities
fit this modelbull The architecture design is flexible and can last a long time
bull HIERARCHICALbull More flexible allows sites to be added easilybull Loss of one site does not bring down the operation of other sitesbull Modular approach can produce a longer lasting solution
bull Architecture of Choice ndash Consistent Obvious (similar to other experiences limiting training expenses and reducing errors) amp Intuitive
AGENDA
bull Concept of Network Convergencebull Why Network Convergencebull What are the types of Convergencebull Obstructions to Network Convergencebull Security concerns and Mitigation stepsbull Conclusion
Obstructions to Network Convergence
bull Inertia needed to change infrastructure ndash You would have invested considerable time material and effort for the existing Network
bull Regulatory ndash Massive Governmental regulatory regime
bull Human Factors ndash users consumers have to be convinced of the benefits
bull Protocol Standards and Compatibility Issues -In some converged services the market has not stabilized thus standards and compatibility remains a potential problem
bull Clash of Cultures - Telecommunication and IT take polar views of how a network should run Telecom staffers believe data Networks are unstable while IT managers tend towards networking (fast packet rates)
bull Need to Interoperate with existing Infrastructure amp Applications -
No new solution will be acceptable if it does not interoperate with existing systems and applications
bull Unproven reliability and availability - In case of major technological changes CEOs want to have POC that new system will perform at levels
equal to or exceeding the existing system
AGENDA
bull Concept of Network Convergence
bull Why Network Convergence
bull What are the types of Convergence
bull Obstructions to Network Convergence
bull Security concerns and Mitigation steps
bull Conclusion
Security concerns on converged Networks
Threats and Attacks - Denial of Service (DoS) ndash Voice
or Network Infrastructurebull 1048707 Malicious codebull 1048707 System vulnerabilitiesbull 1048707 Unauthorized accessbull 1048707 Packet or call floodsbull 1048707 Network or call routingforwarding
disruptionsbull 1048707 Priority queue exhaustionbull 1048707 Invalid connection terminationsbull 1048707 Spam over Internet Telephony (SPIT)bull 1048707 Account lockouts
Security concerns on converged Networks- Contd
Threats and Attacks - Non DoS data or Voice
Service outage
bull Hardware or software failurebull Loss of power or coolingbull Cable cutsbull Improper configurationbull Insufficient change and problem management practices
Security concerns on converged Networks- Contd
bull Threats and Attacks - Environmental Control Issues ndash Power and Cooling
bull Terrorism
bull Utilities
bull Accidental
bull Acts of nature
bull Equipment failure
Threats and Attacks-Vulnerabilities of Converged Networks
bull Attacks against the data network and services can indirectly or directly affect voice services
bull The data network can provide communication paths that permit attacks directly against the voice environment
bull One current area of concern is the use of IP soft phones or other IP voice communications applications on the data network
ndash Prevents the use of strong conventional approaches to logical separation and protection
ndash PCs have demonstrated continued susceptibility to mal ware and spy ware
Security concerns on converged Networks- Contd
Threats and Attacks Malicious Code bull The data industry is very familiar with mal ware
threats and attacks IP voice services will naturally face similar issues
bull IP voice services must be concerned with both mal ware attacks in the data environment as well as attacks directed at the voice environment
bull Malicious code can be introduced in a variety of ways
ndash Exploit vulnerabilities in applications or operating system ndash E-mail attachments ndash Instant messaging programs
bull Common attacks and infections ndash Trojan horse worms bots key-loggers root kits and spy ware
Threats and AttacksIdentity Privacy and Integrity Issues
bull Session hi-jackingbull Compromised system
accountsbull Unauthorized call routingbull Unauthorized access to
voice or NW componentsbull Unauthorized data
accessbull Unwanted content
exposurebull Malicious code and spy
ware
bull Social Engineeringbull Phishing schemesbull Network identity
masqueradingbull Voice identity
masqueradingbull Unauthorized NW accessbull Unauthorized access to
voice servicesbull Caller-ID hacksbull Voice mailbox squatting
or redirection
MitigationandRecommendations
Mitigation and RecommendationsDenial of Service (DoS) - Voice or Network Infrastructure
bull Follow ldquoBest Practicesrdquobull Process and procedures for secure configuration
management and operationbull Harden voice and network infrastructure devices thru
embedded or adjunct mechanismsbull Control network traffic to limit exposure to attacks and
minimize damagebull Compartmentalize networks and services for voice and
databull Implement NW access authentication where
possiblefeasible bull Utilize emerging technologies for admission controlbull Utilize verified software and firmware (such as IP phone
firmware)
Mitigation and RecommendationsNon-Dos Data or Voice Service Outages
bull Redundant networks data services and voice services
ndash Diverse paths and diverse providers where possible and appropriate
ndash Provide redundant centralized services that are geographically
dispersedbull Backup and emergency voice servicesbull Redundant and diverse power ndash Multiple feeds circuits UPS generators devices with dual
power suppliesbull Redundant and resilient cooling andor provide
for emergency procedures and equipmentbull Develop disaster recovery plans and procedures
(include backup equipment and backup sites)
Mitigation and RecommendationsEnvironmental Control Issues ndash Power and Cooling
bull Multiple diverse path building power feedsbull Network and voice devices should use diverse building
powerbull Utilize Power-over-Ethernet (PoE)bull Utilize UPS power for infrastructure devicesbull Utilize emergency generator backup power for critical
componentsbull Provision portable AC units for critical infrastructure
componentsbull Develop standards policies and procedures for dealing
with environmental control issues
Mitigation and RecommendationsVulnerabilities of Converged Networks
bull Develop process and procedures for secure configuration
management and operation of NW and voice infrastructure
devices
bull Access authentication particularly in common areas
bull Disable unused services or protocols on voice compartments
bull Restrict access to services or protocols in the voice compartment that are used by management and support
bull Disable embedded data switch ports on IP phones when not
neededdesired (such as lobbies cafeterias etc)
AGENDA
bull Concept of Network Convergence
bull Why Network Convergence
bull What are the types of Convergence
bull Obstructions to Network Convergence
bull Security concerns and Mitigation steps
bull Conclusion
Conclusions
bull Look at Convergence on a broad anglebull Donrsquot focus too much on Technological
capabilities alonebull You need not be market leader Best to be market
followerbull Be agile work smarter Identify new challenges
earlybull Respond more effectively and compete more
successfullybull Ensure compliance Manage all forms of risks
more effectivelybull Integrate your channels to market effectively
through converged IT and communication servicesbull Protect - Detect - React to Security breaches
Thank Youamp
Your questions are welcome
Contact yesarebeyahoocom
- PowerPoint Presentation
- AGENDA
- Slide 3
- Concept of Network Convergence
- Concept of Network Convergence-Contd
- Slide 6
- Why Network Convergence
- Slide 8
- Types of Convergence
- Network Architecture for IT and Communications
- Slide 11
- Obstructions to Network Convergence
- Slide 13
- Security concerns on converged Networks
- Security concerns on converged Networks- Contd
- Slide 16
- Threats and Attacks-Vulnerabilities of Converged Networks
- Slide 18
- Threats and Attacks Identity Privacy and Integrity Issues
- Slide 20
- Mitigation and Recommendations Denial of Service (DoS) - Voice or Network Infrastructure
- Mitigation and Recommendations Non-Dos Data or Voice Service Outages
- Mitigation and Recommendations Environmental Control Issues ndash Power and Cooling
- Mitigation and Recommendations Vulnerabilities of Converged Networks
- Slide 25
- Conclusions
- Slide 27
-
Why Network Convergence
bull A vision of the Futurebull Lower Costbull Simplified Provisioning - Reduction in cables cable plants One
medium
bull Easier Management - Due to combination of multiple systems and NW
bull Less Maintenance ndash Because of reduction in the number of cable plants
bull Fewer User Interfaces ndash use of single cable plant with appropriate switching
bull More Rapid Provisioning ndash Existing cables can carry new signals and new services can be engineered
bull Improved service - Due to fewer components service quality improved
bull New services ndash Use of IP as common switching technology More intelligence resides on user equipment Need for fixed services reduced
bull Simplification of userrsquos Life ndash Less cables at user desk
AGENDA
bull Concept of Network Convergence
bull Why Network Convergence
bull What are the types of Convergence
bull Obstructions to Network Convergence
bull Security concerns and Mitigation steps
bull Conclusion
Types of Convergencebull TRANSPORTbull Same physical pipes and transport technology carry multiple services
usually of different customersbull Convergence at this level is primarily used by carriers to provision their
infra strbull Used for local access as well as reducing the customerrsquos overall Telecom
bill
bull SWITCHINGbull Same cable plant carries different types of traffic carries out proper
switchingbull Distinction between services becomes less distinct or disappears entirelybull Users see a bit pipe and services are defined by end - user equipment
bull APPLICATIONbull The same end-user type of device and network handles delivers all contentbull User does not have separate network interface devices
bull TELECOMMUNICATION ITbull Closing of the distinction between Telecom and Information Processing ndash
use of application service providers and Network computingbull Multiple functions provided through one source
Network Architecture for IT and Communications
bull CENTRALIZEDbull Places all the applications mgmt and network connections in a
single pointbull Worked well when networks and computers were expensivebull Initially used by large organizations
bull HORIZONTALbull Resembles an organizational chartbull Large enterprises like banks and schools with off- campus facilities
fit this modelbull The architecture design is flexible and can last a long time
bull HIERARCHICALbull More flexible allows sites to be added easilybull Loss of one site does not bring down the operation of other sitesbull Modular approach can produce a longer lasting solution
bull Architecture of Choice ndash Consistent Obvious (similar to other experiences limiting training expenses and reducing errors) amp Intuitive
AGENDA
bull Concept of Network Convergencebull Why Network Convergencebull What are the types of Convergencebull Obstructions to Network Convergencebull Security concerns and Mitigation stepsbull Conclusion
Obstructions to Network Convergence
bull Inertia needed to change infrastructure ndash You would have invested considerable time material and effort for the existing Network
bull Regulatory ndash Massive Governmental regulatory regime
bull Human Factors ndash users consumers have to be convinced of the benefits
bull Protocol Standards and Compatibility Issues -In some converged services the market has not stabilized thus standards and compatibility remains a potential problem
bull Clash of Cultures - Telecommunication and IT take polar views of how a network should run Telecom staffers believe data Networks are unstable while IT managers tend towards networking (fast packet rates)
bull Need to Interoperate with existing Infrastructure amp Applications -
No new solution will be acceptable if it does not interoperate with existing systems and applications
bull Unproven reliability and availability - In case of major technological changes CEOs want to have POC that new system will perform at levels
equal to or exceeding the existing system
AGENDA
bull Concept of Network Convergence
bull Why Network Convergence
bull What are the types of Convergence
bull Obstructions to Network Convergence
bull Security concerns and Mitigation steps
bull Conclusion
Security concerns on converged Networks
Threats and Attacks - Denial of Service (DoS) ndash Voice
or Network Infrastructurebull 1048707 Malicious codebull 1048707 System vulnerabilitiesbull 1048707 Unauthorized accessbull 1048707 Packet or call floodsbull 1048707 Network or call routingforwarding
disruptionsbull 1048707 Priority queue exhaustionbull 1048707 Invalid connection terminationsbull 1048707 Spam over Internet Telephony (SPIT)bull 1048707 Account lockouts
Security concerns on converged Networks- Contd
Threats and Attacks - Non DoS data or Voice
Service outage
bull Hardware or software failurebull Loss of power or coolingbull Cable cutsbull Improper configurationbull Insufficient change and problem management practices
Security concerns on converged Networks- Contd
bull Threats and Attacks - Environmental Control Issues ndash Power and Cooling
bull Terrorism
bull Utilities
bull Accidental
bull Acts of nature
bull Equipment failure
Threats and Attacks-Vulnerabilities of Converged Networks
bull Attacks against the data network and services can indirectly or directly affect voice services
bull The data network can provide communication paths that permit attacks directly against the voice environment
bull One current area of concern is the use of IP soft phones or other IP voice communications applications on the data network
ndash Prevents the use of strong conventional approaches to logical separation and protection
ndash PCs have demonstrated continued susceptibility to mal ware and spy ware
Security concerns on converged Networks- Contd
Threats and Attacks Malicious Code bull The data industry is very familiar with mal ware
threats and attacks IP voice services will naturally face similar issues
bull IP voice services must be concerned with both mal ware attacks in the data environment as well as attacks directed at the voice environment
bull Malicious code can be introduced in a variety of ways
ndash Exploit vulnerabilities in applications or operating system ndash E-mail attachments ndash Instant messaging programs
bull Common attacks and infections ndash Trojan horse worms bots key-loggers root kits and spy ware
Threats and AttacksIdentity Privacy and Integrity Issues
bull Session hi-jackingbull Compromised system
accountsbull Unauthorized call routingbull Unauthorized access to
voice or NW componentsbull Unauthorized data
accessbull Unwanted content
exposurebull Malicious code and spy
ware
bull Social Engineeringbull Phishing schemesbull Network identity
masqueradingbull Voice identity
masqueradingbull Unauthorized NW accessbull Unauthorized access to
voice servicesbull Caller-ID hacksbull Voice mailbox squatting
or redirection
MitigationandRecommendations
Mitigation and RecommendationsDenial of Service (DoS) - Voice or Network Infrastructure
bull Follow ldquoBest Practicesrdquobull Process and procedures for secure configuration
management and operationbull Harden voice and network infrastructure devices thru
