WavebreakmediaMicro - Fotolia
How do you support UC network security?
Many elements can put your UC network at risk, from unsecured information to DoS attacks. Learn five ways to thwart would-be attacks and protect your UC services.
Securing a unified communications network is a broad and multifaceted challenge. Whether you host your own UC or use a cloud provider -- or a combination of both -- you need to be aware of the specific security capabilities of your UC network to avoid security incursions and hacker-triggered outages. Organizations should consider five areas to support UC network security.
1. Perimeter security. The first place to check UC network security is the perimeter guarding your UC servers and session border controller (SBC). Know what firewall is in place and what capabilities it has. Is it an older firewall with just basic port filtering or is it a next-generation firewall (NGFW) that has advanced capabilities, such as intrusion detection and prevention? Many NGFWs boast application-level capabilities, but they may not extend to UC apps. Even some that claim support for UC apps may provide relatively limited UC security.
2. Admin protection. Vendors go a long way to make UC management easy, but it can also be easy for a hacker to break into the admin login and wreak havoc. Configure your system to require strong passwords. Better yet, seek out systems that allow multifactor authentication to make sure the UC network doesn't become compromised at its management core.
3. Upgrade and maintenance cycles. Some security problems happen because of vulnerabilities in UC apps or the devices protecting these apps. Most vendors will fix holes as soon as they become aware of them and provide updated software for your system. These updates and fixes will not likely be deployed automatically, however. Thus, you need to be sure that the upgrade maintenance cycles of your on-premises or cloud provider will address any security exposure in a timely fashion.
4. Encryption. Everything should be encrypted. Secure Sockets Layer and Transport Layer Security, also referred to as media encryption, can and should be used to encrypt user sessions. For office-to-office connections, some organizations will prefer to provision static VPN tunnels. Don't forget that management traffic should also be encrypted to protect your admin functions.
5. SBCs. Your SBC is the heart of your UC network, so it's no surprise the most sophisticated UC security features are found there. Security features that are not standards-based are becoming significant differentiators among SBC vendors to protect against threats such as denial-of-service attacks, SQL injection or other code injection attacks, and fraud. Ask your SBC provider if they offer these protections as part of their SBC package.
Security is not just something to be done and checked off the list. Plan periodic reviews of your security strategy if UC is core to your business. Run periodic vulnerability scans, as a clean scan will give you peace of mind that your UC network security is where it needs to be.