As real-time communications traffic floods enterprise networks, IT organizations must integrate UC security into their overall security and risk management picture.
Until recently, real-time communications security was not a priority for many businesses – and while UC security is still very much a market in search of demand -- with voice and video migrating onto the IP network, enterprises are thinking twice. While threats -- like toll fraud -- do exist, many enterprises secure their SIP trunks with session border controllers (SBCs) at the edge to connect communications between disparate office locations and users, and rely on them to also protect against potential attacks or toll fraud. They aren't interested in buying another security appliance beyond SBCs.
"Some businesses haven't put anything in place around securing VoIP [Voice over IP] or UC at all," said Diane Myers, principal analyst at Campbell, Calif.-based Infonetics Research. "Many businesses are not used to having to secure voice … but now it [has] become one more pipe into an organization's data." Even if enterprises are expanding their security efforts around UC, many businesses lack expertise in this new area.
Making UC security a part of the bigger network security picture
Real-time communications security company Vigilance Networks -- formerly VibeSec -- offers threat monitoring, prevention and analysis tailored for enterprise IP communications. The cloud-based Vigilance real-time security platform can protect video conferencing, instant messaging (IM) and IP telephony from toll fraud, intrusion and eavesdropping. The Vigilance platform takes VoIP security beyond the basic security protections of an SBC. It integrates with existing network security products to pull information from different points on the network -- including SBCs, voice servers and even firewalls -- to uncover any fraudulent activity in real time. For instance, if a softphone connects to a company's network from a region where the company has no offices or users, Vigilance will flag the activity.
"Through a threat intelligence and an analytics approach, we can look at what an enterprise's users are doing, what network tools are doing, and provide visibility into a company's security posture so they can better protect themselves in real time," said Neil Segall, CEO of Denver-based Vigilance Networks.
The Vigilance platform aggregates actionable data from voice, video and IM traffic onto a single management interface, using software probes at various spots in the network. The technology can work with existing LAN and WAN infrastructure, as well as in mixed vendor environments, the company said. "[The platform] isn't a security element itself -- like a firewall, but [Vigilance] is acting as the information management tool for real-time communications threats," said Irwin Lazar, vice president and service director at Mokena, Illinois-based Nemertes Research Group Inc.
VoIP security: Securing VoIP through a service-based model
As more enterprises disconnect their phone systems from the public-switched telephone network and rely on VoIP, securing VoIP will become more important. Since many enterprises are wary of installing another security appliance, many enterprises may want to turn to a managed UC security service like Vigilance's real-time security platform, Lazar said. Even better, they could ask VoIP providers for an add-on security service. "A service provider could buy the voice security monitoring platform and offer it to enterprise customers for a few extra dollars a month," he said.
Vigilance Networks recently announced a global partner program that will help cloud and service providers address real-time communications security, ensure compliance and prevent fraud by using the Vigilance Networks' Security Intelligence Platform. Service providers and value-added resellers (VARs) can white label the Vigilance platform, or sell it directly as a service to their customers, the company said.
"Attack surfaces are growing faster than enterprises can keep up with," Segall said. "It's through partnerships with a trusted provider -- like a managed security provider or a VAR -- that businesses can consume these new types of security services and have the right security policies configured to actually be effective in stopping threats and reacting to the particular environment."
The challenge of securing VoIP
New UC security threats leave platforms vulnerable
Securing VoIP networks with interoperable firewalls