embedded or adjunct mechanismsbull Control network traffic to limit exposure to attacks and
minimize damagebull Compartmentalize networks and services for voice and
databull Implement NW access authentication where
possiblefeasible bull Utilize emerging technologies for admission controlbull Utilize verified software and firmware (such as IP phone
firmware)
Mitigation and RecommendationsNon-Dos Data or Voice Service Outages
bull Redundant networks data services and voice services
ndash Diverse paths and diverse providers where possible and appropriate
ndash Provide redundant centralized services that are geographically
dispersedbull Backup and emergency voice servicesbull Redundant and diverse power ndash Multiple feeds circuits UPS generators devices with dual
power suppliesbull Redundant and resilient cooling andor provide
for emergency procedures and equipmentbull Develop disaster recovery plans and procedures
(include backup equipment and backup sites)
Mitigation and RecommendationsEnvironmental Control Issues ndash Power and Cooling
bull Multiple diverse path building power feedsbull Network and voice devices should use diverse building
powerbull Utilize Power-over-Ethernet (PoE)bull Utilize UPS power for infrastructure devicesbull Utilize emergency generator backup power for critical
componentsbull Provision portable AC units for critical infrastructure
componentsbull Develop standards policies and procedures for dealing
with environmental control issues
Mitigation and RecommendationsVulnerabilities of Converged Networks
bull Develop process and procedures for secure configuration
management and operation of NW and voice infrastructure
devices
bull Access authentication particularly in common areas
bull Disable unused services or protocols on voice compartments
bull Restrict access to services or protocols in the voice compartment that are used by management and support
bull Disable embedded data switch ports on IP phones when not
neededdesired (such as lobbies cafeterias etc)
AGENDA
bull Concept of Network Convergence
bull Why Network Convergence
bull What are the types of Convergence
bull Obstructions to Network Convergence
bull Security concerns and Mitigation steps
bull Conclusion
Conclusions
bull Look at Convergence on a broad anglebull Donrsquot focus too much on Technological
capabilities alonebull You need not be market leader Best to be market
followerbull Be agile work smarter Identify new challenges
earlybull Respond more effectively and compete more
successfullybull Ensure compliance Manage all forms of risks
more effectivelybull Integrate your channels to market effectively
through converged IT and communication servicesbull Protect - Detect - React to Security breaches
Thank Youamp
Your questions are welcome
Contact yesarebeyahoocom
- PowerPoint Presentation
- AGENDA
- Slide 3
- Concept of Network Convergence
- Concept of Network Convergence-Contd
- Slide 6
- Why Network Convergence
- Slide 8
- Types of Convergence
- Network Architecture for IT and Communications
- Slide 11
- Obstructions to Network Convergence
- Slide 13
- Security concerns on converged Networks
- Security concerns on converged Networks- Contd
- Slide 16
- Threats and Attacks-Vulnerabilities of Converged Networks
- Slide 18
- Threats and Attacks Identity Privacy and Integrity Issues
- Slide 20
- Mitigation and Recommendations Denial of Service (DoS) - Voice or Network Infrastructure
- Mitigation and Recommendations Non-Dos Data or Voice Service Outages
- Mitigation and Recommendations Environmental Control Issues ndash Power and Cooling
- Mitigation and Recommendations Vulnerabilities of Converged Networks
- Slide 25
- Conclusions
- Slide 27
-
AGENDA
bull Concept of Network Convergence
bull Why Network Convergence
bull What are the types of Convergence
bull Obstructions to Network Convergence
bull Security concerns and Mitigation steps
bull Conclusion
Types of Convergencebull TRANSPORTbull Same physical pipes and transport technology carry multiple services
usually of different customersbull Convergence at this level is primarily used by carriers to provision their
infra strbull Used for local access as well as reducing the customerrsquos overall Telecom
bill
bull SWITCHINGbull Same cable plant carries different types of traffic carries out proper
switchingbull Distinction between services becomes less distinct or disappears entirelybull Users see a bit pipe and services are defined by end - user equipment
bull APPLICATIONbull The same end-user type of device and network handles delivers all contentbull User does not have separate network interface devices
bull TELECOMMUNICATION ITbull Closing of the distinction between Telecom and Information Processing ndash
use of application service providers and Network computingbull Multiple functions provided through one source
Network Architecture for IT and Communications
bull CENTRALIZEDbull Places all the applications mgmt and network connections in a
single pointbull Worked well when networks and computers were expensivebull Initially used by large organizations
bull HORIZONTALbull Resembles an organizational chartbull Large enterprises like banks and schools with off- campus facilities
fit this modelbull The architecture design is flexible and can last a long time
bull HIERARCHICALbull More flexible allows sites to be added easilybull Loss of one site does not bring down the operation of other sitesbull Modular approach can produce a longer lasting solution
bull Architecture of Choice ndash Consistent Obvious (similar to other experiences limiting training expenses and reducing errors) amp Intuitive
AGENDA
bull Concept of Network Convergencebull Why Network Convergencebull What are the types of Convergencebull Obstructions to Network Convergencebull Security concerns and Mitigation stepsbull Conclusion
Obstructions to Network Convergence
bull Inertia needed to change infrastructure ndash You would have invested considerable time material and effort for the existing Network
bull Regulatory ndash Massive Governmental regulatory regime
bull Human Factors ndash users consumers have to be convinced of the benefits
bull Protocol Standards and Compatibility Issues -In some converged services the market has not stabilized thus standards and compatibility remains a potential problem
bull Clash of Cultures - Telecommunication and IT take polar views of how a network should run Telecom staffers believe data Networks are unstable while IT managers tend towards networking (fast packet rates)
bull Need to Interoperate with existing Infrastructure amp Applications -
No new solution will be acceptable if it does not interoperate with existing systems and applications
bull Unproven reliability and availability - In case of major technological changes CEOs want to have POC that new system will perform at levels
equal to or exceeding the existing system
AGENDA
bull Concept of Network Convergence
bull Why Network Convergence
bull What are the types of Convergence
bull Obstructions to Network Convergence
bull Security concerns and Mitigation steps
bull Conclusion
Security concerns on converged Networks
Threats and Attacks - Denial of Service (DoS) ndash Voice
or Network Infrastructurebull 1048707 Malicious codebull 1048707 System vulnerabilitiesbull 1048707 Unauthorized accessbull 1048707 Packet or call floodsbull 1048707 Network or call routingforwarding
disruptionsbull 1048707 Priority queue exhaustionbull 1048707 Invalid connection terminationsbull 1048707 Spam over Internet Telephony (SPIT)bull 1048707 Account lockouts
Security concerns on converged Networks- Contd
Threats and Attacks - Non DoS data or Voice
Service outage
bull Hardware or software failurebull Loss of power or coolingbull Cable cutsbull Improper configurationbull Insufficient change and problem management practices
Security concerns on converged Networks- Contd
bull Threats and Attacks - Environmental Control Issues ndash Power and Cooling
bull Terrorism
bull Utilities
bull Accidental
bull Acts of nature
bull Equipment failure
Threats and Attacks-Vulnerabilities of Converged Networks
bull Attacks against the data network and services can indirectly or directly affect voice services
bull The data network can provide communication paths that permit attacks directly against the voice environment
bull One current area of concern is the use of IP soft phones or other IP voice communications applications on the data network
ndash Prevents the use of strong conventional approaches to logical separation and protection
ndash PCs have demonstrated continued susceptibility to mal ware and spy ware
Security concerns on converged Networks- Contd
Threats and Attacks Malicious Code bull The data industry is very familiar with mal ware
threats and attacks IP voice services will naturally face similar issues
bull IP voice services must be concerned with both mal ware attacks in the data environment as well as attacks directed at the voice environment
bull Malicious code can be introduced in a variety of ways
ndash Exploit vulnerabilities in applications or operating system ndash E-mail attachments ndash Instant messaging programs
bull Common attacks and infections ndash Trojan horse worms bots key-loggers root kits and spy ware
Threats and AttacksIdentity Privacy and Integrity Issues
bull Session hi-jackingbull Compromised system
accountsbull Unauthorized call routingbull Unauthorized access to
voice or NW componentsbull Unauthorized data
accessbull Unwanted content
exposurebull Malicious code and spy
ware
bull Social Engineeringbull Phishing schemesbull Network identity
masqueradingbull Voice identity
masqueradingbull Unauthorized NW accessbull Unauthorized access to
voice servicesbull Caller-ID hacksbull Voice mailbox squatting
or redirection
MitigationandRecommendations
Mitigation and RecommendationsDenial of Service (DoS) - Voice or Network Infrastructure
bull Follow ldquoBest Practicesrdquobull Process and procedures for secure configuration
management and operationbull Harden voice and network infrastructure devices thru
embedded or adjunct mechanismsbull Control network traffic to limit exposure to attacks and
minimize damagebull Compartmentalize networks and services for voice and
databull Implement NW access authentication where
possiblefeasible bull Utilize emerging technologies for admission controlbull Utilize verified software and firmware (such as IP phone
firmware)
Mitigation and RecommendationsNon-Dos Data or Voice Service Outages
bull Redundant networks data services and voice services
ndash Diverse paths and diverse providers where possible and appropriate
ndash Provide redundant centralized services that are geographically
dispersedbull Backup and emergency voice servicesbull Redundant and diverse power ndash Multiple feeds circuits UPS generators devices with dual
power suppliesbull Redundant and resilient cooling andor provide
for emergency procedures and equipmentbull Develop disaster recovery plans and procedures
(include backup equipment and backup sites)
Mitigation and RecommendationsEnvironmental Control Issues ndash Power and Cooling
bull Multiple diverse path building power feedsbull Network and voice devices should use diverse building
powerbull Utilize Power-over-Ethernet (PoE)bull Utilize UPS power for infrastructure devicesbull Utilize emergency generator backup power for critical
componentsbull Provision portable AC units for critical infrastructure
componentsbull Develop standards policies and procedures for dealing
with environmental control issues
Mitigation and RecommendationsVulnerabilities of Converged Networks
bull Develop process and procedures for secure configuration
management and operation of NW and voice infrastructure
devices
bull Access authentication particularly in common areas
bull Disable unused services or protocols on voice compartments
bull Restrict access to services or protocols in the voice compartment that are used by management and support
bull Disable embedded data switch ports on IP phones when not
neededdesired (such as lobbies cafeterias etc)
AGENDA
bull Concept of Network Convergence
bull Why Network Convergence
bull What are the types of Convergence
bull Obstructions to Network Convergence
bull Security concerns and Mitigation steps
bull Conclusion
Conclusions
bull Look at Convergence on a broad anglebull Donrsquot focus too much on Technological
capabilities alonebull You need not be market leader Best to be market
followerbull Be agile work smarter Identify new challenges
earlybull Respond more effectively and compete more
successfullybull Ensure compliance Manage all forms of risks
more effectivelybull Integrate your channels to market effectively
through converged IT and communication servicesbull Protect - Detect - React to Security breaches
Thank Youamp
Your questions are welcome
Contact yesarebeyahoocom
- PowerPoint Presentation
- AGENDA
- Slide 3
- Concept of Network Convergence
- Concept of Network Convergence-Contd
- Slide 6
- Why Network Convergence
- Slide 8
- Types of Convergence
- Network Architecture for IT and Communications
- Slide 11
- Obstructions to Network Convergence
- Slide 13
- Security concerns on converged Networks
- Security concerns on converged Networks- Contd
- Slide 16
- Threats and Attacks-Vulnerabilities of Converged Networks
- Slide 18
- Threats and Attacks Identity Privacy and Integrity Issues
- Slide 20
- Mitigation and Recommendations Denial of Service (DoS) - Voice or Network Infrastructure
- Mitigation and Recommendations Non-Dos Data or Voice Service Outages
- Mitigation and Recommendations Environmental Control Issues ndash Power and Cooling
- Mitigation and Recommendations Vulnerabilities of Converged Networks
- Slide 25
- Conclusions
- Slide 27
-
Types of Convergencebull TRANSPORTbull Same physical pipes and transport technology carry multiple services
usually of different customersbull Convergence at this level is primarily used by carriers to provision their
infra strbull Used for local access as well as reducing the customerrsquos overall Telecom
bill
bull SWITCHINGbull Same cable plant carries different types of traffic carries out proper
switchingbull Distinction between services becomes less distinct or disappears entirelybull Users see a bit pipe and services are defined by end - user equipment
bull APPLICATIONbull The same end-user type of device and network handles delivers all contentbull User does not have separate network interface devices
bull TELECOMMUNICATION ITbull Closing of the distinction between Telecom and Information Processing ndash
use of application service providers and Network computingbull Multiple functions provided through one source
Network Architecture for IT and Communications
bull CENTRALIZEDbull Places all the applications mgmt and network connections in a
single pointbull Worked well when networks and computers were expensivebull Initially used by large organizations
bull HORIZONTALbull Resembles an organizational chartbull Large enterprises like banks and schools with off- campus facilities
fit this modelbull The architecture design is flexible and can last a long time
bull HIERARCHICALbull More flexible allows sites to be added easilybull Loss of one site does not bring down the operation of other sitesbull Modular approach can produce a longer lasting solution
bull Architecture of Choice ndash Consistent Obvious (similar to other experiences limiting training expenses and reducing errors) amp Intuitive
AGENDA
bull Concept of Network Convergencebull Why Network Convergencebull What are the types of Convergencebull Obstructions to Network Convergencebull Security concerns and Mitigation stepsbull Conclusion
