PSTN Security Sougat Ghosh Security Services Leader Asia, Nortel Delhi / September 29, 2008 BUSINESS MADE SIMPLE 1
Disclaimer The slides and presentation templates are property of Nortel and must not be replicated. The slides have been taken from various sources and CERT / Nortel does not take any liability for reproduction 2
Agenda What is PSTN? Myths Threats Controls Acknowledgement 3
Myths PSTN / TDM Security Voice have similar threats as data networks Voice threat controls can be mitigated after convergence Traditional Security elements protect from zero day attack Authentication and Authorisation are the only security controls Analog phone guarantees security PBX implements policy on the network VoIP should not be extended to untrusted networks 4
Threats External Access to outsourced / 3rd party / vendors Inbound Access to critical devices storage, networks, etc Outbound access connecting external and internal network Toll fraud Internal Outbound access connecting external and internal network 5
Controls BUSINESS MADE SIMPLE 6
Controls (In the infrastructure ) Deploy controls on individual PBX (if supported) Review controls and usage regularly Modems connected for 3rd party access are enabled to specific phone numbers 7
Controls (Enterprise Policy) Enterprise Authentication for long distance calls Disable all modems (including on laptops) in the infrastructure 8
Controls (External) Authorisation Based on Policy (like User, Time of day, etc) Central Operations Centre Granular Policy Call Recording Based on Event Trigger Call Alerting Protection for Legacy PBX Organisation s Do Not Disturb Registry 9
PSTN Firewall Capabilities Secure Voice Gateway PBX orvoip Call Server Voice Firewall: Blocks phone line attacks. Controls voice network access and service use. Voice IPS: VoIP & TDM Trunks Prevents malicious and abusive call patterns such as toll fraud. Modem Performance Manager: Enterprise-wide dashboard. Real-time performance monitoring & diagnostics. Usage Manager: Enterprise-wide, PBX-independent CDR, call accounting, & resource utilization. Firewall Router L3 Switch Call Recorder: Policy-based recording of targeted calls. Trunk-side, cost effective solution. Real time Enterprise-wide PBX-independent 10
PSTN Security Voice Firewall & Management System Policy Enforcement Saves money Secures phone lines Customer Phone calls Who called who? When? How long? Type? (Voice/Fax/Internet) Threatening caller? Customer experience? Unanswered/busy calls? Long Distance abuse? Internet over phone lines? Bomb threats?... etc. Reports to help lower costs & increase sales. Alerts/stops/records restricted calls Discovers phone resources not working/needed 11 Records conversations
Why PSTN Security? Key Reports: Traffic by call type (voice/fax/modem) Summary traffic analysis Modem calls in/outbound ISP calls unmonitored Internet use Span resource utilization Traffic trending & analysis Toll fraud Fax resources utilization Tie-line analysis / VoIP toll bypass Telecom faults, errors, outages Business operations unanswered calls, excessive busies LD misuse/abuse non-business LD, toll calls, voice on fax.
Where has this been deployed / planned? Large Government Airport Defense Large retail store 13
References / Acknowledgement SecureLogix PSTN Standards Document 14
15