Risk Management for Cisco Unified Communication Solutions. Introduction to Risk Management for Cisco Unified Communications. As technology has advanced, things have become simpler yet more complex. One prime example is that of todays communication networks. Cisco Ssl Vpn License Not Deployed Technologies' title='Cisco Ssl Vpn License Not Deployed Technologies' />With the evolution of Vo. IP, the most obvious convergence is that of voice and data networks wherein both types of traffic leverage the same physical infrastructure, while retaining a possible logical network separation. Tuneup Utilities 2012 Full Version With Keygen Mac on this page. While, this whole concept seems to be very exciting, theres a big tradeoff in terms of security Its unfortunate but true that, converged communication solutions are more often than not, deployed without much regard for the underlying security issues. In most cases, organizations tend to either ignore the security aspect of Unified Communication UC networks security or underestimate the importance of the same. As a result a host of threats and attacks which used to be relevant to data networks now pester the voice implementation which leverages underlying data networks. Moreover, the existing security solutions which were designed for the data networks cannot adequately meet the new security challenges where voice meets data. Coordinates. Cisco Systems, Inc. Cisco is an American multinational technology conglomerate headquartered in San Jose, California, in the center of Silicon. Cisco Ssl Vpn License Not Deployed Technologies' title='Cisco Ssl Vpn License Not Deployed Technologies' />Unified Communications UC Unified Communications is also referred to as IP Telephony brings alongside a host of new security risks that cannot be resolved by existing security measures or solutions. Coolvetica Font Family. While, UC risk mitigation strategies are just beginning to become known, UC threat mitigation entails significant costs or otherwise gets translated into cost of security that should be taken into account while designing the corporate UC security strategy. The first step to mitigate any risk is to know what your assets worth protecting are and what types of risks you should avert. Lets first understand the fundamentals of risk management. UC Risk Management Overview. Risk management is an art in itself as it spans multiple domains. Ideally, every asset in your UC network should be identified before going through risk management for your Cisco UC solution. Data Sheet 2009 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 1 of 20 Cisco ASA 5500 Series Adaptive Security Appliances. This is important since it will identify what is most important to a business and where investment of time, manpower, and monetary resources will yield most favorable results. Costo Del Software Solid Edge more. The assets that can be selected in a typical Cisco UC environment are not limited to Cisco Unified Communications Manager CUCMCisco Unity Connection CUCCisco Unified Presence Server CUPSCisco Unified Communications Manager Express CUCMECisco Unity Express CUECisco Voice Gateways. Cisco Unified IP Phones wired, wireless, softphonesCisco Unified Border Element. Cisco Catalyst Switches. Cisco IOS Routers. Cisco Adaptive Security Appliance ASAOnce the elements of your Cisco UC solution are identified, its time to give them their risk ratings, based on your risk appetite. Lets start by defining risk. Risk is defined as probability of something going wrong when conducting business as usual and has a negative impact. Now, while you may know that your call control CUCM for example is not secure and can be compromised, you are essentially bearing a risk that a known or an unknown threat may be realized leading to realization of the risk. In other words, you are setting up your risk appetite. Risk appetite may be classified into 3 major categories Risk aversion Averting risks, adopting security where possible, high cost affair. Risk bearing knowing that the network could be attacked, still bearing risk, least cost affair. Risk conforming knowing that the network could be attacked, bearing risk to a minimal degree by implementing most critical security measures only, a balance between risk and cost. Next comes the risk rating, i. ASA+BATTLE+CARD+Improve+threat+mitigation+%E2%80%93+botnet+traffic+filter.jpg' alt='Cisco Ssl Vpn License Not Deployed Technologies' title='Cisco Ssl Vpn License Not Deployed Technologies' />Cisco UC solution to the operations of your network. For example, if CUCM is under attack, what will be the impact of the same on your network Or, if an edge router is attacked, how do you expect the communication channels to be impacted Each application, device and endpoint should be given a risk rating which can be low, moderate or high. The Figure below depicts risk impact vs. Risk Impact vs. Likelihood ratingsLets now understand the threats that lurk around your UC solution and could possibly prove detrimental to the operations of a UC network. The Risks and the Threats. Theres always bad guys out there waiting to impart damage to your UC infrastructure for their financial benefit, to prove their superiority to other hackers or just for funs sake. The table below gives an overview of various threats and the possibility of these threats maturing i. Please note that these are the most commonly seen threats Threat Type. Risk of Impact  Confidentiality. Leakage of sensitive information eavesdroppingIdentity theft Spoofing  Integrity. Identity theft SpoofingCompromised Information Malformed packets, packet injection  Availability. Service Outages DOS, DDOS, SPITLost Productivity Bandwidth Depletion  Service Theft. Excessive phone bills Toll FraudEspionage Call HijackingLets pay a closer visit to these threats and their risk bearings. Eavesdropping gives the attacker the ability to listen and record private phone conversations. An attacker can eavesdrop on Vo. IP conversations by disconnecting a Vo. IP phone from the wall outlet and plugging in a laptop with a softphone or packet capture software such as Wire Shark or by virtue of VLAN hopping attacks. Additionally, eavesdropping can be implemented using SIP proxy impersonation or registration hijacking. If this threat is realized, the risk of damage or disruption is high. Identity Theft Can happen at various OSI layers right from layer 2 through layer 7. Some examples are MAC spoofing IP spoofing call control proxy TFTP spoofing. There are freely available tools such as macmakeup, nemesis and so on which can help the attacker spoof an identity, in other words perform identity theft to trick the source or destination in a voice conversation to believe it is communicating with a legitimate person whilst its the attacker playing on behalf of a legitimate source. Now, a typical example of such an attack is when an attacker can spoof the MAC address of a victims machine and register his softphone. The attacker has the privilege equivalent to that of the victim and can conduct toll fraud explained later in this article or extract information from the softphones web server to launch a flurry of attacks on the voice infrastructure. If this threat is realized, the risk of damage or disruption is moderate to high depending on the privilege the attacker gains based of the victims profile. Compromised Information Loss of Information Every business has some confidential information which, if exposed to its competitor or leaked on the internet, can prove detrimental for the business. Moreover, incorrect information passed to a destination entity can result in the business running into issues. An attacker can compromise the information in voice calls by injecting malformed packets, modifying the RTP packets, or by eavesdropping the call discussed earlier. Packet injection or malformation attacks are difficult to detect unless an integrity method algorithm is implemented. If this threat is realized, the risk of impact is high. Toll fraud This has been a classic issue since PBX days and continues to be a real nuisance in the Vo.