So, here’s a Chalk Talk on Secure Manageability of Cisco Collaboration Environments for those who are interesting in or wanted to get started with secure management.
Here’s an excerpt from the article
—————————————————————————————————————-
Now that your Cisco world class Collaboration Network is set up and functional, it is time to leverage the benefits of the Unified IP environment. With reduction in Total Cost of Ownership (TCO), leveraging converged network for transporting both voice and data and increased Return on Investment (ROI), what can possibly go wrong? Well, if you didn’t think in a holistic way while setting up the management aspect of your Collaboration network, a lot can go wrong. With things on the move, you should concentrate on making sure they keep going as planned. That is, ensure that you have a plan to securely manage the vital assets of your organization’s communications channels.
More often than not, the topic of “secure management” does not come up as early as it should in most network management discussions. Reasons can vary, such as – lack of support from higher management (monetary or manpower) or lack of insight or experience about what goes into secure management of a Collaboration network. With that said, a Secure Collaboration Network can be achievable only if network management is secured. All in all, if a true collaboration experience is to be achieved, it can be only by way of well-rounded security strategy, and secure network management is an indispensable part of any security strategy.
A Collaboration network’s secure management can be looked upon as a task to move away from unsecure management protocols to standards-driven secure management protocols. The following sections discuss the importance of switching from relatively unsecure or weak security posture management protocols to comparatively secure management protocols.
Something’s Just Not Right!
Until now many organizations still stick with clear text, and in turn, vulnerable protocols for managing their Collaboration networks. The burning question is – why use an insecure protocol at all? The answer is pretty straight forward –a default clear text protocol doesn’t require any special software at Network Management Station (NMS) nor any special configuration at the device being managed. While this may sound great at first, it’s not a leading practice or a recommendation for managing an organization’s Collaboration network.
—————————————————————————————————————-
For full article you can view Cisco Technical Services newsletter of Nov 2013 @ http://goo.gl/zN3Jrh or article on Cisco Support Community https://supportforums.cisco.com/docs/DOC-37500
And if you’re interested in further details on how you can achieve a secure network construct for your Cisco Collaboration network, you can always refer to Securing Cisco IP Telephony Networks
Tags: cisco collaboration, cleartext, SCP, SFTP, snmp, SNMPv3, SSH, voip, voip security
Please join Stephen Welsh (UnifiedFX CTO) and myself for a series of educational webinars on Cisco Unified Communications Manager (CUCM) Endpoint Security and Compliance.
This series of webinars is aimed at helping UC and Security community understand, uncomplicate and achieve security for Cisco UC endpoints (IP Phones, Softphones) Learn key principles, leading practices and how to effectively manage Cisco UC endpoints for security compliance.
The Essentials of Endpoint Security and Compliance is a 3 session series with following sessions –
• Session 1: The Impact of Security by Default (5th Sept)
• Session 2: Understanding and Managing ITL & CTL Files (12th Sept)
• Session 3: Leading Practices for Endpoint Security & Compliance (19th Sept)
You can register for the webinars at http://events.unifiedfx.com
Unifed FX’s webinar page http://goo.gl/IPZvQg
These sessions will be recorded so in case you’re unable to join for the live session(s) you can view the recording later.
Keep up the security!
Tags: cisco uc, CTL, CUCM, endpoint compliance, IP Phone, IP Phone security, ITL, phoneview, securing cisco ip telephony networks, security compliance, security policy, uc security, unifiedfx, voip security
Voice over IP (VoIP) is not just need of hour for most enterprises; it’s something their business depends on to a degree that without IP communications in place, their business processes and revenue streams will fall apart. In such case, it goes without saying; security of voice networks is one of the chief concerns when it comes to security of intellectual capital and customer data. More often than not, one of the first thoughts is how to secure the VoIP network itself which is leveraged by IP Telephony / Unified Communication (UC) applications.
So what is that may be the most commonly sought after yet elusive security control which plays an indispensable role in securing a VoIP network? Your guess is as good as mine, it is encryption! Now, you are well within your rights to ask why elusive? The simple answer is – where encryption can help you succeed and protect the privacy of communications, it can also be detrimental for various functions / organizations e.g. monitoring secure calls is not a trivial task and encrypting all endpoints has an impact on platform sizing and performance.
In this article we discuss about the security of Cisco Unified Communications Manager Express (CUCME) which is an integral part of Cisco UC; and more so of Cisco Express Call processing regime.
To read the full article visit http://www.firewall.cx/cisco-technical-knowledgebase/cisco-voice/956-cisco-voice-cme-secure-voip.html
To learn in depth about Cisco Collaboration Infrastructure, endpoint, device and application security refer to Securing Cisco IP Telephony Networks http://www.amazon.com/dp/1587142953
Tags: Cisco ip telephony, cisco uc, Cisco UC security, cisco unified communications manager express, cucme, ip telephony security, network security, toll-fraud, uc security, unified communications, voip security
Yes, you read it right! I’ll be hosting a Tweet Chat session on 07 May 2013 at 10 am PST on Cisco UC Security.
Please join me on the Tweet Chat and feel free to ask any questions you have or clarify any doubts related to Cisco UC Security.