Obstructions to Network Convergence
bull Inertia needed to change infrastructure ndash You would have invested considerable time material and effort for the existing Network
bull Regulatory ndash Massive Governmental regulatory regime
bull Human Factors ndash users consumers have to be convinced of the benefits
bull Protocol Standards and Compatibility Issues -In some converged services the market has not stabilized thus standards and compatibility remains a potential problem
bull Clash of Cultures - Telecommunication and IT take polar views of how a network should run Telecom staffers believe data Networks are unstable while IT managers tend towards networking (fast packet rates)
bull Need to Interoperate with existing Infrastructure amp Applications -
No new solution will be acceptable if it does not interoperate with existing systems and applications
bull Unproven reliability and availability - In case of major technological changes CEOs want to have POC that new system will perform at levels
equal to or exceeding the existing system
AGENDA
bull Concept of Network Convergence
bull Why Network Convergence
bull What are the types of Convergence
bull Obstructions to Network Convergence
bull Security concerns and Mitigation steps
bull Conclusion
Security concerns on converged Networks
Threats and Attacks - Denial of Service (DoS) ndash Voice
or Network Infrastructurebull 1048707 Malicious codebull 1048707 System vulnerabilitiesbull 1048707 Unauthorized accessbull 1048707 Packet or call floodsbull 1048707 Network or call routingforwarding
disruptionsbull 1048707 Priority queue exhaustionbull 1048707 Invalid connection terminationsbull 1048707 Spam over Internet Telephony (SPIT)bull 1048707 Account lockouts
Security concerns on converged Networks- Contd
Threats and Attacks - Non DoS data or Voice
Service outage
bull Hardware or software failurebull Loss of power or coolingbull Cable cutsbull Improper configurationbull Insufficient change and problem management practices
Security concerns on converged Networks- Contd
bull Threats and Attacks - Environmental Control Issues ndash Power and Cooling
bull Terrorism
bull Utilities
bull Accidental
bull Acts of nature
bull Equipment failure
Threats and Attacks-Vulnerabilities of Converged Networks
bull Attacks against the data network and services can indirectly or directly affect voice services
bull The data network can provide communication paths that permit attacks directly against the voice environment
bull One current area of concern is the use of IP soft phones or other IP voice communications applications on the data network
ndash Prevents the use of strong conventional approaches to logical separation and protection
ndash PCs have demonstrated continued susceptibility to mal ware and spy ware
Security concerns on converged Networks- Contd
Threats and Attacks Malicious Code bull The data industry is very familiar with mal ware
threats and attacks IP voice services will naturally face similar issues
bull IP voice services must be concerned with both mal ware attacks in the data environment as well as attacks directed at the voice environment
bull Malicious code can be introduced in a variety of ways
ndash Exploit vulnerabilities in applications or operating system ndash E-mail attachments ndash Instant messaging programs
bull Common attacks and infections ndash Trojan horse worms bots key-loggers root kits and spy ware
Threats and AttacksIdentity Privacy and Integrity Issues
bull Session hi-jackingbull Compromised system
accountsbull Unauthorized call routingbull Unauthorized access to
voice or NW componentsbull Unauthorized data
accessbull Unwanted content
exposurebull Malicious code and spy
ware
bull Social Engineeringbull Phishing schemesbull Network identity
masqueradingbull Voice identity
masqueradingbull Unauthorized NW accessbull Unauthorized access to
voice servicesbull Caller-ID hacksbull Voice mailbox squatting
or redirection
MitigationandRecommendations
Mitigation and RecommendationsDenial of Service (DoS) - Voice or Network Infrastructure
bull Follow ldquoBest Practicesrdquobull Process and procedures for secure configuration
management and operationbull Harden voice and network infrastructure devices thru
embedded or adjunct mechanismsbull Control network traffic to limit exposure to attacks and
minimize damagebull Compartmentalize networks and services for voice and
databull Implement NW access authentication where
possiblefeasible bull Utilize emerging technologies for admission controlbull Utilize verified software and firmware (such as IP phone
firmware)
Mitigation and RecommendationsNon-Dos Data or Voice Service Outages
bull Redundant networks data services and voice services
ndash Diverse paths and diverse providers where possible and appropriate
ndash Provide redundant centralized services that are geographically
dispersedbull Backup and emergency voice servicesbull Redundant and diverse power ndash Multiple feeds circuits UPS generators devices with dual
power suppliesbull Redundant and resilient cooling andor provide
for emergency procedures and equipmentbull Develop disaster recovery plans and procedures
(include backup equipment and backup sites)
Mitigation and RecommendationsEnvironmental Control Issues ndash Power and Cooling
bull Multiple diverse path building power feedsbull Network and voice devices should use diverse building
powerbull Utilize Power-over-Ethernet (PoE)bull Utilize UPS power for infrastructure devicesbull Utilize emergency generator backup power for critical
componentsbull Provision portable AC units for critical infrastructure
componentsbull Develop standards policies and procedures for dealing
with environmental control issues
Mitigation and RecommendationsVulnerabilities of Converged Networks
bull Develop process and procedures for secure configuration
management and operation of NW and voice infrastructure
devices
bull Access authentication particularly in common areas
bull Disable unused services or protocols on voice compartments
bull Restrict access to services or protocols in the voice compartment that are used by management and support
bull Disable embedded data switch ports on IP phones when not
neededdesired (such as lobbies cafeterias etc)
AGENDA
bull Concept of Network Convergence
bull Why Network Convergence
bull What are the types of Convergence
bull Obstructions to Network Convergence
bull Security concerns and Mitigation steps
bull Conclusion
Conclusions
bull Look at Convergence on a broad anglebull Donrsquot focus too much on Technological
capabilities alonebull You need not be market leader Best to be market
followerbull Be agile work smarter Identify new challenges
earlybull Respond more effectively and compete more
successfullybull Ensure compliance Manage all forms of risks
more effectivelybull Integrate your channels to market effectively
through converged IT and communication servicesbull Protect - Detect - React to Security breaches
Thank Youamp
Your questions are welcome
Contact yesarebeyahoocom
- PowerPoint Presentation
- AGENDA
- Slide 3
- Concept of Network Convergence
- Concept of Network Convergence-Contd
- Slide 6
- Why Network Convergence
- Slide 8
- Types of Convergence
- Network Architecture for IT and Communications
- Slide 11
- Obstructions to Network Convergence
- Slide 13
- Security concerns on converged Networks
- Security concerns on converged Networks- Contd
- Slide 16
- Threats and Attacks-Vulnerabilities of Converged Networks
- Slide 18
- Threats and Attacks Identity Privacy and Integrity Issues
- Slide 20
- Mitigation and Recommendations Denial of Service (DoS) - Voice or Network Infrastructure
- Mitigation and Recommendations Non-Dos Data or Voice Service Outages
- Mitigation and Recommendations Environmental Control Issues ndash Power and Cooling
- Mitigation and Recommendations Vulnerabilities of Converged Networks
- Slide 25
- Conclusions
- Slide 27
-
Network Architecture for IT and Communications
bull CENTRALIZEDbull Places all the applications mgmt and network connections in a
single pointbull Worked well when networks and computers were expensivebull Initially used by large organizations
bull HORIZONTALbull Resembles an organizational chartbull Large enterprises like banks and schools with off- campus facilities
fit this modelbull The architecture design is flexible and can last a long time
bull HIERARCHICALbull More flexible allows sites to be added easilybull Loss of one site does not bring down the operation of other sitesbull Modular approach can produce a longer lasting solution
bull Architecture of Choice ndash Consistent Obvious (similar to other experiences limiting training expenses and reducing errors) amp Intuitive
AGENDA
bull Concept of Network Convergencebull Why Network Convergencebull What are the types of Convergencebull Obstructions to Network Convergencebull Security concerns and Mitigation stepsbull Conclusion
Obstructions to Network Convergence
bull Inertia needed to change infrastructure ndash You would have invested considerable time material and effort for the existing Network
bull Regulatory ndash Massive Governmental regulatory regime
bull Human Factors ndash users consumers have to be convinced of the benefits
bull Protocol Standards and Compatibility Issues -In some converged services the market has not stabilized thus standards and compatibility remains a potential problem
bull Clash of Cultures - Telecommunication and IT take polar views of how a network should run Telecom staffers believe data Networks are unstable while IT managers tend towards networking (fast packet rates)
bull Need to Interoperate with existing Infrastructure amp Applications -
No new solution will be acceptable if it does not interoperate with existing systems and applications
bull Unproven reliability and availability - In case of major technological changes CEOs want to have POC that new system will perform at levels
equal to or exceeding the existing system
AGENDA
bull Concept of Network Convergence
bull Why Network Convergence
bull What are the types of Convergence
bull Obstructions to Network Convergence
bull Security concerns and Mitigation steps
bull Conclusion
Security concerns on converged Networks
Threats and Attacks - Denial of Service (DoS) ndash Voice
or Network Infrastructurebull 1048707 Malicious codebull 1048707 System vulnerabilitiesbull 1048707 Unauthorized accessbull 1048707 Packet or call floodsbull 1048707 Network or call routingforwarding
disruptionsbull 1048707 Priority queue exhaustionbull 1048707 Invalid connection terminationsbull 1048707 Spam over Internet Telephony (SPIT)bull 1048707 Account lockouts
Security concerns on converged Networks- Contd
Threats and Attacks - Non DoS data or Voice
Service outage
bull Hardware or software failurebull Loss of power or coolingbull Cable cutsbull Improper configurationbull Insufficient change and problem management practices
Security concerns on converged Networks- Contd
bull Threats and Attacks - Environmental Control Issues ndash Power and Cooling
bull Terrorism
bull Utilities
bull Accidental
bull Acts of nature
bull Equipment failure
Threats and Attacks-Vulnerabilities of Converged Networks
bull Attacks against the data network and services can indirectly or directly affect voice services
bull The data network can provide communication paths that permit attacks directly against the voice environment
bull One current area of concern is the use of IP soft phones or other IP voice communications applications on the data network
ndash Prevents the use of strong conventional approaches to logical separation and protection
ndash PCs have demonstrated continued susceptibility to mal ware and spy ware
Security concerns on converged Networks- Contd
Threats and Attacks Malicious Code bull The data industry is very familiar with mal ware
threats and attacks IP voice services will naturally face similar issues
bull IP voice services must be concerned with both mal ware attacks in the data environment as well as attacks directed at the voice environment
bull Malicious code can be introduced in a variety of ways
ndash Exploit vulnerabilities in applications or operating system ndash E-mail attachments ndash Instant messaging programs
bull Common attacks and infections ndash Trojan horse worms bots key-loggers root kits and spy ware
Threats and AttacksIdentity Privacy and Integrity Issues
bull Session hi-jackingbull Compromised system
accountsbull Unauthorized call routingbull Unauthorized access to
voice or NW componentsbull Unauthorized data
accessbull Unwanted content
exposurebull Malicious code and spy
ware
bull Social Engineeringbull Phishing schemesbull Network identity
masqueradingbull Voice identity
masqueradingbull Unauthorized NW accessbull Unauthorized access to
voice servicesbull Caller-ID hacksbull Voice mailbox squatting
or redirection
MitigationandRecommendations
Mitigation and RecommendationsDenial of Service (DoS) - Voice or Network Infrastructure
bull Follow ldquoBest Practicesrdquobull Process and procedures for secure configuration
management and operationbull Harden voice and network infrastructure devices thru
embedded or adjunct mechanismsbull Control network traffic to limit exposure to attacks and
minimize damagebull Compartmentalize networks and services for voice and
databull Implement NW access authentication where
possiblefeasible bull Utilize emerging technologies for admission controlbull Utilize verified software and firmware (such as IP phone
firmware)
Mitigation and RecommendationsNon-Dos Data or Voice Service Outages
bull Redundant networks data services and voice services
ndash Diverse paths and diverse providers where possible and appropriate
ndash Provide redundant centralized services that are geographically
dispersedbull Backup and emergency voice servicesbull Redundant and diverse power ndash Multiple feeds circuits UPS generators devices with dual
power suppliesbull Redundant and resilient cooling andor provide
for emergency procedures and equipmentbull Develop disaster recovery plans and procedures
(include backup equipment and backup sites)
Mitigation and RecommendationsEnvironmental Control Issues ndash Power and Cooling
bull Multiple diverse path building power feedsbull Network and voice devices should use diverse building
powerbull Utilize Power-over-Ethernet (PoE)bull Utilize UPS power for infrastructure devicesbull Utilize emergency generator backup power for critical
componentsbull Provision portable AC units for critical infrastructure
componentsbull Develop standards policies and procedures for dealing
with environmental control issues
Mitigation and RecommendationsVulnerabilities of Converged Networks
bull Develop process and procedures for secure configuration
management and operation of NW and voice infrastructure
devices
bull Access authentication particularly in common areas
bull Disable unused services or protocols on voice compartments
bull Restrict access to services or protocols in the voice compartment that are used by management and support
bull Disable embedded data switch ports on IP phones when not
neededdesired (such as lobbies cafeterias etc)
AGENDA
bull Concept of Network Convergence
bull Why Network Convergence
bull What are the types of Convergence
bull Obstructions to Network Convergence
bull Security concerns and Mitigation steps
bull Conclusion
Conclusions
bull Look at Convergence on a broad anglebull Donrsquot focus too much on Technological
capabilities alonebull You need not be market leader Best to be market
followerbull Be agile work smarter Identify new challenges
earlybull Respond more effectively and compete more
successfullybull Ensure compliance Manage all forms of risks
