Adam Kleemeyer discusses the most appropriate security options resellers should consider when putting together Unified Communications solutions for their Remote support services customers.
Security breaches – and the business disruptions they causes – represent a key concern for your customers. In the past, they relied on intranets primarily for email and file exchange, and they used the Internet as their web storefront. With Unified Communications, since IP networks are being entrusted to carry the essential functions of conducting business – customer contact centres, voice, Unified Messaging, conferencing, and more – there’s a heightened requirement for protection.
Removing the obstacle
Now that IP networks offer the robustness and quality of service that voice service requires, enterprises have been quick to capitalise on the benefits of Unified Communications. Converging voice and data over IP maximises network efficiency, streamlines the architecture, reduces capital and operating costs, and opens up new service opportunities.
The IP-based multimedia architecture makes it easy to extend service to Remote support services sites and home offices over cost-effective IP links, and makes it easy to deploy, reconfigure (add/move/change) and repair service. Unified Communications enables rich, new multimedia services, such as web-enabled multimedia contact centres, Unified Messaging, presence andRemote support services-based call management.
However, there are factors that need to be considered in deploying a VoIP solution. As the lines blur between internal and external resources, the network reaches more audiences and touch points, carries more mission-critical services, and adds more distributed servers and intelligent clients. It also becomes increasingly vulnerable to security threats.
The typical enterprise internal network extends to supply chain partners, telecommuters, Remote support services access users, web users, application service providers, disaster recovery providers and more. That means that the network may also be more accessible to hackers, cyberthieves, disgruntled employees, and others who would misappropriate network resources. Worse yet, although estimates vary on what percentage of security breaches are internal, most sources consider that figure to be more than 50 percent.
Organisations have been understandably concerned about securing this new multimedia environment, in which proprietary company information flows across shared facilities, public places, open airwaves and unknown users. It’s clear that security must be a key focus in any VoIP deployment.
Security for IP multimedia networks should be achievable, affordable and manageable. Confidentiality, integrity, and authentication of critical multimedia resources must be ensured while maintaining service continuity, feature richness, performance and availability. Security features should be transparent to the user, standard-based, simple to administer, uniform across products and cost-effective.
Finally, security should be implemented consistently across the solution.
As a trusted reseller, it’s your responsibility to deliver on that promise with a secure Unified Communications solution that:
• Protects the integrity of network infrastructure and communications by preventing unauthorised access;
•Increases network reliability by preventing disruptions from attacks on user services, network hardware or network management systems; and
• Prevents theft of intellectual property and abuse of resources from eavesdropping and toll fraud
A layered security strategy
A layered defense approach to network security applies multiple security approaches at multiple network levels – much like protecting your property with sentries and gates at several places.
The approach applies multiple enforcement tactics – such as authentication, encryption, packet filtering and signature-based inspection – at multiple network zones – such as access endpoint, network perimeter, network core and transport links.
A layered approach minimises the possibility that a single point of failure could compromise overall security. If a primary layer of security is breached, the secondary or tertiary layer of defense is there to thwart the attack.
This gives a cross section of the security layers, with several enforcement approaches in action. This layered approach applies directly to a VoIP solution as follows:
The core network layer protection includes the devices that monitor for unwanted behaviour or traffic patterns, and respond – this would include Intrusion Detection and Prevention Systems. The network protection approach could also apply policies that authorise devices onto the network (such as the 802.1x protocol) as well as ensuring that DoS-like traffic could be detected and shut down, and prevent devices from IP address spoofing.
Protection around the communications layer would include the ability to encrypt your voice traffic with SRTP (Secure Real-Time Transport Protocol), and signalling traffic with UNIStim or TLS (Transport Layer Security) encryption.
Source: crn.com.au/Feature/4670,security-paradox-for-enterprises.aspx
0 comments:
Post a Comment