As the usage of VoIP
grows all over the world, there is a proportional growth in security concerns for VoIP based applications. Q1 Labs, a leading network security management company has now come up with a new QRadar module, designed specifically for monitoring VoIP networks. QRadar is the only solution that combines security event correlation and network behavior analysis to monitor the application, network protocol, and security services layers of a VoIP network.
Companies that provide VoIP have often found it difficult to monitor their voice application traffic and the security devices that protect them. When a company fails to monitor its VoIP system effectively, there will be problems such as bandwidth contention and traffic jitter
. Also, it opens up the VoIP network to a number of security threats such as man-in-the-middle attacks (hijacking of TCP packets), toll fraud (false long-distance call charges) and IP
PBX (
News -
Alert) attacks (Denial of Service).
QRadar’s VoIP module is designed to assist customers in correlating events from security devices, monitor their voice application traffic, and detect and report on specific threats to VoIP servers and applications. To enable these functionalities, QRadar offers features such as application signatures, a set of security event correlation rules, and specific VoIP security reports.
Q1 Labs is already using QRadar to monitor and manage the security of the company’s network and applications, including Voice over IP. Alphonse Edouard, Vice President of Information Technology at Dune Capital Management said in a
press conference that the additional capabilities will further improve the company’s visibility into its VoIP traffic.
Q1 Labs customers can get the QRadar VoIP security features for free through QRadar 5.2 Auto Update 3. It will ship on February 2, 2007
About
Q1 Labs
Founded in New Brunswick, Canada, in February 2001, Q1 Labs is a network security management company with approximately 70 employees. Q1 Labs’ installed base of customers includes the Federal government, global enterprises, academic and financial institutions, state and local government agencies and healthcare providers.
Q1 Labs has significant strategic and technical partnerships with a growing number of network infrastructure companies, such as Juniper Networks (
News -
Alert) and Enterasys.
About
VoIP security threats
Security is always a top concern for any company deploying VoIP services. Based on the nature of the attacks, the VoIP security threats can be classified into three major categories, namely; Attacks compromising VoIP service availability, Malicious activities compromising the integrity of the services and Eavesdropping.
Service availability threats include clients and QoS
, zero-day VoIP worms/viruses impacting VoIP servers, and buffer overflow related attacks on critical VoIP applications. The usual consequences of such attacks are system downtime, lost productivity, lost revenues and unplanned maintenance costs.
Threats to VoIP service integrity include attacks such as toll fraud, identity theft and fraud attacks. This may result in new vectors of attack and encourage further attacks on PSTN
through the VoIP network.
Eavesdropping attacks include conversation alternation, impersonation & hijacking. As a result of these attacks, conversation could be altered and entities using VoIP services may be furnished false and misleading information.
Don't forget to check out TMCnet’s White Paper Library, which provides a selection of in-depth information on relevant topics affecting the IP Communications industry. The library offers white papers, case studies and other documents which are free to registered users.
--------
Raju Shanbhag is a contributing editor for TMCnet. To see more of his articles, please visit his columnist page.