more effectivelybull Integrate your channels to market effectively
through converged IT and communication servicesbull Protect - Detect - React to Security breaches
Thank Youamp
Your questions are welcome
Contact yesarebeyahoocom
- PowerPoint Presentation
- AGENDA
- Slide 3
- Concept of Network Convergence
- Concept of Network Convergence-Contd
- Slide 6
- Why Network Convergence
- Slide 8
- Types of Convergence
- Network Architecture for IT and Communications
- Slide 11
- Obstructions to Network Convergence
- Slide 13
- Security concerns on converged Networks
- Security concerns on converged Networks- Contd
- Slide 16
- Threats and Attacks-Vulnerabilities of Converged Networks
- Slide 18
- Threats and Attacks Identity Privacy and Integrity Issues
- Slide 20
- Mitigation and Recommendations Denial of Service (DoS) - Voice or Network Infrastructure
- Mitigation and Recommendations Non-Dos Data or Voice Service Outages
- Mitigation and Recommendations Environmental Control Issues ndash Power and Cooling
- Mitigation and Recommendations Vulnerabilities of Converged Networks
- Slide 25
- Conclusions
- Slide 27
-
AGENDA
bull Concept of Network Convergencebull Why Network Convergencebull What are the types of Convergencebull Obstructions to Network Convergencebull Security concerns and Mitigation stepsbull Conclusion
Obstructions to Network Convergence
bull Inertia needed to change infrastructure ndash You would have invested considerable time material and effort for the existing Network
bull Regulatory ndash Massive Governmental regulatory regime
bull Human Factors ndash users consumers have to be convinced of the benefits
bull Protocol Standards and Compatibility Issues -In some converged services the market has not stabilized thus standards and compatibility remains a potential problem
bull Clash of Cultures - Telecommunication and IT take polar views of how a network should run Telecom staffers believe data Networks are unstable while IT managers tend towards networking (fast packet rates)
bull Need to Interoperate with existing Infrastructure amp Applications -
No new solution will be acceptable if it does not interoperate with existing systems and applications
bull Unproven reliability and availability - In case of major technological changes CEOs want to have POC that new system will perform at levels
equal to or exceeding the existing system
AGENDA
bull Concept of Network Convergence
bull Why Network Convergence
bull What are the types of Convergence
bull Obstructions to Network Convergence
bull Security concerns and Mitigation steps
bull Conclusion
Security concerns on converged Networks
Threats and Attacks - Denial of Service (DoS) ndash Voice
or Network Infrastructurebull 1048707 Malicious codebull 1048707 System vulnerabilitiesbull 1048707 Unauthorized accessbull 1048707 Packet or call floodsbull 1048707 Network or call routingforwarding
disruptionsbull 1048707 Priority queue exhaustionbull 1048707 Invalid connection terminationsbull 1048707 Spam over Internet Telephony (SPIT)bull 1048707 Account lockouts
Security concerns on converged Networks- Contd
Threats and Attacks - Non DoS data or Voice
Service outage
bull Hardware or software failurebull Loss of power or coolingbull Cable cutsbull Improper configurationbull Insufficient change and problem management practices
Security concerns on converged Networks- Contd
bull Threats and Attacks - Environmental Control Issues ndash Power and Cooling
bull Terrorism
bull Utilities
bull Accidental
bull Acts of nature
bull Equipment failure
Threats and Attacks-Vulnerabilities of Converged Networks
bull Attacks against the data network and services can indirectly or directly affect voice services
bull The data network can provide communication paths that permit attacks directly against the voice environment
bull One current area of concern is the use of IP soft phones or other IP voice communications applications on the data network
ndash Prevents the use of strong conventional approaches to logical separation and protection
ndash PCs have demonstrated continued susceptibility to mal ware and spy ware
Security concerns on converged Networks- Contd
Threats and Attacks Malicious Code bull The data industry is very familiar with mal ware
threats and attacks IP voice services will naturally face similar issues
bull IP voice services must be concerned with both mal ware attacks in the data environment as well as attacks directed at the voice environment
bull Malicious code can be introduced in a variety of ways
ndash Exploit vulnerabilities in applications or operating system ndash E-mail attachments ndash Instant messaging programs
bull Common attacks and infections ndash Trojan horse worms bots key-loggers root kits and spy ware
Threats and AttacksIdentity Privacy and Integrity Issues
bull Session hi-jackingbull Compromised system
accountsbull Unauthorized call routingbull Unauthorized access to
voice or NW componentsbull Unauthorized data
accessbull Unwanted content
exposurebull Malicious code and spy
ware
bull Social Engineeringbull Phishing schemesbull Network identity
masqueradingbull Voice identity
masqueradingbull Unauthorized NW accessbull Unauthorized access to
voice servicesbull Caller-ID hacksbull Voice mailbox squatting
or redirection
MitigationandRecommendations
Mitigation and RecommendationsDenial of Service (DoS) - Voice or Network Infrastructure
bull Follow ldquoBest Practicesrdquobull Process and procedures for secure configuration
management and operationbull Harden voice and network infrastructure devices thru
embedded or adjunct mechanismsbull Control network traffic to limit exposure to attacks and
minimize damagebull Compartmentalize networks and services for voice and
databull Implement NW access authentication where
possiblefeasible bull Utilize emerging technologies for admission controlbull Utilize verified software and firmware (such as IP phone
firmware)
Mitigation and RecommendationsNon-Dos Data or Voice Service Outages
bull Redundant networks data services and voice services
ndash Diverse paths and diverse providers where possible and appropriate
ndash Provide redundant centralized services that are geographically
dispersedbull Backup and emergency voice servicesbull Redundant and diverse power ndash Multiple feeds circuits UPS generators devices with dual
power suppliesbull Redundant and resilient cooling andor provide
for emergency procedures and equipmentbull Develop disaster recovery plans and procedures
(include backup equipment and backup sites)
Mitigation and RecommendationsEnvironmental Control Issues ndash Power and Cooling
bull Multiple diverse path building power feedsbull Network and voice devices should use diverse building
powerbull Utilize Power-over-Ethernet (PoE)bull Utilize UPS power for infrastructure devicesbull Utilize emergency generator backup power for critical
componentsbull Provision portable AC units for critical infrastructure
componentsbull Develop standards policies and procedures for dealing
with environmental control issues
Mitigation and RecommendationsVulnerabilities of Converged Networks
bull Develop process and procedures for secure configuration
management and operation of NW and voice infrastructure
devices
bull Access authentication particularly in common areas
bull Disable unused services or protocols on voice compartments
bull Restrict access to services or protocols in the voice compartment that are used by management and support
bull Disable embedded data switch ports on IP phones when not
neededdesired (such as lobbies cafeterias etc)
AGENDA
bull Concept of Network Convergence
bull Why Network Convergence
bull What are the types of Convergence
bull Obstructions to Network Convergence
bull Security concerns and Mitigation steps
bull Conclusion
Conclusions
bull Look at Convergence on a broad anglebull Donrsquot focus too much on Technological
capabilities alonebull You need not be market leader Best to be market
followerbull Be agile work smarter Identify new challenges
earlybull Respond more effectively and compete more
successfullybull Ensure compliance Manage all forms of risks
more effectivelybull Integrate your channels to market effectively
through converged IT and communication servicesbull Protect - Detect - React to Security breaches
Thank Youamp
Your questions are welcome
Contact yesarebeyahoocom
- PowerPoint Presentation
- AGENDA
- Slide 3
- Concept of Network Convergence
- Concept of Network Convergence-Contd
- Slide 6
- Why Network Convergence
- Slide 8
- Types of Convergence
- Network Architecture for IT and Communications
- Slide 11
- Obstructions to Network Convergence
- Slide 13
- Security concerns on converged Networks
- Security concerns on converged Networks- Contd
- Slide 16
- Threats and Attacks-Vulnerabilities of Converged Networks
- Slide 18
- Threats and Attacks Identity Privacy and Integrity Issues
- Slide 20
- Mitigation and Recommendations Denial of Service (DoS) - Voice or Network Infrastructure
- Mitigation and Recommendations Non-Dos Data or Voice Service Outages
- Mitigation and Recommendations Environmental Control Issues ndash Power and Cooling
- Mitigation and Recommendations Vulnerabilities of Converged Networks
- Slide 25
- Conclusions
- Slide 27
-
Obstructions to Network Convergence
bull Inertia needed to change infrastructure ndash You would have invested considerable time material and effort for the existing Network
bull Regulatory ndash Massive Governmental regulatory regime
bull Human Factors ndash users consumers have to be convinced of the benefits
bull Protocol Standards and Compatibility Issues -In some converged services the market has not stabilized thus standards and compatibility remains a potential problem
bull Clash of Cultures - Telecommunication and IT take polar views of how a network should run Telecom staffers believe data Networks are unstable while IT managers tend towards networking (fast packet rates)
bull Need to Interoperate with existing Infrastructure amp Applications -
No new solution will be acceptable if it does not interoperate with existing systems and applications
bull Unproven reliability and availability - In case of major technological changes CEOs want to have POC that new system will perform at levels
equal to or exceeding the existing system
AGENDA
bull Concept of Network Convergence
bull Why Network Convergence
bull What are the types of Convergence
bull Obstructions to Network Convergence
bull Security concerns and Mitigation steps
bull Conclusion
Security concerns on converged Networks
Threats and Attacks - Denial of Service (DoS) ndash Voice
or Network Infrastructurebull 1048707 Malicious codebull 1048707 System vulnerabilitiesbull 1048707 Unauthorized accessbull 1048707 Packet or call floodsbull 1048707 Network or call routingforwarding
disruptionsbull 1048707 Priority queue exhaustionbull 1048707 Invalid connection terminationsbull 1048707 Spam over Internet Telephony (SPIT)bull 1048707 Account lockouts
Security concerns on converged Networks- Contd
Threats and Attacks - Non DoS data or Voice
Service outage
bull Hardware or software failurebull Loss of power or coolingbull Cable cutsbull Improper configurationbull Insufficient change and problem management practices
Security concerns on converged Networks- Contd
bull Threats and Attacks - Environmental Control Issues ndash Power and Cooling
bull Terrorism
bull Utilities
bull Accidental
bull Acts of nature
bull Equipment failure
Threats and Attacks-Vulnerabilities of Converged Networks
bull Attacks against the data network and services can indirectly or directly affect voice services
bull The data network can provide communication paths that permit attacks directly against the voice environment
bull One current area of concern is the use of IP soft phones or other IP voice communications applications on the data network
ndash Prevents the use of strong conventional approaches to logical separation and protection
ndash PCs have demonstrated continued susceptibility to mal ware and spy ware
Security concerns on converged Networks- Contd
Threats and Attacks Malicious Code bull The data industry is very familiar with mal ware
threats and attacks IP voice services will naturally face similar issues
bull IP voice services must be concerned with both mal ware attacks in the data environment as well as attacks directed at the voice environment
bull Malicious code can be introduced in a variety of ways
ndash Exploit vulnerabilities in applications or operating system ndash E-mail attachments ndash Instant messaging programs
bull Common attacks and infections ndash Trojan horse worms bots key-loggers root kits and spy ware
Threats and AttacksIdentity Privacy and Integrity Issues
bull Session hi-jackingbull Compromised system
accountsbull Unauthorized call routingbull Unauthorized access to
voice or NW componentsbull Unauthorized data
accessbull Unwanted content
exposurebull Malicious code and spy
ware
bull Social Engineeringbull Phishing schemesbull Network identity
masqueradingbull Voice identity
masqueradingbull Unauthorized NW accessbull Unauthorized access to
voice servicesbull Caller-ID hacksbull Voice mailbox squatting
or redirection
MitigationandRecommendations
Mitigation and RecommendationsDenial of Service (DoS) - Voice or Network Infrastructure
bull Follow ldquoBest Practicesrdquobull Process and procedures for secure configuration
management and operationbull Harden voice and network infrastructure devices thru
embedded or adjunct mechanismsbull Control network traffic to limit exposure to attacks and
minimize damagebull Compartmentalize networks and services for voice and
databull Implement NW access authentication where
possiblefeasible bull Utilize emerging technologies for admission controlbull Utilize verified software and firmware (such as IP phone
firmware)
Mitigation and RecommendationsNon-Dos Data or Voice Service Outages
bull Redundant networks data services and voice services
ndash Diverse paths and diverse providers where possible and appropriate
ndash Provide redundant centralized services that are geographically
dispersedbull Backup and emergency voice servicesbull Redundant and diverse power ndash Multiple feeds circuits UPS generators devices with dual
power suppliesbull Redundant and resilient cooling andor provide
for emergency procedures and equipmentbull Develop disaster recovery plans and procedures
(include backup equipment and backup sites)
Mitigation and RecommendationsEnvironmental Control Issues ndash Power and Cooling
bull Multiple diverse path building power feedsbull Network and voice devices should use diverse building
powerbull Utilize Power-over-Ethernet (PoE)bull Utilize UPS power for infrastructure devicesbull Utilize emergency generator backup power for critical
componentsbull Provision portable AC units for critical infrastructure
componentsbull Develop standards policies and procedures for dealing
with environmental control issues
Mitigation and RecommendationsVulnerabilities of Converged Networks
bull Develop process and procedures for secure configuration
management and operation of NW and voice infrastructure
devices
bull Access authentication particularly in common areas
bull Disable unused services or protocols on voice compartments
bull Restrict access to services or protocols in the voice compartment that are used by management and support
bull Disable embedded data switch ports on IP phones when not
neededdesired (such as lobbies cafeterias etc)
AGENDA
bull Concept of Network Convergence
bull Why Network Convergence
bull What are the types of Convergence
bull Obstructions to Network Convergence
bull Security concerns and Mitigation steps
