Unified Communications Threat Management UCTM The Dark Side

Unified Communications Threat Management (UCTM) The Dark Side of SOA Solutions Roger Toennis Redshift Networks Inc. Sr. Director of Product Management

SOA & Unified Communications Deployments SOA $18. 2 billion in 2012 IP PBX $12 billion in 2011 UNIFIED COMMUNICATIONS $18 billion in 2011 200 k to 300 K IP Phones Mobility Customer Contact Deployment of 45 K UC Cisco IP Phones Conference IP PBX Deployment of 10 K UC Cisco IP Phones Source: Synergy, Datamonitor, Wainhouse, Ovum, Cisco, Avaya Total Market UC $30 billion 2011 180 K IP Phones 4% = Security TAM $1. 2 B 2011 2 January 23 -25, 2008 • Miami Beach Convention Center • Miami, Florida USA www. ITEXPO. com

The Hype Cycle Defined (Gartner) Trigger SOCIALIZATION DELIVERY 3 January 23 -25, 2008 • Miami Beach Convention Center • Miami, Florida USA www. ITEXPO. com

Hype Cycle for Enterprise Communications Apps 4 January 23 -25, 2008 • Miami Beach Convention Center • Miami, Florida USA www. ITEXPO. com

The “Network Complexity” Threat Internal and External Complexity is the Biggest Threat 5 January 23 -25, 2008 • Miami Beach Convention Center • Miami, Florida USA www. ITEXPO. com

The Expanding Exposure/Threat Landscape Database Server Farm Presence/UC Server Farm Email Server Farm Web Server Farm Enterprise C Enterprise B IP PBX Server Farm Mainframes IPS-DPI DB Firewall Voice Everywhere!!! Anti-SPAM Enterprise Service Provider Wi. Fi BYOB “Broadband” UMA/GSM Wi. Fi/Wi. Max Dual-Mode SOHO/Remote January 23 -25, 2008 • Miami Beach Convention Center • Miami, Florida USA 6 www. ITEXPO. com

Weak Security Evolution to Converged Communications Medium Security High Asset Exposures Strong Security Medium Asset Exposures l na io deo , vi e oic e v orks rat s tw epa ta ne work S • net re Da & ated l osu Iso Exp • ow • L a Tr dit d rge nve rks deo Co wo ce, vi t i Ne rated vo lications s ged ation ver nic al user n Co multimod m s Co. Rich muence plication nabled OI , V eg pp s t M a app s (TD ns • In Data ed t k io & ibu etwor nicat str i n mu • D brid om y C • H ified re n osu U p • ) Ex (UC ium ed • M • P) E ri p P) xpe mic a tions e EB C a yna nic ss ( • D mmu roce ed P g o • C siness onver Bu t on c uil s • B work osure t p ne Ex igh • H Low Asset Exposures Integrated Modular Systems January 23 -25, 2008 • Miami Beach Convention Center • Miami, Florida USA Distributed Software and Systems 7 www. ITEXPO. com

Communications Enabled Business Process (CEBP) Server/Solution Integration = New/Unknown Threat Potential 8 January 23 -25, 2008 • Miami Beach Convention Center • Miami, Florida USA www. ITEXPO. com

Evolving New Pain Points Emerge - VOIP Threats IP PBX VDOS Unified Messaging / PBX SPIT VPhishing High-Tech company “Advertisement” Network Banks IP PBX East/West banks Network Customers Account Number & PIN “Advertisement” NASA / NTT Fake IP PBX Number Harvesting Eavesdropping Toll Fraud IP PBX Major hospital IP PBX “ 123” FBI IP PBX $40 billion loss “Buy $10, 000” “ 100” Network “ 456” Dad London Network “ 200” 123 456 100 200 300 “Buy $100, 000” “ 300” Uncle Delhi Mom Tokyo 9 January 23 -25, 2008 • Miami Beach Convention Center • Miami, Florida USA www. ITEXPO. com

VOIP and UC Threats • Security threats to networks in general are increasing over year (CERT Vulnerability Stats) • VOIP, UC and CEBP Applications present several hundreds of threat vectors (additional) • Security awareness within IP telephony is lagging “traditional data” in general 10 January 23 -25, 2008 • Miami Beach Convention Center • Miami, Florida USA www. ITEXPO. com

