TMCnet - World's Largest Communications and Technology Community



Unified Communications
Cover Story
UC Mag
Paula Bernier
Executive Editor,

IP Communications Magazines

Securing Unified Communications

The need to secure communications of all types has come into high relief lately. That's due to some recent high-profile cases, including FBI Director Robert Mueller's revelation that he had been phished, and the arrest of three people last fall by law enforcement authorities in California, Nevada and North Carolina as part of an international crackdown on phishing, which involves e-mail scams that trick people into giving personal and financial data to counterfeit Web sites. At the same time, the federal government has been talking a lot about cybersecurity. And studies have shown that security is a leading, if not the No. 1, concern of enterprise CIOs.

As a result we're seeing some important companies do acquisitions and partnerships to further their security initiatives. For example, Cisco Systems is buying privately held Web security company ScanSafe for about $183 million, in what some believe will intensify its position relative to security leaders McAfee Inc. and Symantec Corp. Meanwhile, Verizon Business and McAfee announced on Oct. 8 a global strategic alliance to provide integrated security solutions to businesses and government agencies worldwide.
Speaking of McAfee, the company just last month created a special Vulnerability Detection and Response Group to respond to critical outbreaks by providing incident response and forensics specialties, as well detailed root cause analysis; leverage the in-depth analysis performed everyday by the security experts within McAfee to further serve customers and partners; provide detailed vulnerability analysis of malware samples; and drive vulnerability discoveries throughout McAfee and its partners to ensure quick patch creation by the vendors affected.
Also last month, at the RSA conference, Symantec announced its latest messaging security platforms, Symantec Brightmail Gateway 9.0 and Symantec Brightmail Gateway 9.0 Small Business Edition. The new versions will deliver enhanced protection through real-time updates, provide greater control through integrated e-mail encryption and offer increased scalability.
"While many solutions claim to block more than 95 percent of spam, the targeted spam that does get through can do the significant damage due to advanced social engineering and criminal motivations behind these attacks," says Jack Quinnell, director of product management at Symantec. "The planned release of Symantec Brightmail Gateway 9.0 staves off these targeted attacks, blocking more than 99 percent of spam while helping protect sensitive information and streamlining management of mission-critical e-mail security."
A recent Symantec survey revealed that 42 percent of small and mid-sized businesses lack effective e-mail protection, and as a result are easy targets for cyber criminals. Symantec Brightmail Gateway 9.0 Small Business Edition, which is for businesses with fewer than 250 users, can help protect that against botnets, phishing, spyware and viruses and can be installed within 15 minutes.
"The accuracy of Symantec Brightmail Gateway Small Business Edition is unbelievable. We're blocking around 25,000 spam messages a day, and we haven't had one false positive," says Sean Adams, manager in charge of IT at Bertelkamp Automation. "And, with the outbound message filtering, I finally have control over the content that leaves our organization - from now on, e-mail around here is going to be like Mr. Rogers' Neighborhood - safe and harmless."
However, according to Adam Boone, vice president of marketing and product management with Sipera Systems, securing unified communications is fundamentally different from securing e-mail because UC is real time. That means that while security scans that may cause delay can be acceptable with e-mail, they don't work with real-time interactions enabled by UC.
"What that means is in order to make sure it's not affecting performance you're doing things like allowing firewalls to just pass traffic through," says Boone of Sipera, whose solutions protect about 1 million UC devices today. "You're allowing your standard security architecture to just basically open up holes in it to allow this traffic through without being impeded. What that does is it opens a whole new vector for an attacker or some other risk to be introduced to your environment."
According to Infonetics Research, $30 billion has been invested in UC infrastructure since 2002; and Insight Research forecasts $87 billion in UC infrastructure through 2014. Boone says that means we're about a third of the way through the projected build out of UC.
"And when you're about the third of the way through the new technology it's when you have enough of the installed base out there to start seeing the security issue, to start seeing the risks, and to really understanding how they need to be controlled," he says. "That's actually true of any technology."
To address these security issues, Sipera offers a security appliance designed to address UC. It works in both enterprise and service provider networks to secure UC traffic through encryption, access control, detection and blocking of threats, and real-time policy enforcement. In designing the appliance, Boone says Sipera ensured there was plenty of processing power available, and allowed encryption to be offloaded to a special processor, so security can be ensured but without adversely affecting performance.
The company also sells a smartphone client that enables the devices to securely connect to corporate networks.
As companies move to adopt UC, Boone says there are three common mistakes customers make relative to security.
One is the failure to correctly deploy encryption. Boone says you need it inside and outside the enterprise.
Second is relying on session border controllers for security. "They can't do it," he says. "Session border controllers in fact are a leading cause of toll fraud today. There's this sort of fantasy out there that SBCs will protect everything about your enterprise if you're deploying UC, and that's actually a dangerous fantasy. It's incorrect."
Third is what Boone calls "loosey goosey UC," where you're not focused on application layer security, but just using stuff like firewalls or SBCs to cobble together some kind of security architecture for UC security. "That's a mistake," says Boone.

Technology Marketing Corporation

2 Trap Falls Road Suite 106, Shelton, CT 06484 USA
Ph: +1-203-852-6800, 800-243-6002

General comments: [email protected].
Comments about this site: [email protected].


© 2024 Technology Marketing Corporation. All rights reserved | Privacy Policy