bull Conclusion
Conclusions
bull Look at Convergence on a broad anglebull Donrsquot focus too much on Technological
capabilities alonebull You need not be market leader Best to be market
followerbull Be agile work smarter Identify new challenges
earlybull Respond more effectively and compete more
successfullybull Ensure compliance Manage all forms of risks
more effectivelybull Integrate your channels to market effectively
through converged IT and communication servicesbull Protect - Detect - React to Security breaches
Thank Youamp
Your questions are welcome
Contact yesarebeyahoocom
- PowerPoint Presentation
- AGENDA
- Slide 3
- Concept of Network Convergence
- Concept of Network Convergence-Contd
- Slide 6
- Why Network Convergence
- Slide 8
- Types of Convergence
- Network Architecture for IT and Communications
- Slide 11
- Obstructions to Network Convergence
- Slide 13
- Security concerns on converged Networks
- Security concerns on converged Networks- Contd
- Slide 16
- Threats and Attacks-Vulnerabilities of Converged Networks
- Slide 18
- Threats and Attacks Identity Privacy and Integrity Issues
- Slide 20
- Mitigation and Recommendations Denial of Service (DoS) - Voice or Network Infrastructure
- Mitigation and Recommendations Non-Dos Data or Voice Service Outages
- Mitigation and Recommendations Environmental Control Issues ndash Power and Cooling
- Mitigation and Recommendations Vulnerabilities of Converged Networks
- Slide 25
- Conclusions
- Slide 27
-
AGENDA
bull Concept of Network Convergence
bull Why Network Convergence
bull What are the types of Convergence
bull Obstructions to Network Convergence
bull Security concerns and Mitigation steps
bull Conclusion
Security concerns on converged Networks
Threats and Attacks - Denial of Service (DoS) ndash Voice
or Network Infrastructurebull 1048707 Malicious codebull 1048707 System vulnerabilitiesbull 1048707 Unauthorized accessbull 1048707 Packet or call floodsbull 1048707 Network or call routingforwarding
disruptionsbull 1048707 Priority queue exhaustionbull 1048707 Invalid connection terminationsbull 1048707 Spam over Internet Telephony (SPIT)bull 1048707 Account lockouts
Security concerns on converged Networks- Contd
Threats and Attacks - Non DoS data or Voice
Service outage
bull Hardware or software failurebull Loss of power or coolingbull Cable cutsbull Improper configurationbull Insufficient change and problem management practices
Security concerns on converged Networks- Contd
bull Threats and Attacks - Environmental Control Issues ndash Power and Cooling
bull Terrorism
bull Utilities
bull Accidental
bull Acts of nature
bull Equipment failure
Threats and Attacks-Vulnerabilities of Converged Networks
bull Attacks against the data network and services can indirectly or directly affect voice services
bull The data network can provide communication paths that permit attacks directly against the voice environment
bull One current area of concern is the use of IP soft phones or other IP voice communications applications on the data network
ndash Prevents the use of strong conventional approaches to logical separation and protection
ndash PCs have demonstrated continued susceptibility to mal ware and spy ware
Security concerns on converged Networks- Contd
Threats and Attacks Malicious Code bull The data industry is very familiar with mal ware
threats and attacks IP voice services will naturally face similar issues
bull IP voice services must be concerned with both mal ware attacks in the data environment as well as attacks directed at the voice environment
bull Malicious code can be introduced in a variety of ways
ndash Exploit vulnerabilities in applications or operating system ndash E-mail attachments ndash Instant messaging programs
bull Common attacks and infections ndash Trojan horse worms bots key-loggers root kits and spy ware
Threats and AttacksIdentity Privacy and Integrity Issues
bull Session hi-jackingbull Compromised system
accountsbull Unauthorized call routingbull Unauthorized access to
voice or NW componentsbull Unauthorized data
accessbull Unwanted content
exposurebull Malicious code and spy
ware
bull Social Engineeringbull Phishing schemesbull Network identity
masqueradingbull Voice identity
masqueradingbull Unauthorized NW accessbull Unauthorized access to
voice servicesbull Caller-ID hacksbull Voice mailbox squatting
or redirection
MitigationandRecommendations
Mitigation and RecommendationsDenial of Service (DoS) - Voice or Network Infrastructure
bull Follow ldquoBest Practicesrdquobull Process and procedures for secure configuration
management and operationbull Harden voice and network infrastructure devices thru
embedded or adjunct mechanismsbull Control network traffic to limit exposure to attacks and
minimize damagebull Compartmentalize networks and services for voice and
databull Implement NW access authentication where
possiblefeasible bull Utilize emerging technologies for admission controlbull Utilize verified software and firmware (such as IP phone
firmware)
Mitigation and RecommendationsNon-Dos Data or Voice Service Outages
bull Redundant networks data services and voice services
ndash Diverse paths and diverse providers where possible and appropriate
ndash Provide redundant centralized services that are geographically
dispersedbull Backup and emergency voice servicesbull Redundant and diverse power ndash Multiple feeds circuits UPS generators devices with dual
power suppliesbull Redundant and resilient cooling andor provide
for emergency procedures and equipmentbull Develop disaster recovery plans and procedures
(include backup equipment and backup sites)
Mitigation and RecommendationsEnvironmental Control Issues ndash Power and Cooling
bull Multiple diverse path building power feedsbull Network and voice devices should use diverse building
powerbull Utilize Power-over-Ethernet (PoE)bull Utilize UPS power for infrastructure devicesbull Utilize emergency generator backup power for critical
componentsbull Provision portable AC units for critical infrastructure
componentsbull Develop standards policies and procedures for dealing
with environmental control issues
Mitigation and RecommendationsVulnerabilities of Converged Networks
bull Develop process and procedures for secure configuration
management and operation of NW and voice infrastructure
devices
bull Access authentication particularly in common areas
bull Disable unused services or protocols on voice compartments
bull Restrict access to services or protocols in the voice compartment that are used by management and support
bull Disable embedded data switch ports on IP phones when not
neededdesired (such as lobbies cafeterias etc)
AGENDA
bull Concept of Network Convergence
bull Why Network Convergence
bull What are the types of Convergence
bull Obstructions to Network Convergence
bull Security concerns and Mitigation steps
bull Conclusion
Conclusions
bull Look at Convergence on a broad anglebull Donrsquot focus too much on Technological
capabilities alonebull You need not be market leader Best to be market
followerbull Be agile work smarter Identify new challenges
earlybull Respond more effectively and compete more
successfullybull Ensure compliance Manage all forms of risks
more effectivelybull Integrate your channels to market effectively
through converged IT and communication servicesbull Protect - Detect - React to Security breaches
Thank Youamp
Your questions are welcome
Contact yesarebeyahoocom
- PowerPoint Presentation
- AGENDA
- Slide 3
- Concept of Network Convergence
- Concept of Network Convergence-Contd
- Slide 6
- Why Network Convergence
- Slide 8
- Types of Convergence
- Network Architecture for IT and Communications
- Slide 11
- Obstructions to Network Convergence
- Slide 13
- Security concerns on converged Networks
- Security concerns on converged Networks- Contd
- Slide 16
- Threats and Attacks-Vulnerabilities of Converged Networks
- Slide 18
- Threats and Attacks Identity Privacy and Integrity Issues
- Slide 20
- Mitigation and Recommendations Denial of Service (DoS) - Voice or Network Infrastructure
- Mitigation and Recommendations Non-Dos Data or Voice Service Outages
- Mitigation and Recommendations Environmental Control Issues ndash Power and Cooling
- Mitigation and Recommendations Vulnerabilities of Converged Networks
- Slide 25
- Conclusions
- Slide 27
-
Security concerns on converged Networks
Threats and Attacks - Denial of Service (DoS) ndash Voice
or Network Infrastructurebull 1048707 Malicious codebull 1048707 System vulnerabilitiesbull 1048707 Unauthorized accessbull 1048707 Packet or call floodsbull 1048707 Network or call routingforwarding
disruptionsbull 1048707 Priority queue exhaustionbull 1048707 Invalid connection terminationsbull 1048707 Spam over Internet Telephony (SPIT)bull 1048707 Account lockouts
Security concerns on converged Networks- Contd
Threats and Attacks - Non DoS data or Voice
Service outage
bull Hardware or software failurebull Loss of power or coolingbull Cable cutsbull Improper configurationbull Insufficient change and problem management practices
Security concerns on converged Networks- Contd
bull Threats and Attacks - Environmental Control Issues ndash Power and Cooling
bull Terrorism
bull Utilities
bull Accidental
bull Acts of nature
bull Equipment failure
Threats and Attacks-Vulnerabilities of Converged Networks
bull Attacks against the data network and services can indirectly or directly affect voice services
bull The data network can provide communication paths that permit attacks directly against the voice environment
bull One current area of concern is the use of IP soft phones or other IP voice communications applications on the data network
ndash Prevents the use of strong conventional approaches to logical separation and protection
ndash PCs have demonstrated continued susceptibility to mal ware and spy ware
Security concerns on converged Networks- Contd
Threats and Attacks Malicious Code bull The data industry is very familiar with mal ware
threats and attacks IP voice services will naturally face similar issues
bull IP voice services must be concerned with both mal ware attacks in the data environment as well as attacks directed at the voice environment
bull Malicious code can be introduced in a variety of ways
ndash Exploit vulnerabilities in applications or operating system ndash E-mail attachments ndash Instant messaging programs
bull Common attacks and infections ndash Trojan horse worms bots key-loggers root kits and spy ware
Threats and AttacksIdentity Privacy and Integrity Issues
bull Session hi-jackingbull Compromised system
accountsbull Unauthorized call routingbull Unauthorized access to
voice or NW componentsbull Unauthorized data
accessbull Unwanted content
exposurebull Malicious code and spy
ware
bull Social Engineeringbull Phishing schemesbull Network identity
masqueradingbull Voice identity
masqueradingbull Unauthorized NW accessbull Unauthorized access to
voice servicesbull Caller-ID hacksbull Voice mailbox squatting
or redirection
MitigationandRecommendations
Mitigation and RecommendationsDenial of Service (DoS) - Voice or Network Infrastructure
bull Follow ldquoBest Practicesrdquobull Process and procedures for secure configuration
management and operationbull Harden voice and network infrastructure devices thru
embedded or adjunct mechanismsbull Control network traffic to limit exposure to attacks and
minimize damagebull Compartmentalize networks and services for voice and
databull Implement NW access authentication where
possiblefeasible bull Utilize emerging technologies for admission controlbull Utilize verified software and firmware (such as IP phone
firmware)
Mitigation and RecommendationsNon-Dos Data or Voice Service Outages
bull Redundant networks data services and voice services
ndash Diverse paths and diverse providers where possible and appropriate
ndash Provide redundant centralized services that are geographically
dispersedbull Backup and emergency voice servicesbull Redundant and diverse power ndash Multiple feeds circuits UPS generators devices with dual
power suppliesbull Redundant and resilient cooling andor provide
for emergency procedures and equipmentbull Develop disaster recovery plans and procedures
(include backup equipment and backup sites)
Mitigation and RecommendationsEnvironmental Control Issues ndash Power and Cooling
bull Multiple diverse path building power feedsbull Network and voice devices should use diverse building
powerbull Utilize Power-over-Ethernet (PoE)bull Utilize UPS power for infrastructure devicesbull Utilize emergency generator backup power for critical
componentsbull Provision portable AC units for critical infrastructure
componentsbull Develop standards policies and procedures for dealing
with environmental control issues
Mitigation and RecommendationsVulnerabilities of Converged Networks
bull Develop process and procedures for secure configuration
management and operation of NW and voice infrastructure
devices
bull Access authentication particularly in common areas
bull Disable unused services or protocols on voice compartments
bull Restrict access to services or protocols in the voice compartment that are used by management and support
bull Disable embedded data switch ports on IP phones when not
neededdesired (such as lobbies cafeterias etc)
AGENDA
bull Concept of Network Convergence
bull Why Network Convergence
bull What are the types of Convergence
bull Obstructions to Network Convergence
bull Security concerns and Mitigation steps
bull Conclusion
Conclusions
bull Look at Convergence on a broad anglebull Donrsquot focus too much on Technological
capabilities alonebull You need not be market leader Best to be market
followerbull Be agile work smarter Identify new challenges
earlybull Respond more effectively and compete more
successfullybull Ensure compliance Manage all forms of risks
more effectivelybull Integrate your channels to market effectively
through converged IT and communication servicesbull Protect - Detect - React to Security breaches
Thank Youamp
Your questions are welcome
Contact yesarebeyahoocom
- PowerPoint Presentation
- AGENDA
- Slide 3
- Concept of Network Convergence
- Concept of Network Convergence-Contd
- Slide 6
- Why Network Convergence
- Slide 8
- Types of Convergence
- Network Architecture for IT and Communications
- Slide 11
- Obstructions to Network Convergence
- Slide 13
- Security concerns on converged Networks
- Security concerns on converged Networks- Contd
- Slide 16
- Threats and Attacks-Vulnerabilities of Converged Networks
- Slide 18
- Threats and Attacks Identity Privacy and Integrity Issues
- Slide 20
- Mitigation and Recommendations Denial of Service (DoS) - Voice or Network Infrastructure
- Mitigation and Recommendations Non-Dos Data or Voice Service Outages
- Mitigation and Recommendations Environmental Control Issues ndash Power and Cooling
- Mitigation and Recommendations Vulnerabilities of Converged Networks
- Slide 25
- Conclusions
- Slide 27
-
Security concerns on converged Networks- Contd
Threats and Attacks - Non DoS data or Voice
Service outage
bull Hardware or software failurebull Loss of power or coolingbull Cable cutsbull Improper configurationbull Insufficient change and problem management practices
Security concerns on converged Networks- Contd
bull Threats and Attacks - Environmental Control Issues ndash Power and Cooling
bull Terrorism
bull Utilities
bull Accidental
bull Acts of nature
bull Equipment failure
Threats and Attacks-Vulnerabilities of Converged Networks
bull Attacks against the data network and services can indirectly or directly affect voice services