Here’s the link to the chat
http://www.ciscolive.com/us/attendees/social-networking/twitter/?cid=000061080 and https://supportforums.cisco.com/message/3916192#3916192
So, what are you waiting for? Join me on the Cisco Collaboration Security Tweet Chat on 7 May 2013 at 10 am PST – tweet to @cisco_support using hash tag #ciscoucsecurity
Tags: cisco cucm, Cisco ip telephony, cisco live, cisco press, cisco security, cisco support community, Cisco UC security, CSC, toll-fraud, tweet chat, uc security, voip security
IP telephony is slowly but surely becoming part of the modern day organization’s day-to day-operations. In fact, some organizations depend on it to the extent of their core business or processes based on IP communications. Sadly though, the security aspect pertinent to IP based communications network, applications, and underlying infrastructure is usually not taken into consideration (or is ignored) when enterprises and businesses think of deploying unified communications.
On the same lines of thought, why should anyone for that matter think of securing an IP telephony network? The answer is simple however manifold:
- To protect the information flowing in IP communication channels from eavesdropping and reconnaissance attacks as well as from manipulation or injection attacks.
- To ensure that the investment in their on-premise or off-premise infrastructure pays off (ROI) and doesn’t end up in a rogue’s hands, utilizing it for malicious purposes.
- To lower Total Cost of Ownership (TCO) by leveraging IP communications to offset PSTN/Toll calls and reducing Moving, Addition, Configuration, and Deletion (MACD) and at the same time, keeping conversations safe.
- Attacks on the telephony network may result in monetary and reputation loss. Moreover, it can directly or indirectly impact the business continuity and clientage.
Today, many organizations depend on a number of IP telephony services like voice calls, instant messaging, conferencing, and video conferencing. A typical IP telephony network can face several threats like toll fraud, reconnaissance attacks, eavesdropping, Denial of Service (DoS) attack, and call hijack. While most organizations do consider that their network needs protection from internal or external threats, such a notion is missing (usually) when it comes to their IP telephony applications/devices.
Read the full article at http://www.ciscopress.com/articles/article.asp?p=1966660
For more insight to Cisco IP Telephony Security refer to Cisco Press book Securing Cisco IP Telephony Networks
Tags: cisco, cisco asa, Cisco ip telephony, cisco press, cisco security, CUCM, eavesdropping, Implementing Cisco Unified Communications Security, ip telephony, ip telephony network, ip telephony security, ip telephony services, IPSec, securing cisco ip telephony networks, telephony security, toll-fraud, uc security, unified communications, voip, voip security, VPN
I’ve to admit, this is pretty cool!
There’s now an audio review and intro available for the book ‘Securing Cisco Telephony Networks’ thanks to ComputerBookMix.com
To listen to audio preview click here Audio Preview of Securing Cisco IP Telephony Networks
Tags: cisco, cisco asa, cisco cucm, Cisco ip telephony, cisco security, cisco uc, Cisco UC security, CUCM, firewall, ip telephony, ip telephony security, securing cisco ip telephony networks, security controls, toll-fraud, uc security, unified communications, voip, voip security, VPN
Tags: aaa, cisco, cisco cucm, Cisco ip telephony, cisco security, cisco uc, Cisco UC security, CUCM, firewall, IOS security, IP Phone security, ip telephony, ip telephony security, IPSec, securing cisco ip telephony networks, security, security controls, tacacs, toll-fraud, uc security, voip, voip security, VPN
Interested in Cisco’s new course on securing Cisco UC networks, better known as – UCSEC or Implementing Cisco Unified Communications Security?
This course is conducted by various Cisco Learning Partners and focuses on security of Cisco UC network, from an end to end point of view. This course is comprehensive and covers almost all major aspects of Cisco UC security. I haven’t taken the course myself ( I should be teaching it 🙂 ) however, on first impression from table of contents, the course ware will help you understand the topics covered during the ILT course.
However, to gain more insight and build on real world security model – ground up you need a guide and a reference which you can take with you in those grilling sessions with customer and use during design, implementation, consulting, maintenance, or during discovery milestones of the project.
You guessed it right! You need – Securing Cisco IP Telephony Networks which will guide you through various stages of building, deploying, and maintaining a secure Cisco UC solution. This book is your true companion, guide, and reference to learning and implementing Cisco UC Security.
http://www.ciscopress.com/title/9781587142956
So, if you are planning to take UCSEC course, be sure to pick up your copy of Securing Cisco IP Telephony Networks and use it as a reference, as a text, as a guide, and as a companion.
Tags: asa, cisco cucm, cisco network security, Cisco UC security, DAI, DHCP snooping, eavesdropping, firewall, H.323, Implementing Cisco Unified Communications Security, ip telephony, ip telephony security, IPS, layer 2 security, layer 3 security, MGCP, phising, SCCP, securing cisco ip telephoiny networks, SIP, spit attack, toll-fraud, uc security, ucsec, ucsec training, unity connection, voice gateway, voip, voip security, VPN
VoIP Security is top of mind concern for CIO’s, IT managers, UC engineers, and security professionals. This video highlights the various potential threats that exist in real world around VoIP networks and the remediation methods, Cisco UC solution defense construct, UC PKI, Security by Deafult (SBD) and much more.
https://supportforums.cisco.com/videos/5584
The video is accompanied by a blog (and you can also download the slide deck for your future reference)
Tags: cisco, cisco asa, cisco cucm, Cisco ip telephony, cisco security, cisco uc, firewall, IOS security, IP Phone, ip telephony security, layer 2 security, layer 3 security, network security, PKI, presence, toll-fraud, uc security, voip, voip security, VPN