WavebreakmediaMicro - Fotolia
Securing a unified communications network is a broad and multifaceted challenge. Whether you host your own UC or use a cloud provider -- or a combination of both -- you need to be aware of the specific security capabilities of your UC network to avoid security incursions and hacker-triggered outages. Organizations should consider five areas to support UC network security.
1. Perimeter security. The first place to check UC network security is the perimeter guarding your UC servers and session border controller (SBC). Know what firewall is in place and what capabilities it has. Is it an older firewall with just basic port filtering or is it a next-generation firewall (NGFW) that has advanced capabilities, such as intrusion detection and prevention? Many NGFWs boast application-level capabilities, but they may not extend to UC apps. Even some that claim support for UC apps may provide relatively limited UC security.
2. Admin protection. Vendors go a long way to make UC management easy, but it can also be easy for a hacker to break into the admin login and wreak havoc. Configure your system to require strong passwords. Better yet, seek out systems that allow multifactor authentication to make sure the UC network doesn't become compromised at its management core.
3. Upgrade and maintenance cycles. Some security problems happen because of vulnerabilities in UC apps or the devices protecting these apps. Most vendors will fix holes as soon as they become aware of them and provide updated software for your system. These updates and fixes will not likely be deployed automatically, however. Thus, you need to be sure that the upgrade maintenance cycles of your on-premises or cloud provider will address any security exposure in a timely fashion.
4. Encryption. Everything should be encrypted. Secure Sockets Layer and Transport Layer Security, also referred to as media encryption, can and should be used to encrypt user sessions. For office-to-office connections, some organizations will prefer to provision static VPN tunnels. Don't forget that management traffic should also be encrypted to protect your admin functions.
5. SBCs. Your SBC is the heart of your UC network, so it's no surprise the most sophisticated UC security features are found there. Security features that are not standards-based are becoming significant differentiators among SBC vendors to protect against threats such as denial-of-service attacks, SQL injection or other code injection attacks, and fraud. Ask your SBC provider if they offer these protections as part of their SBC package.
Security is not just something to be done and checked off the list. Plan periodic reviews of your security strategy if UC is core to your business. Run periodic vulnerability scans, as a clean scan will give you peace of mind that your UC network security is where it needs to be.
Dig Deeper on Unified Communications Security
Related Q&A from Kevin Tolly
More efficient management and lower costs are just some of the advantages of centralized SIP trunking. Find out why it's better to place trunking ... Continue Reading
A virtual session border controller can help companies meet increased demands without requiring the installation of costly and dedicated hardware. Continue Reading
What's the best way to accurately measure jitter? There are a variety of tools, but it's important to pick the one that's right for you. Continue Reading