bull The data network can provide communication paths that permit attacks directly against the voice environment
bull One current area of concern is the use of IP soft phones or other IP voice communications applications on the data network
ndash Prevents the use of strong conventional approaches to logical separation and protection
ndash PCs have demonstrated continued susceptibility to mal ware and spy ware
Security concerns on converged Networks- Contd
Threats and Attacks Malicious Code bull The data industry is very familiar with mal ware
threats and attacks IP voice services will naturally face similar issues
bull IP voice services must be concerned with both mal ware attacks in the data environment as well as attacks directed at the voice environment
bull Malicious code can be introduced in a variety of ways
ndash Exploit vulnerabilities in applications or operating system ndash E-mail attachments ndash Instant messaging programs
bull Common attacks and infections ndash Trojan horse worms bots key-loggers root kits and spy ware
Threats and AttacksIdentity Privacy and Integrity Issues
bull Session hi-jackingbull Compromised system
accountsbull Unauthorized call routingbull Unauthorized access to
voice or NW componentsbull Unauthorized data
accessbull Unwanted content
exposurebull Malicious code and spy
ware
bull Social Engineeringbull Phishing schemesbull Network identity
masqueradingbull Voice identity
masqueradingbull Unauthorized NW accessbull Unauthorized access to
voice servicesbull Caller-ID hacksbull Voice mailbox squatting
or redirection
MitigationandRecommendations
Mitigation and RecommendationsDenial of Service (DoS) - Voice or Network Infrastructure
bull Follow ldquoBest Practicesrdquobull Process and procedures for secure configuration
management and operationbull Harden voice and network infrastructure devices thru
embedded or adjunct mechanismsbull Control network traffic to limit exposure to attacks and
minimize damagebull Compartmentalize networks and services for voice and
databull Implement NW access authentication where
possiblefeasible bull Utilize emerging technologies for admission controlbull Utilize verified software and firmware (such as IP phone
firmware)
Mitigation and RecommendationsNon-Dos Data or Voice Service Outages
bull Redundant networks data services and voice services
ndash Diverse paths and diverse providers where possible and appropriate
ndash Provide redundant centralized services that are geographically
dispersedbull Backup and emergency voice servicesbull Redundant and diverse power ndash Multiple feeds circuits UPS generators devices with dual
power suppliesbull Redundant and resilient cooling andor provide
for emergency procedures and equipmentbull Develop disaster recovery plans and procedures
(include backup equipment and backup sites)
Mitigation and RecommendationsEnvironmental Control Issues ndash Power and Cooling
bull Multiple diverse path building power feedsbull Network and voice devices should use diverse building
powerbull Utilize Power-over-Ethernet (PoE)bull Utilize UPS power for infrastructure devicesbull Utilize emergency generator backup power for critical
componentsbull Provision portable AC units for critical infrastructure
componentsbull Develop standards policies and procedures for dealing
with environmental control issues
Mitigation and RecommendationsVulnerabilities of Converged Networks
bull Develop process and procedures for secure configuration
management and operation of NW and voice infrastructure
devices
bull Access authentication particularly in common areas
bull Disable unused services or protocols on voice compartments
bull Restrict access to services or protocols in the voice compartment that are used by management and support
bull Disable embedded data switch ports on IP phones when not
neededdesired (such as lobbies cafeterias etc)
AGENDA
bull Concept of Network Convergence
bull Why Network Convergence
bull What are the types of Convergence
bull Obstructions to Network Convergence
bull Security concerns and Mitigation steps
bull Conclusion
Conclusions
bull Look at Convergence on a broad anglebull Donrsquot focus too much on Technological
capabilities alonebull You need not be market leader Best to be market
followerbull Be agile work smarter Identify new challenges
earlybull Respond more effectively and compete more
successfullybull Ensure compliance Manage all forms of risks
more effectivelybull Integrate your channels to market effectively
through converged IT and communication servicesbull Protect - Detect - React to Security breaches
Thank Youamp
Your questions are welcome
Contact yesarebeyahoocom
- PowerPoint Presentation
- AGENDA
- Slide 3
- Concept of Network Convergence
- Concept of Network Convergence-Contd
- Slide 6
- Why Network Convergence
- Slide 8
- Types of Convergence
- Network Architecture for IT and Communications
- Slide 11
- Obstructions to Network Convergence
- Slide 13
- Security concerns on converged Networks
- Security concerns on converged Networks- Contd
- Slide 16
- Threats and Attacks-Vulnerabilities of Converged Networks
- Slide 18
- Threats and Attacks Identity Privacy and Integrity Issues
- Slide 20
- Mitigation and Recommendations Denial of Service (DoS) - Voice or Network Infrastructure
- Mitigation and Recommendations Non-Dos Data or Voice Service Outages
- Mitigation and Recommendations Environmental Control Issues ndash Power and Cooling
- Mitigation and Recommendations Vulnerabilities of Converged Networks
- Slide 25
- Conclusions
- Slide 27
-
Security concerns on converged Networks- Contd
bull Threats and Attacks - Environmental Control Issues ndash Power and Cooling
bull Terrorism
bull Utilities
bull Accidental
bull Acts of nature
bull Equipment failure
Threats and Attacks-Vulnerabilities of Converged Networks
bull Attacks against the data network and services can indirectly or directly affect voice services
bull The data network can provide communication paths that permit attacks directly against the voice environment
bull One current area of concern is the use of IP soft phones or other IP voice communications applications on the data network
ndash Prevents the use of strong conventional approaches to logical separation and protection
ndash PCs have demonstrated continued susceptibility to mal ware and spy ware
Security concerns on converged Networks- Contd
Threats and Attacks Malicious Code bull The data industry is very familiar with mal ware
threats and attacks IP voice services will naturally face similar issues
bull IP voice services must be concerned with both mal ware attacks in the data environment as well as attacks directed at the voice environment
bull Malicious code can be introduced in a variety of ways
ndash Exploit vulnerabilities in applications or operating system ndash E-mail attachments ndash Instant messaging programs
bull Common attacks and infections ndash Trojan horse worms bots key-loggers root kits and spy ware
Threats and AttacksIdentity Privacy and Integrity Issues
bull Session hi-jackingbull Compromised system
accountsbull Unauthorized call routingbull Unauthorized access to
voice or NW componentsbull Unauthorized data
accessbull Unwanted content
exposurebull Malicious code and spy
ware
bull Social Engineeringbull Phishing schemesbull Network identity
masqueradingbull Voice identity
masqueradingbull Unauthorized NW accessbull Unauthorized access to
voice servicesbull Caller-ID hacksbull Voice mailbox squatting
or redirection
MitigationandRecommendations
Mitigation and RecommendationsDenial of Service (DoS) - Voice or Network Infrastructure
bull Follow ldquoBest Practicesrdquobull Process and procedures for secure configuration
management and operationbull Harden voice and network infrastructure devices thru
embedded or adjunct mechanismsbull Control network traffic to limit exposure to attacks and
minimize damagebull Compartmentalize networks and services for voice and
databull Implement NW access authentication where
possiblefeasible bull Utilize emerging technologies for admission controlbull Utilize verified software and firmware (such as IP phone
firmware)
Mitigation and RecommendationsNon-Dos Data or Voice Service Outages
bull Redundant networks data services and voice services
ndash Diverse paths and diverse providers where possible and appropriate
ndash Provide redundant centralized services that are geographically
dispersedbull Backup and emergency voice servicesbull Redundant and diverse power ndash Multiple feeds circuits UPS generators devices with dual
power suppliesbull Redundant and resilient cooling andor provide
for emergency procedures and equipmentbull Develop disaster recovery plans and procedures
(include backup equipment and backup sites)
Mitigation and RecommendationsEnvironmental Control Issues ndash Power and Cooling
bull Multiple diverse path building power feedsbull Network and voice devices should use diverse building
powerbull Utilize Power-over-Ethernet (PoE)bull Utilize UPS power for infrastructure devicesbull Utilize emergency generator backup power for critical
componentsbull Provision portable AC units for critical infrastructure
componentsbull Develop standards policies and procedures for dealing
with environmental control issues
Mitigation and RecommendationsVulnerabilities of Converged Networks
bull Develop process and procedures for secure configuration
management and operation of NW and voice infrastructure
devices
bull Access authentication particularly in common areas
bull Disable unused services or protocols on voice compartments
bull Restrict access to services or protocols in the voice compartment that are used by management and support
bull Disable embedded data switch ports on IP phones when not
neededdesired (such as lobbies cafeterias etc)
AGENDA
bull Concept of Network Convergence
bull Why Network Convergence
bull What are the types of Convergence
bull Obstructions to Network Convergence
bull Security concerns and Mitigation steps
bull Conclusion
Conclusions
bull Look at Convergence on a broad anglebull Donrsquot focus too much on Technological
capabilities alonebull You need not be market leader Best to be market
followerbull Be agile work smarter Identify new challenges
earlybull Respond more effectively and compete more
successfullybull Ensure compliance Manage all forms of risks
more effectivelybull Integrate your channels to market effectively
through converged IT and communication servicesbull Protect - Detect - React to Security breaches
Thank Youamp
Your questions are welcome
Contact yesarebeyahoocom
- PowerPoint Presentation
- AGENDA
- Slide 3
- Concept of Network Convergence
- Concept of Network Convergence-Contd
- Slide 6
- Why Network Convergence
- Slide 8
- Types of Convergence
- Network Architecture for IT and Communications
- Slide 11
- Obstructions to Network Convergence
- Slide 13
- Security concerns on converged Networks
- Security concerns on converged Networks- Contd
- Slide 16
- Threats and Attacks-Vulnerabilities of Converged Networks
- Slide 18
- Threats and Attacks Identity Privacy and Integrity Issues
- Slide 20
- Mitigation and Recommendations Denial of Service (DoS) - Voice or Network Infrastructure
- Mitigation and Recommendations Non-Dos Data or Voice Service Outages
- Mitigation and Recommendations Environmental Control Issues ndash Power and Cooling
- Mitigation and Recommendations Vulnerabilities of Converged Networks
- Slide 25
- Conclusions
- Slide 27
-
Threats and Attacks-Vulnerabilities of Converged Networks
bull Attacks against the data network and services can indirectly or directly affect voice services
bull The data network can provide communication paths that permit attacks directly against the voice environment
bull One current area of concern is the use of IP soft phones or other IP voice communications applications on the data network
ndash Prevents the use of strong conventional approaches to logical separation and protection
ndash PCs have demonstrated continued susceptibility to mal ware and spy ware
Security concerns on converged Networks- Contd
Threats and Attacks Malicious Code bull The data industry is very familiar with mal ware
threats and attacks IP voice services will naturally face similar issues
bull IP voice services must be concerned with both mal ware attacks in the data environment as well as attacks directed at the voice environment
bull Malicious code can be introduced in a variety of ways
ndash Exploit vulnerabilities in applications or operating system ndash E-mail attachments ndash Instant messaging programs
bull Common attacks and infections ndash Trojan horse worms bots key-loggers root kits and spy ware
Threats and AttacksIdentity Privacy and Integrity Issues
bull Session hi-jackingbull Compromised system
accountsbull Unauthorized call routingbull Unauthorized access to
voice or NW componentsbull Unauthorized data
accessbull Unwanted content
exposurebull Malicious code and spy
ware
bull Social Engineeringbull Phishing schemesbull Network identity
masqueradingbull Voice identity
masqueradingbull Unauthorized NW accessbull Unauthorized access to
voice servicesbull Caller-ID hacksbull Voice mailbox squatting
or redirection
MitigationandRecommendations
Mitigation and RecommendationsDenial of Service (DoS) - Voice or Network Infrastructure
bull Follow ldquoBest Practicesrdquobull Process and procedures for secure configuration
management and operationbull Harden voice and network infrastructure devices thru
embedded or adjunct mechanismsbull Control network traffic to limit exposure to attacks and
minimize damagebull Compartmentalize networks and services for voice and
databull Implement NW access authentication where
possiblefeasible bull Utilize emerging technologies for admission controlbull Utilize verified software and firmware (such as IP phone
firmware)
Mitigation and RecommendationsNon-Dos Data or Voice Service Outages
bull Redundant networks data services and voice services
ndash Diverse paths and diverse providers where possible and appropriate
ndash Provide redundant centralized services that are geographically
dispersedbull Backup and emergency voice servicesbull Redundant and diverse power ndash Multiple feeds circuits UPS generators devices with dual
power suppliesbull Redundant and resilient cooling andor provide
for emergency procedures and equipmentbull Develop disaster recovery plans and procedures
(include backup equipment and backup sites)
Mitigation and RecommendationsEnvironmental Control Issues ndash Power and Cooling
bull Multiple diverse path building power feedsbull Network and voice devices should use diverse building
powerbull Utilize Power-over-Ethernet (PoE)bull Utilize UPS power for infrastructure devicesbull Utilize emergency generator backup power for critical
componentsbull Provision portable AC units for critical infrastructure
componentsbull Develop standards policies and procedures for dealing
with environmental control issues
Mitigation and RecommendationsVulnerabilities of Converged Networks
bull Develop process and procedures for secure configuration
management and operation of NW and voice infrastructure
devices
bull Access authentication particularly in common areas
bull Disable unused services or protocols on voice compartments
bull Restrict access to services or protocols in the voice compartment that are used by management and support
bull Disable embedded data switch ports on IP phones when not
neededdesired (such as lobbies cafeterias etc)
AGENDA
bull Concept of Network Convergence
bull Why Network Convergence
bull What are the types of Convergence
bull Obstructions to Network Convergence
bull Security concerns and Mitigation steps
bull Conclusion
Conclusions
