| Introduction xxiii Part I Introduction to Cisco IP Telephony Security 3 Chapter 1 What Is IP Telephony Security and Why Do You Need It? 3 Defining IP Telephony Security 4 What Is IP Telephony? 4 What Is IP Telephony Security? 4 What Is the Rationale Behind Securing an IP Telephony Network? 6 What Can You Do to Safeguard Your IP Telephony Network? 7 IP Telephony Security Threats 8 How Do Hackers Attack an IP Telephony Network? 8 Foot Printing 9 Scanning 9 Enumeration 9 Exploit 9 Covering Tracks 10 What Are IP Telephony Security Threats and Countermeasures? 10 Threats 11 Countermeasures 12 An Insight to VoIP Security Tools 12 IP Telephony Security/Penetration Tools 13 Sniffing Tools 13 Scanning and Enumeration Tools 14 Flooding/DoS Tools 14 Signaling and Media-Manipulation Tools 15 Business Challenges and Cisco IP Telephony Security Responses 15 Common Business Challenges Associated with IP Telephony Security 15 Cisco IP Telephony Security Responses 16 Summary 17 Chapter 2 Cisco IP Telephony Security Building Blocks 19 Introduction to IP Telephony Security Methodology 19 Understanding the IP Telephony Security Methodology 19 Demystifying IP Telephony Security Methodology 21 IP Telephony Security Architecture 22 Exploring IP Telephony Security Methodology and Defining Security Architecture 24 IP Telephony Security Assessment and Security Policy Development 24 IP Telephony Network Security Implementation 26 Physical Security 28 Layer 2 Security 29 Layer 3 Security 29 Perimeter Security 30 IP Telephony Application Security Implementation 31 Defining the IP Telephony Network Components That Should Be Secured 32 IP Telephony Network Elements That Should Be Secured 32 Summary 34 Chapter 3 What Can You Secure and How Can You Secure It? 35 Layered Security Approach for IP Telephony Security 35 IP Telephony Layered Security Approach 36 Case Study 36 Enabling IP Telephony Security: Layer upon Layer 37 Cisco IP Telephony Security Controls 40 Discovering IP Telephony Security Controls 40 Cisco IP Telephony Security Controls 41 Cisco IP Telephony Network Security Controls 41 Cisco IP Telephony Device Security Controls 43 Cisco IP Telephony Application Security Controls 45 Cisco IP Telephony Endpoint Security Controls 48 Cisco IP Telephony Security Overview 50 Discovering End-to-End IP Telephony Security 50 Understanding Each IP Telephony Component and its Relative Security Control 52 XYZ Headquarters (Main Data Center) 52 IP Telephony Data Center Security Insight 54 IP Telephony Remote Data Center Security Insight 54 IP Telephony Remote Site Security Insight 56 Telecommuter Solution Security Insight 56 Summary 57 Chapter 4 Cisco IP Telephony Security Framework 59 Cisco IP Telephony Security Life Cycle 60 Enabling IP Telephony Security 61 Security and Risk Assessment 61 IP Telephony Security Policy Development and Enforcement 62 Planning and Designing 63 IP Telephony Network and Application Security Deployment 63 Operate and Manage 64 Monitor 64 Developing an IP Telephony Security Policy 64 Building an IP Telephony Security Policy/Strategy In line with Your Corporate Security Policy 64 Risk Assessment 65 Components of IP Telephony Security Policy 69 IP Telephony Security Policy/Strategy 70 Core IP Telephony Security Policies 72 Physical Security of IP Telephony Equipment 74 Physical Security Policy 75 Local-Area Network Security Policy 76 Wide-Area Network and Perimeter Security Policy 77 IP Telephony Server Security Policy 78 Voice Application Security Policy 79 Endpoint Security Policy 79 Conclusion 80 Evaluating Cost of Security-Cost Versus Risk 80 Cost of Implementing IP Telephony Security 81 Cost of a Security Breach 81 How to Balance Between Cost and Risk 82 Determining the Level of Security for Your IP Telephony Network 84 Case Study 84 The Riddles Are Over 86 Putting Together All the Pieces 87 IP Telephony Security Framework 87 Summary 92 Part II Cisco IP Telephony Network Security 93 Chapter 5 Cisco IP Telephony Physical Security 95 IP Telephony Physical Security 95 What Is IP Telephony Physical Security All About? 96 Physical Security Issues 97 Restricting Access to IP Telephony Facility 97 Securing the IP Telephony Data Center Perimeter 98 IP Telephony Data Center Internal Security 99 Personnel Training 100 Disaster Recovery and Survivability 100 Locking Down IP Telephony Equipment 101 Environmental Factors 102 Summary 103 Chapter 6 Cisco IP Telephony Layer 2 Security 105 Layer 2 Security Overview 105 Cisco IP Telephony Layer 2 Topology Overview 106 Why Bother with Layer 2 Security? 