cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

AMA-CUCM Troubleshooting: Best Practices for Reading Trace Files

Securing the life line of your organization - IP Communications (Cisco IP Telephony Solutions)

8319
Views
5
Helpful
0
Comments
Beginner

How often have you come across a situation when you were asked about the security aspect of the Cisco IP Telephony solution you have designed, implemented, or operated? A good guess would be - multiple times at multiple occasions.

When organizations adopt Cisco IP Telephony / Unified Communication solutions, they seldom think about securing - what's about to become an asset for their organization. With communications, everything is lost from employee communications to consumer interactions to vendor negotiations, all comes to a halt. Amidst rapid technology growth and increasing demand for 'anytime, anywhere' connectivity to corporate networks, securing communications is the first and last line of defense.

So, the next question is, what keeps organizations away from thinking about securing their communications network or channels? The answer is not trivial however, not too complex to be understood. The majority of reasons could be:

1. Lack of management support in terms of financial support, man power, scarcity of resources

2. Improper planning - leading to multiple security issues during deployment or operation of an IP Telephony network

3. Blind-siding the security aspect by virtue of in confidence to secure a relatively new technology

It is sad but true that more often than not, IP Telephony is paid much less attention than it is due for. Moreover, organizations are ready to take upon risks rather than implementing the right set of security controls to deter attacks.

With that said, it is not a perfect world and not everything works out as desired. But that should not stop you to make sure that you and your organization go that extra mile and do the needful to secure the corporate voice communication medium.

How to start, you may ask? There's no black and white however, certain essential elements should pave a path to ensure that you have a plan which can be put into practice.

1. Ensure you have appropriate know how of recent and past security incidents in your organization's data/voice network.

2. Have a plan in order to address any and all issues that may pop-up during your journey to secure the IP Telephony network.

3. Make sure that you get the management buy-in and support by making them aware of criticality of the IP Telephony network's outage/unavailability/misuse.

4. Form a strategy which can be implemented in your environment. The security policy should be formulated in a way that it is generic overall however, more specific to IP Telephony network, applications, and endpoints.

5. Ensure that you sort out the security controls which should be implemented at various levels (network, application, endpoint, third party servers etc.).

6. Have an idea of what is the cost of security (cost of security is the cost of not applying a security control or construct and assuming a risk, which eventually becomes a real threat) and balance it out with risk, effort, and, complexity.

7. Once the security strategy is formulated, you can start at network level  or start at network and application level simultaneously i.e. to apply  the security controls previously chalked out.

8. Upon application of security controls, test the network for its responsiveness and stability.

9. Prepare your IP Telephony network for secure management (could e leveraging secure protocols, out of band management, and so on)

10. Monitor the IP Telephony network.

With all that has been stated in previous section, it must be recognized that IP Telephony security alike any other flavor of security is neither a one time nor a one step effort. It involves multiple steps and should be repeated time and again (frequency depends on industry vertical, legal requirements, or other factors).

Last but certainly not the least, now you have a reference, a guide which can help you with those meddling UC/IP Telephony security queries, configuration steps, secure network design and management, and above all is a companion for Cisco Security and UC - architects, engineers, managers, administrators, and decision makers. The book 'Securing Cisco IP Telephony Networks' builds on real world experience and provides easy to follow examples and case studies to help you plan, design, build, operate, monitor, and manage a secure Cisco IP Telephony network.

The book is available as paperback or eBook at:

http://www.ciscopress.com/bookstore/product.asp?isbn=1587142953

and

http://www.amazon.com/Securing-Telephony-Networks-Networking-Technology/dp/1587142953

----------------------

Akhil Behl

Sr. Network Consultant, Cisco Systems

CCIE Voice, Security

CreatePlease to create content
Content for Community-Ad
August's Community Spotlight Awards