bull Look at Convergence on a broad anglebull Donrsquot focus too much on Technological
capabilities alonebull You need not be market leader Best to be market
followerbull Be agile work smarter Identify new challenges
earlybull Respond more effectively and compete more
successfullybull Ensure compliance Manage all forms of risks
more effectivelybull Integrate your channels to market effectively
through converged IT and communication servicesbull Protect - Detect - React to Security breaches
Thank Youamp
Your questions are welcome
Contact yesarebeyahoocom
- PowerPoint Presentation
- AGENDA
- Slide 3
- Concept of Network Convergence
- Concept of Network Convergence-Contd
- Slide 6
- Why Network Convergence
- Slide 8
- Types of Convergence
- Network Architecture for IT and Communications
- Slide 11
- Obstructions to Network Convergence
- Slide 13
- Security concerns on converged Networks
- Security concerns on converged Networks- Contd
- Slide 16
- Threats and Attacks-Vulnerabilities of Converged Networks
- Slide 18
- Threats and Attacks Identity Privacy and Integrity Issues
- Slide 20
- Mitigation and Recommendations Denial of Service (DoS) - Voice or Network Infrastructure
- Mitigation and Recommendations Non-Dos Data or Voice Service Outages
- Mitigation and Recommendations Environmental Control Issues ndash Power and Cooling
- Mitigation and Recommendations Vulnerabilities of Converged Networks
- Slide 25
- Conclusions
- Slide 27
-
Security concerns on converged Networks- Contd
Threats and Attacks Malicious Code bull The data industry is very familiar with mal ware
threats and attacks IP voice services will naturally face similar issues
bull IP voice services must be concerned with both mal ware attacks in the data environment as well as attacks directed at the voice environment
bull Malicious code can be introduced in a variety of ways
ndash Exploit vulnerabilities in applications or operating system ndash E-mail attachments ndash Instant messaging programs
bull Common attacks and infections ndash Trojan horse worms bots key-loggers root kits and spy ware
Threats and AttacksIdentity Privacy and Integrity Issues
bull Session hi-jackingbull Compromised system
accountsbull Unauthorized call routingbull Unauthorized access to
voice or NW componentsbull Unauthorized data
accessbull Unwanted content
exposurebull Malicious code and spy
ware
bull Social Engineeringbull Phishing schemesbull Network identity
masqueradingbull Voice identity
masqueradingbull Unauthorized NW accessbull Unauthorized access to
voice servicesbull Caller-ID hacksbull Voice mailbox squatting
or redirection
MitigationandRecommendations
Mitigation and RecommendationsDenial of Service (DoS) - Voice or Network Infrastructure
bull Follow ldquoBest Practicesrdquobull Process and procedures for secure configuration
management and operationbull Harden voice and network infrastructure devices thru
embedded or adjunct mechanismsbull Control network traffic to limit exposure to attacks and
minimize damagebull Compartmentalize networks and services for voice and
databull Implement NW access authentication where
possiblefeasible bull Utilize emerging technologies for admission controlbull Utilize verified software and firmware (such as IP phone
firmware)
Mitigation and RecommendationsNon-Dos Data or Voice Service Outages
bull Redundant networks data services and voice services
ndash Diverse paths and diverse providers where possible and appropriate
ndash Provide redundant centralized services that are geographically
dispersedbull Backup and emergency voice servicesbull Redundant and diverse power ndash Multiple feeds circuits UPS generators devices with dual
power suppliesbull Redundant and resilient cooling andor provide
for emergency procedures and equipmentbull Develop disaster recovery plans and procedures
(include backup equipment and backup sites)
Mitigation and RecommendationsEnvironmental Control Issues ndash Power and Cooling
bull Multiple diverse path building power feedsbull Network and voice devices should use diverse building
powerbull Utilize Power-over-Ethernet (PoE)bull Utilize UPS power for infrastructure devicesbull Utilize emergency generator backup power for critical
componentsbull Provision portable AC units for critical infrastructure
componentsbull Develop standards policies and procedures for dealing
with environmental control issues
Mitigation and RecommendationsVulnerabilities of Converged Networks
bull Develop process and procedures for secure configuration
management and operation of NW and voice infrastructure
devices
bull Access authentication particularly in common areas
bull Disable unused services or protocols on voice compartments
bull Restrict access to services or protocols in the voice compartment that are used by management and support
bull Disable embedded data switch ports on IP phones when not
neededdesired (such as lobbies cafeterias etc)
AGENDA
bull Concept of Network Convergence
bull Why Network Convergence
bull What are the types of Convergence
bull Obstructions to Network Convergence
bull Security concerns and Mitigation steps
bull Conclusion
Conclusions
bull Look at Convergence on a broad anglebull Donrsquot focus too much on Technological
capabilities alonebull You need not be market leader Best to be market
followerbull Be agile work smarter Identify new challenges
earlybull Respond more effectively and compete more
successfullybull Ensure compliance Manage all forms of risks
more effectivelybull Integrate your channels to market effectively
through converged IT and communication servicesbull Protect - Detect - React to Security breaches
Thank Youamp
Your questions are welcome
Contact yesarebeyahoocom
- PowerPoint Presentation
- AGENDA
- Slide 3
- Concept of Network Convergence
- Concept of Network Convergence-Contd
- Slide 6
- Why Network Convergence
- Slide 8
- Types of Convergence
- Network Architecture for IT and Communications
- Slide 11
- Obstructions to Network Convergence
- Slide 13
- Security concerns on converged Networks
- Security concerns on converged Networks- Contd
- Slide 16
- Threats and Attacks-Vulnerabilities of Converged Networks
- Slide 18
- Threats and Attacks Identity Privacy and Integrity Issues
- Slide 20
- Mitigation and Recommendations Denial of Service (DoS) - Voice or Network Infrastructure
- Mitigation and Recommendations Non-Dos Data or Voice Service Outages
- Mitigation and Recommendations Environmental Control Issues ndash Power and Cooling
- Mitigation and Recommendations Vulnerabilities of Converged Networks
- Slide 25
- Conclusions
- Slide 27
-
Threats and AttacksIdentity Privacy and Integrity Issues
bull Session hi-jackingbull Compromised system
accountsbull Unauthorized call routingbull Unauthorized access to
voice or NW componentsbull Unauthorized data
accessbull Unwanted content
exposurebull Malicious code and spy
ware
bull Social Engineeringbull Phishing schemesbull Network identity
masqueradingbull Voice identity
masqueradingbull Unauthorized NW accessbull Unauthorized access to
voice servicesbull Caller-ID hacksbull Voice mailbox squatting
or redirection
MitigationandRecommendations
Mitigation and RecommendationsDenial of Service (DoS) - Voice or Network Infrastructure
bull Follow ldquoBest Practicesrdquobull Process and procedures for secure configuration
management and operationbull Harden voice and network infrastructure devices thru
embedded or adjunct mechanismsbull Control network traffic to limit exposure to attacks and
minimize damagebull Compartmentalize networks and services for voice and
databull Implement NW access authentication where
possiblefeasible bull Utilize emerging technologies for admission controlbull Utilize verified software and firmware (such as IP phone
firmware)
Mitigation and RecommendationsNon-Dos Data or Voice Service Outages
bull Redundant networks data services and voice services
ndash Diverse paths and diverse providers where possible and appropriate
ndash Provide redundant centralized services that are geographically
dispersedbull Backup and emergency voice servicesbull Redundant and diverse power ndash Multiple feeds circuits UPS generators devices with dual
power suppliesbull Redundant and resilient cooling andor provide
for emergency procedures and equipmentbull Develop disaster recovery plans and procedures
(include backup equipment and backup sites)
Mitigation and RecommendationsEnvironmental Control Issues ndash Power and Cooling
bull Multiple diverse path building power feedsbull Network and voice devices should use diverse building
powerbull Utilize Power-over-Ethernet (PoE)bull Utilize UPS power for infrastructure devicesbull Utilize emergency generator backup power for critical
componentsbull Provision portable AC units for critical infrastructure
componentsbull Develop standards policies and procedures for dealing
with environmental control issues
Mitigation and RecommendationsVulnerabilities of Converged Networks
bull Develop process and procedures for secure configuration
management and operation of NW and voice infrastructure
devices
bull Access authentication particularly in common areas
bull Disable unused services or protocols on voice compartments
bull Restrict access to services or protocols in the voice compartment that are used by management and support
bull Disable embedded data switch ports on IP phones when not
neededdesired (such as lobbies cafeterias etc)
AGENDA
bull Concept of Network Convergence
bull Why Network Convergence
bull What are the types of Convergence
bull Obstructions to Network Convergence
bull Security concerns and Mitigation steps
bull Conclusion
Conclusions
bull Look at Convergence on a broad anglebull Donrsquot focus too much on Technological
capabilities alonebull You need not be market leader Best to be market
followerbull Be agile work smarter Identify new challenges
earlybull Respond more effectively and compete more
successfullybull Ensure compliance Manage all forms of risks
more effectivelybull Integrate your channels to market effectively
through converged IT and communication servicesbull Protect - Detect - React to Security breaches
Thank Youamp
Your questions are welcome
Contact yesarebeyahoocom
- PowerPoint Presentation
- AGENDA
- Slide 3
- Concept of Network Convergence
- Concept of Network Convergence-Contd
- Slide 6
- Why Network Convergence
- Slide 8
- Types of Convergence
- Network Architecture for IT and Communications
- Slide 11
- Obstructions to Network Convergence
- Slide 13
- Security concerns on converged Networks
- Security concerns on converged Networks- Contd
- Slide 16
- Threats and Attacks-Vulnerabilities of Converged Networks
- Slide 18
- Threats and Attacks Identity Privacy and Integrity Issues
- Slide 20
- Mitigation and Recommendations Denial of Service (DoS) - Voice or Network Infrastructure
- Mitigation and Recommendations Non-Dos Data or Voice Service Outages
- Mitigation and Recommendations Environmental Control Issues ndash Power and Cooling
- Mitigation and Recommendations Vulnerabilities of Converged Networks
- Slide 25
- Conclusions
- Slide 27
-
MitigationandRecommendations
Mitigation and RecommendationsDenial of Service (DoS) - Voice or Network Infrastructure
bull Follow ldquoBest Practicesrdquobull Process and procedures for secure configuration
management and operationbull Harden voice and network infrastructure devices thru
embedded or adjunct mechanismsbull Control network traffic to limit exposure to attacks and
minimize damagebull Compartmentalize networks and services for voice and
databull Implement NW access authentication where
possiblefeasible bull Utilize emerging technologies for admission controlbull Utilize verified software and firmware (such as IP phone
firmware)
Mitigation and RecommendationsNon-Dos Data or Voice Service Outages
bull Redundant networks data services and voice services
ndash Diverse paths and diverse providers where possible and appropriate
ndash Provide redundant centralized services that are geographically
dispersedbull Backup and emergency voice servicesbull Redundant and diverse power ndash Multiple feeds circuits UPS generators devices with dual
power suppliesbull Redundant and resilient cooling andor provide
for emergency procedures and equipmentbull Develop disaster recovery plans and procedures
(include backup equipment and backup sites)
Mitigation and RecommendationsEnvironmental Control Issues ndash Power and Cooling
bull Multiple diverse path building power feedsbull Network and voice devices should use diverse building
powerbull Utilize Power-over-Ethernet (PoE)bull Utilize UPS power for infrastructure devicesbull Utilize emergency generator backup power for critical
componentsbull Provision portable AC units for critical infrastructure
componentsbull Develop standards policies and procedures for dealing
with environmental control issues
Mitigation and RecommendationsVulnerabilities of Converged Networks
bull Develop process and procedures for secure configuration
management and operation of NW and voice infrastructure
devices
bull Access authentication particularly in common areas
bull Disable unused services or protocols on voice compartments
bull Restrict access to services or protocols in the voice compartment that are used by management and support
bull Disable embedded data switch ports on IP phones when not
neededdesired (such as lobbies cafeterias etc)
AGENDA
bull Concept of Network Convergence
bull Why Network Convergence
bull What are the types of Convergence
bull Obstructions to Network Convergence
bull Security concerns and Mitigation steps
bull Conclusion
Conclusions
bull Look at Convergence on a broad anglebull Donrsquot focus too much on Technological
capabilities alonebull You need not be market leader Best to be market
followerbull Be agile work smarter Identify new challenges
earlybull Respond more effectively and compete more
successfullybull Ensure compliance Manage all forms of risks
more effectivelybull Integrate your channels to market effectively
through converged IT and communication servicesbull Protect - Detect - React to Security breaches
Thank Youamp
Your questions are welcome
Contact yesarebeyahoocom
- PowerPoint Presentation
- AGENDA
- Slide 3
- Concept of Network Convergence
- Concept of Network Convergence-Contd
- Slide 6
- Why Network Convergence
- Slide 8
- Types of Convergence
- Network Architecture for IT and Communications
- Slide 11
- Obstructions to Network Convergence
- Slide 13
- Security concerns on converged Networks
- Security concerns on converged Networks- Contd
- Slide 16
- Threats and Attacks-Vulnerabilities of Converged Networks
- Slide 18
- Threats and Attacks Identity Privacy and Integrity Issues
- Slide 20
- Mitigation and Recommendations Denial of Service (DoS) - Voice or Network Infrastructure
- Mitigation and Recommendations Non-Dos Data or Voice Service Outages
- Mitigation and Recommendations Environmental Control Issues ndash Power and Cooling
- Mitigation and Recommendations Vulnerabilities of Converged Networks
- Slide 25
- Conclusions
- Slide 27
-
Mitigation and RecommendationsDenial of Service (DoS) - Voice or Network Infrastructure
bull Follow ldquoBest Practicesrdquobull Process and procedures for secure configuration
management and operationbull Harden voice and network infrastructure devices thru
embedded or adjunct mechanismsbull Control network traffic to limit exposure to attacks and
minimize damagebull Compartmentalize networks and services for voice and
databull Implement NW access authentication where
possiblefeasible bull Utilize emerging technologies for admission controlbull Utilize verified software and firmware (such as IP phone
firmware)