107 IP Telephony Layer 2 Security Issues and Mitigation 108 VLAN Hopping Attack and Mitigation 109 Attack Details 109 Mitigation 111 Spanning Tree Protocol (STP) Manipulation 112 Attack Details 112 Mitigation 112 DHCP Spoofing 113 Attack Details 113 Mitigation 114 ARP Spoofing 114 Attack Details 115 Mitigation 116 MAC Address Spoofing Attack 116 Attack Details 116 Mitigation 117 IP Spoofing Attack 119 Attack Details 119 Mitigation 120 CAM Table Overflow and DHCP Starvation Attack 120 Attack Details 121 Mitigation 122 Dealing with Rogue Endpoints: 802.1x 123 What Is 802.1x and How Does it Work? 123 EAP Authentication Methods 125 802.1x for IP Telephony 126 Layer 2 Security: Best Practices 131 Summary 133 Chapter 7 Cisco IP Telephony Layer 3 Security 135 Layer 3 Security Fundamentals: Securing Cisco IOS Routers 136 Cisco IOS Platform Security 136 Restricting Management Access 137 Securing the Console Port 138 Securing the Auxiliary Port 139 Securing the VTY Ports 139 Securing the HTTP Interface 140 Disabling Unnecessary IOS Services 142 Small Services 142 Finger Service 143 BootP 143 Cisco Discovery Protocol (CDP) 143 Proxy ARP 145 Directed Broadcast 146 Source Routing 147 Classless Routing 148 Configuration Autoloading 148 Securing TFTP 149 Securing Routing Protocols 150 Routing Information Protocol v2 (RIPv2) 151 Enhanced Interior Gateway Routing Protocol (EIGRP) 152 Open Shortest Path First (OSPF) 152 Border Gateway Protocol (BGP) 153 Securing Hot Standby Routing Protocol (HSRP) 153 Safeguarding Against ICMP Attacks 154 ICMP Unreachables 154 ICMP Mask Reply 154 ICMP Redirects 154 Constraining ICMP 155 Securing User Passwords 156 Controlling User Access and Privilege Levels 157 Enabling Local Authentication and Authorization 157 Enabling External Server-based Authentication, Authorization, and Accounting (AAA) 158 Configuring Cisco TACACS Based Authentication 158 Configuring Cisco TACACS Based Authorization 159 Configuring Cisco TACACS Based Accounting 159 Antispoofing Measures 160 RFC 2827 Filtering 161 Unicast Reverse Packet Forwarding (uRPF) 162 Router Banner Messages 163 Securing Network Time Protocol (NTP) 164 Blocking Commonly Exploited Ports 165 Extending Enterprise Security Policy to Your Cisco Router 165 Password Minimum Length 165 Authentication Failure Rate 166 Block Logins 166 Disable Password Recovery 166 Layer 3 Traffic Protection-Encryption 168 Layer 3 Security-Best Practices 168 Summary 169 Chapter 8 Perimeter Security with Cisco Adaptive Security Appliance 171 IP Telephony Data Center's Integral Element: Cisco Adaptive Security Appliance 172 An Introduction to Cisco ASA Firewall 172 Cisco ASA Firewall and OSI layers 174 Cisco ASA Basics 175 Cisco ASA: Stateful Firewall 175 Cisco ASA Firewall: Interfaces 175 Cisco ASA Firewall: Security Levels 177 Cisco ASA: Firewall Modes 179 Cisco ASA: Network Address Translation 180 Cisco ASA: UTM Appliance 180 Cisco ASA: IP Telephony Firewall 181 Securing IP Telephony Data Center with Cisco ASA 182 Case Study: Perimeter Security with Cisco ASA 184 Cisco ASA QoS Support 186 Firewall Transiting for Endpoints 186 Cisco ASA Firewall (ACL Port Usage) 188 Introduction to Cisco ASA Proxy Features 201 Cisco ASA TLS Proxy 203 Cisco ASA Phone Proxy 212 Cisco VPN Phone 222 Cisco VPN Phone Prerequisites 223 Implementing VPN Phone 224 Remote Worker and Telecommuter Voice Security 227 Summary 231 Part III Cisco IP Telephony Application and Device Security 233 Chapter 9 Cisco Unified Communications Manager Security 235 Cisco Unified Communications Manager (CUCM) Platform Security 236 CUCM Linux Platform Security 237 Certificate-Based Secure Signaling and Media: Certificate Authority Proxy Function 238 Enabling CUCM Cluster Security: Mixed-Mode 240 Security by Default (SBD) 249 TFTP Download Authentication 249 TFTP Configuration File Encryption 250 Trust Verification Service (Remote Certificate and Signature Verification) 251 Using External Certificate Authority (CA) with CAPF 253 Using External Certificate Authority (CA) with Cisco Tomcat 256 Enabling Secure LDAP (LDAPS) 258 Enabling Secure LDAP Connection Between CUCM and Microsoft Active Directory 259 Securing IP Phone Conversation 261 Securing Cisco IP Phones 262 Identifying Encrypted and Authenticated Phone Calls 264 Securing Third-Party SIP Phones 264 Configuring Third-Party SIP Phone 267 Secure Tone 267 CUCM Trunk Security 271 ICT and H.225 (Gatekeeper Controlled) Secure Trunks 271 SIP Trunk Security 273 Inter Cluster Trunk Security 275 SME Trunk Security 275 Trusted Relay Point (TRP) 277 Preventing Toll Fraud 279 Partitions and Calling Search Spaces 280 Time of Day Routing 280 Block Off-Net to Off-Net Transfers 281 Conference Restrictions 281 Calling Rights for Billing and Tracking 281 Route Filters for Controlled Access 282 Access Restriction for Protocols from User VRF 282 Social Engineering 282 Securing CTI/JTAPI Connections 283 JTAPI Client Config 285 Restricting Administrative Access (User Roles and Groups) 286 Fighting Spam Over Internet Telephony (SPIT) 288 CUCM Security Audit (Logs) 290 Application Log 291 Database Log 291 Operating System Log 291 Remote Support Accounting Log 292 Enabling Audit Logs 292 Collecting and Analyzing CUCM Audit Logs 294 Analyzing Application Audit Logs 294 Single Sign-On (SSO) 295 SSO Overview 296 System Requirements for SSO 296 Configuring OpenAM SSO Server 297 Configuri... |
内容加载中,请稍后...
商品评论(0条)