VOIP/UC Attacks Timeline GARTNER (2007) Enterprises that don’t spend on IP Telephony Security today will end up spending 20% of their Security Operations Budget on it in 2011. SPAM Blackhat Announces Vulnerability Microsoft Announces Vulnerability Loveletter $8 B Loss Spyware Code Red $2. 6 B Loss Trojans Worms Virus 42% Bot. Net Slammer $2 B Loss VOIP Phishing Cisco, Blackhat VOIP announce VOIP SPIT vulnerabilities UC attacks VOIP Vmail Spoof NASA VOIP Utility Data to. Voice Pena - $1 M VOIP Stealth - $26 M Toll Fraud Panama - $100 K 7% 5% 1995 2000 2005 January 23 -25, 2008 • Miami Beach Convention Center • Miami, Florida USA Application 2005 $22 B loss - SPAM Infrastructure Layer 1 -4 Layer 5 -7 Enterprises that are proactive in nature will only Bank of America spend 5% of IP Telephony Security St. Barbara Bank East Coast Bank 2010 11 www. ITEXPO. com

Current Solutions are Lacking!! SMTP SIP, SCCP, H 323, RTP Unprotected IP/UDP/TCP ICMP/IP Anomaly TCP Protocol Exposed Unprotected Permissions EMAIL Anomalies SIP/RTP Ports Weak Anomalies SPAM VOICE SPAM (SPIT) Unprotected ICMP Floods TCP / SYNC FLOOD Brute Force Attacks HTTP Viruses SIP RTP TLS Floods Unprotected Worms Malware Buffer Overflows Registration Hijacking Toll Fraud Call Forwarding Impersonation Spoofing Collaboration Session Tear Down Illegal Media Injection Redirection 1000 s Of Other Attacks January 23 -25, 2008 • Miami Beach Convention Center • Miami, Florida USA Unprotected Mixing Unprotected 12 www. ITEXPO. com

Emerging Awareness of Vo. IP/UC Vulnerabilities GARTNER (2007) • “Enterprises that don’t spend on IP Telephony Security today will end up spending 20% of their Security Operations Budget on it in 2011. • “Enterprises that are proactive in nature will only spend 5% of IP Telephony Security” Yankee Group 13 January 23 -25, 2008 • Miami Beach Convention Center • Miami, Florida USA www. ITEXPO. com

Visibility & Control of Multiple Enterprise Domains Enterprise C CEBP Solutions Enterprise B Database Server Farm DB Firewall Web Server Farm 4 Desktop Data & Voice VLAN Email Server Farm 5 VLAN Security 3 IPS-DPI Microsoft OCS Anti-SPAM IP PBX, 1 Vo. IP VLAN A. Remote User Vo. IP B. SIP Trunking IP PBX, 2 Presence IP PBX/Presence/UM Server Farm Wi. Fi Service Provider Vo. IP Wireless Security Dual-Mode UMA/GSM Wi. Fi/Wi. Max Enterprise A Dual-Mode 14 January 23 -25, 2008 • Miami Beach Convention Center • Miami, Florida USA www. ITEXPO. com

IT Needs Better "Visibility" & "Control" at the… 1. Corporate Network Edge • 2. WAN Mobility/Home Office/Branch Office/SIP trunking Corporate “Wireless Network” Edge • 3. Campus/Inbuilding Wi. Fi-DECT Vo. IP Server DMZ • • 4. Critical Reliability Voice Assets PBX/Conference Bridges/IP Phones UC "Desktop/Server" Integrations • 5. Next generation Desktop UC solutions (OCS/IBM Lotus/Etc) CEBP "Server to Server" and “Server to Hosted Service” Integrations. • • Voice Enabled Oracle/SAP, Voice Enabled Salesforce. com Voice Alerts for Supply Chain, Converged B 2 B Federations , etc. 15 January 23 -25, 2008 • Miami Beach Convention Center • Miami, Florida USA www. ITEXPO. com