Mitigation and RecommendationsNon-Dos Data or Voice Service Outages
bull Redundant networks data services and voice services
ndash Diverse paths and diverse providers where possible and appropriate
ndash Provide redundant centralized services that are geographically
dispersedbull Backup and emergency voice servicesbull Redundant and diverse power ndash Multiple feeds circuits UPS generators devices with dual
power suppliesbull Redundant and resilient cooling andor provide
for emergency procedures and equipmentbull Develop disaster recovery plans and procedures
(include backup equipment and backup sites)
Mitigation and RecommendationsEnvironmental Control Issues ndash Power and Cooling
bull Multiple diverse path building power feedsbull Network and voice devices should use diverse building
powerbull Utilize Power-over-Ethernet (PoE)bull Utilize UPS power for infrastructure devicesbull Utilize emergency generator backup power for critical
componentsbull Provision portable AC units for critical infrastructure
componentsbull Develop standards policies and procedures for dealing
with environmental control issues
Mitigation and RecommendationsVulnerabilities of Converged Networks
bull Develop process and procedures for secure configuration
management and operation of NW and voice infrastructure
devices
bull Access authentication particularly in common areas
bull Disable unused services or protocols on voice compartments
bull Restrict access to services or protocols in the voice compartment that are used by management and support
bull Disable embedded data switch ports on IP phones when not
neededdesired (such as lobbies cafeterias etc)
AGENDA
bull Concept of Network Convergence
bull Why Network Convergence
bull What are the types of Convergence
bull Obstructions to Network Convergence
bull Security concerns and Mitigation steps
bull Conclusion
Conclusions
bull Look at Convergence on a broad anglebull Donrsquot focus too much on Technological
capabilities alonebull You need not be market leader Best to be market
followerbull Be agile work smarter Identify new challenges
earlybull Respond more effectively and compete more
successfullybull Ensure compliance Manage all forms of risks
more effectivelybull Integrate your channels to market effectively
through converged IT and communication servicesbull Protect - Detect - React to Security breaches
Thank Youamp
Your questions are welcome
Contact yesarebeyahoocom
- PowerPoint Presentation
- AGENDA
- Slide 3
- Concept of Network Convergence
- Concept of Network Convergence-Contd
- Slide 6
- Why Network Convergence
- Slide 8
- Types of Convergence
- Network Architecture for IT and Communications
- Slide 11
- Obstructions to Network Convergence
- Slide 13
- Security concerns on converged Networks
- Security concerns on converged Networks- Contd
- Slide 16
- Threats and Attacks-Vulnerabilities of Converged Networks
- Slide 18
- Threats and Attacks Identity Privacy and Integrity Issues
- Slide 20
- Mitigation and Recommendations Denial of Service (DoS) - Voice or Network Infrastructure
- Mitigation and Recommendations Non-Dos Data or Voice Service Outages
- Mitigation and Recommendations Environmental Control Issues ndash Power and Cooling
- Mitigation and Recommendations Vulnerabilities of Converged Networks
- Slide 25
- Conclusions
- Slide 27
-
Mitigation and RecommendationsNon-Dos Data or Voice Service Outages
bull Redundant networks data services and voice services
ndash Diverse paths and diverse providers where possible and appropriate
ndash Provide redundant centralized services that are geographically
dispersedbull Backup and emergency voice servicesbull Redundant and diverse power ndash Multiple feeds circuits UPS generators devices with dual
power suppliesbull Redundant and resilient cooling andor provide
for emergency procedures and equipmentbull Develop disaster recovery plans and procedures
(include backup equipment and backup sites)
Mitigation and RecommendationsEnvironmental Control Issues ndash Power and Cooling
bull Multiple diverse path building power feedsbull Network and voice devices should use diverse building
powerbull Utilize Power-over-Ethernet (PoE)bull Utilize UPS power for infrastructure devicesbull Utilize emergency generator backup power for critical
componentsbull Provision portable AC units for critical infrastructure
componentsbull Develop standards policies and procedures for dealing
with environmental control issues
Mitigation and RecommendationsVulnerabilities of Converged Networks
bull Develop process and procedures for secure configuration
management and operation of NW and voice infrastructure
devices
bull Access authentication particularly in common areas
bull Disable unused services or protocols on voice compartments
bull Restrict access to services or protocols in the voice compartment that are used by management and support
bull Disable embedded data switch ports on IP phones when not
neededdesired (such as lobbies cafeterias etc)
AGENDA
bull Concept of Network Convergence
bull Why Network Convergence
bull What are the types of Convergence
bull Obstructions to Network Convergence
bull Security concerns and Mitigation steps
bull Conclusion
Conclusions
bull Look at Convergence on a broad anglebull Donrsquot focus too much on Technological
capabilities alonebull You need not be market leader Best to be market
followerbull Be agile work smarter Identify new challenges
earlybull Respond more effectively and compete more
successfullybull Ensure compliance Manage all forms of risks
more effectivelybull Integrate your channels to market effectively
through converged IT and communication servicesbull Protect - Detect - React to Security breaches
Thank Youamp
Your questions are welcome
Contact yesarebeyahoocom
- PowerPoint Presentation
- AGENDA
- Slide 3
- Concept of Network Convergence
- Concept of Network Convergence-Contd
- Slide 6
- Why Network Convergence
- Slide 8
- Types of Convergence
- Network Architecture for IT and Communications
- Slide 11
- Obstructions to Network Convergence
- Slide 13
- Security concerns on converged Networks
- Security concerns on converged Networks- Contd
- Slide 16
- Threats and Attacks-Vulnerabilities of Converged Networks
- Slide 18
- Threats and Attacks Identity Privacy and Integrity Issues
- Slide 20
- Mitigation and Recommendations Denial of Service (DoS) - Voice or Network Infrastructure
- Mitigation and Recommendations Non-Dos Data or Voice Service Outages
- Mitigation and Recommendations Environmental Control Issues ndash Power and Cooling
- Mitigation and Recommendations Vulnerabilities of Converged Networks
- Slide 25
- Conclusions
- Slide 27
-
Mitigation and RecommendationsEnvironmental Control Issues ndash Power and Cooling
bull Multiple diverse path building power feedsbull Network and voice devices should use diverse building
powerbull Utilize Power-over-Ethernet (PoE)bull Utilize UPS power for infrastructure devicesbull Utilize emergency generator backup power for critical
componentsbull Provision portable AC units for critical infrastructure
componentsbull Develop standards policies and procedures for dealing
with environmental control issues
Mitigation and RecommendationsVulnerabilities of Converged Networks
bull Develop process and procedures for secure configuration
management and operation of NW and voice infrastructure
devices
bull Access authentication particularly in common areas
bull Disable unused services or protocols on voice compartments
bull Restrict access to services or protocols in the voice compartment that are used by management and support
bull Disable embedded data switch ports on IP phones when not
neededdesired (such as lobbies cafeterias etc)
AGENDA
bull Concept of Network Convergence
bull Why Network Convergence
bull What are the types of Convergence
bull Obstructions to Network Convergence
bull Security concerns and Mitigation steps
bull Conclusion
Conclusions
bull Look at Convergence on a broad anglebull Donrsquot focus too much on Technological
capabilities alonebull You need not be market leader Best to be market
followerbull Be agile work smarter Identify new challenges
earlybull Respond more effectively and compete more
successfullybull Ensure compliance Manage all forms of risks
more effectivelybull Integrate your channels to market effectively
through converged IT and communication servicesbull Protect - Detect - React to Security breaches
Thank Youamp
Your questions are welcome
Contact yesarebeyahoocom
- PowerPoint Presentation
- AGENDA
- Slide 3
- Concept of Network Convergence
- Concept of Network Convergence-Contd
- Slide 6
- Why Network Convergence
- Slide 8
- Types of Convergence
- Network Architecture for IT and Communications
- Slide 11
- Obstructions to Network Convergence
- Slide 13
- Security concerns on converged Networks
- Security concerns on converged Networks- Contd
- Slide 16
- Threats and Attacks-Vulnerabilities of Converged Networks
- Slide 18
- Threats and Attacks Identity Privacy and Integrity Issues
- Slide 20
- Mitigation and Recommendations Denial of Service (DoS) - Voice or Network Infrastructure
- Mitigation and Recommendations Non-Dos Data or Voice Service Outages
- Mitigation and Recommendations Environmental Control Issues ndash Power and Cooling
- Mitigation and Recommendations Vulnerabilities of Converged Networks
- Slide 25
- Conclusions
- Slide 27
-
Mitigation and RecommendationsVulnerabilities of Converged Networks
bull Develop process and procedures for secure configuration
management and operation of NW and voice infrastructure
devices
bull Access authentication particularly in common areas
bull Disable unused services or protocols on voice compartments
bull Restrict access to services or protocols in the voice compartment that are used by management and support
bull Disable embedded data switch ports on IP phones when not
neededdesired (such as lobbies cafeterias etc)
AGENDA
bull Concept of Network Convergence
bull Why Network Convergence
bull What are the types of Convergence
bull Obstructions to Network Convergence
bull Security concerns and Mitigation steps
bull Conclusion
Conclusions
bull Look at Convergence on a broad anglebull Donrsquot focus too much on Technological
capabilities alonebull You need not be market leader Best to be market
followerbull Be agile work smarter Identify new challenges
earlybull Respond more effectively and compete more
successfullybull Ensure compliance Manage all forms of risks
more effectivelybull Integrate your channels to market effectively
through converged IT and communication servicesbull Protect - Detect - React to Security breaches
Thank Youamp
Your questions are welcome
Contact yesarebeyahoocom
- PowerPoint Presentation
- AGENDA
- Slide 3
- Concept of Network Convergence
- Concept of Network Convergence-Contd
- Slide 6
- Why Network Convergence
- Slide 8
- Types of Convergence
- Network Architecture for IT and Communications
- Slide 11
- Obstructions to Network Convergence
- Slide 13
- Security concerns on converged Networks
- Security concerns on converged Networks- Contd
- Slide 16
- Threats and Attacks-Vulnerabilities of Converged Networks
- Slide 18
- Threats and Attacks Identity Privacy and Integrity Issues
- Slide 20
- Mitigation and Recommendations Denial of Service (DoS) - Voice or Network Infrastructure
- Mitigation and Recommendations Non-Dos Data or Voice Service Outages
- Mitigation and Recommendations Environmental Control Issues ndash Power and Cooling
- Mitigation and Recommendations Vulnerabilities of Converged Networks
- Slide 25
- Conclusions
- Slide 27
-
AGENDA
bull Concept of Network Convergence
bull Why Network Convergence
bull What are the types of Convergence
bull Obstructions to Network Convergence
bull Security concerns and Mitigation steps
bull Conclusion
Conclusions
bull Look at Convergence on a broad anglebull Donrsquot focus too much on Technological
capabilities alonebull You need not be market leader Best to be market
followerbull Be agile work smarter Identify new challenges
earlybull Respond more effectively and compete more
successfullybull Ensure compliance Manage all forms of risks
more effectivelybull Integrate your channels to market effectively
through converged IT and communication servicesbull Protect - Detect - React to Security breaches
Thank Youamp
Your questions are welcome
Contact yesarebeyahoocom
- PowerPoint Presentation
- AGENDA
- Slide 3
- Concept of Network Convergence
- Concept of Network Convergence-Contd
- Slide 6
- Why Network Convergence
- Slide 8
- Types of Convergence
- Network Architecture for IT and Communications
- Slide 11
- Obstructions to Network Convergence
- Slide 13
- Security concerns on converged Networks
- Security concerns on converged Networks- Contd
- Slide 16
- Threats and Attacks-Vulnerabilities of Converged Networks
- Slide 18
- Threats and Attacks Identity Privacy and Integrity Issues
- Slide 20
- Mitigation and Recommendations Denial of Service (DoS) - Voice or Network Infrastructure
- Mitigation and Recommendations Non-Dos Data or Voice Service Outages
- Mitigation and Recommendations Environmental Control Issues ndash Power and Cooling
- Mitigation and Recommendations Vulnerabilities of Converged Networks
- Slide 25
- Conclusions
- Slide 27
-
Conclusions
bull Look at Convergence on a broad anglebull Donrsquot focus too much on Technological
capabilities alonebull You need not be market leader Best to be market
followerbull Be agile work smarter Identify new challenges
earlybull Respond more effectively and compete more
successfullybull Ensure compliance Manage all forms of risks
more effectivelybull Integrate your channels to market effectively
through converged IT and communication servicesbull Protect - Detect - React to Security breaches
Thank Youamp
Your questions are welcome
Contact yesarebeyahoocom
- PowerPoint Presentation
- AGENDA
- Slide 3
- Concept of Network Convergence
- Concept of Network Convergence-Contd
- Slide 6
- Why Network Convergence
- Slide 8
- Types of Convergence
- Network Architecture for IT and Communications
- Slide 11
- Obstructions to Network Convergence
- Slide 13
- Security concerns on converged Networks
- Security concerns on converged Networks- Contd
- Slide 16
- Threats and Attacks-Vulnerabilities of Converged Networks
- Slide 18
- Threats and Attacks Identity Privacy and Integrity Issues
- Slide 20
- Mitigation and Recommendations Denial of Service (DoS) - Voice or Network Infrastructure
- Mitigation and Recommendations Non-Dos Data or Voice Service Outages
- Mitigation and Recommendations Environmental Control Issues ndash Power and Cooling
- Mitigation and Recommendations Vulnerabilities of Converged Networks
- Slide 25
- Conclusions
- Slide 27
-
Thank Youamp
Your questions are welcome
Contact yesarebeyahoocom
- PowerPoint Presentation
- AGENDA
- Slide 3
- Concept of Network Convergence
- Concept of Network Convergence-Contd
- Slide 6
- Why Network Convergence
- Slide 8
- Types of Convergence
- Network Architecture for IT and Communications
- Slide 11
- Obstructions to Network Convergence
- Slide 13
- Security concerns on converged Networks
- Security concerns on converged Networks- Contd
- Slide 16
- Threats and Attacks-Vulnerabilities of Converged Networks
- Slide 18
- Threats and Attacks Identity Privacy and Integrity Issues
- Slide 20
- Mitigation and Recommendations Denial of Service (DoS) - Voice or Network Infrastructure
- Mitigation and Recommendations Non-Dos Data or Voice Service Outages
- Mitigation and Recommendations Environmental Control Issues ndash Power and Cooling
- Mitigation and Recommendations Vulnerabilities of Converged Networks
- Slide 25
- Conclusions
- Slide 27
-