[VOIPSEC] Contents of Voipsec digest Vol 16, Issue 12 - Managed VoIP Security Services thread
Shrikant Latkar
shri at juniper.net
Wed Apr 12 11:45:09 CDT 2006
I know of vendors who are offering Managed VoIP Services that also
includes Security aspects for VoIP.
However, the difference between VoIP Managed Security Services and
Managed Security Services, I would think will mostly be in and around
SLAs that the Managed Services Provider needs to deliver on the total
VoIP performance which would include protecting VoIP servers from DoS
attacks, compliance with security policies etc.
I too have not come across VoIP Managed Security Services.
Shrikant G Latkar
Sr. Manager
shri at juniper.net
-----Original Message-----
From: Voipsec-bounces at voipsa.org [mailto:Voipsec-bounces at voipsa.org] On
Behalf Of Voipsec-request at voipsa.org
Sent: Wednesday, April 12, 2006 4:00 AM
To: Voipsec at voipsa.org
Subject: Voipsec Digest, Vol 16, Issue 12
Send Voipsec mailing list submissions to
Voipsec at voipsa.org
To subscribe or unsubscribe via the World Wide Web, visit
http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
or, via email, send a message with subject or body 'help' to
Voipsec-request at voipsa.org
You can reach the person managing the list at
Voipsec-owner at voipsa.org
When replying, please edit your Subject line so it is more specific
than "Re: Contents of Voipsec digest..."
Today's Topics:
1. Re: VoIP Managed Security Services (dan_york at Mitel.com)
2. Re: VoIP Managed Security Services (Savage, John C (John))
3. Re: VoIP Managed Security Services (Smith, Donald)
----------------------------------------------------------------------
Message: 1
Date: Tue, 11 Apr 2006 11:55:54 -0400
From: dan_york at Mitel.com
Subject: Re: [VOIPSEC] VoIP Managed Security Services
To: Mark Teicher <mht3 at earthlink.net>
Cc: voipsec at voipsa.org
Message-ID:
<OF0A9D2F82.5C47BE0F-ON8525714D.00462A90-8525714D.00578388 at mitel.com>
Content-Type: text/plain; charset="us-ascii"
Mark
> After doing some prelim research on the topic, it appears that many
> of the known managed security service players do not offer VoIP
managed
> security services. Is there a difference between VoIP managed
security
> services and IDS/IPS, Firewall, VPN managed security services ? Who
are
> the market leaders in this space ?? Is it really a space ?? Or is it
> just another word, for managed device support or remote access support
> via IP versus modem based support ??
I guess my question back to you would be - what are you looking for in a
"VoIP managed security service" that is different from what a regular
"Managed Security Service Provider" (MSSP) would provide?
Or I guess another question is - was your question prompted by seeing
this term being used somewhere?
Typically, most MSSPs seem to offer most or all of:
- managed firewall configuration, policies, etc.
- managed IDS/IPS monitoring, reporting, etc.
- managed VPN services
- security incident response and management
- vulnerability protection/monitoring/etc.
- compliance auditing (SOX, GLB, HIPAA, etc.)
- management of network devices
All of that done 24x7 by the MSSP staff from their Security Operations
Center (SOC). Some MSSPs also seem to provide e-mail antivirus,
security
patch management, website protection, etc... all really varying around
how much you are willing to pay to have an MSSP handle the issues
instead
of your own IT staff.
In that mixture of things, it seems to me that voice is just another
source of data packets to be monitored/managed/reported/etc. with
different firewall rules to be put in place, etc. It would seem logical
for MSSPs to just be able to handle voice as part of their other
services.
So no, I don't personally see a *fundamental* difference between
something
called "VoIP managed security services" and a regular existing MSSP.
Ultimately it's just more bits running on different ports and with
different protocols.
Having said that, I could imagine that an MSSP looking to differentiate
themselves might market their ability to monitor QoS, ensure voice
priority, or deal with firewall traversal issues and management of ALGs,
SBCs, etc. Or perhaps as we gradually move to a world of enterprises
connected via SIP trunks over the Internet, those MSSPs could offer
identity assurance/SPIT prevention services...
... but I personally haven't (yet) seen any MSSPs proclaiming that type
of differentiation. If they are out there, I've missed their ads.
I would be curious, though, to hear the opinions of some of the folks
actually associated with MSSPs (I am not) who are out there on this
list.
My 2 cents,
Dan
--
Dan York, CISSP
Dir of IP Technology, Office of the CTO
Mitel Corp. http://www.mitel.com
dan_york at mitel.com +1-613-592-2122
PGP key (F7E3C3B4) available for
secure communication
------------------------------
Message: 2
Date: Tue, 11 Apr 2006 11:11:01 -0600
From: "Savage, John C (John)" <jcsavage at lucent.com>
Subject: Re: [VOIPSEC] VoIP Managed Security Services
To: "'Mark Teicher'" <mht3 at earthlink.net>, voipsec at voipsa.org
Message-ID:
<81FC03339A3F6B4DB2D80276126BE8550144AB2D at co7010exch002u.ih.lucent.com>
Content-Type: text/plain
How would VoIP traffic differ from any other public or private IP
traffic
from the service providers perspective?
For site to site connections the simplest route is still going to be
sending
the packets across whatever encapsulation method that's used for other
IP
traffic. Priority would (or should) be given to voice streams vs. data,
but
beyond that?
For external connections that will likely cross provider boundaries,
VoIP
capable devices would be needed, but it seems that it's still just IP
traffic and needs to be secured in much the same fashion as any other
traffic.
I'd assume in the future as the telephony and data services groups in
corporations merge this will change. But it will be more from a QoS and
traffic optimization perspective than anything else.
-----Original Message-----
From: Voipsec-bounces at voipsa.org [mailto:Voipsec-bounces at voipsa.org]On
Behalf Of Mark Teicher
Sent: Monday, April 10, 2006 4:05 PM
To: voipsec at voipsa.org
Subject: [VOIPSEC] VoIP Managed Security Services
After doing some prelim research on the topic, it appears that many of
the
known managed security service players do not offer VoIP managed
security
services. Is there a difference between VoIP managed security services
and
IDS/IPS, Firewall, VPN managed security services ? Who are the market
leaders in this space ?? Is it really a space ?? Or is it just another
word,
for managed device support or remote access support via IP versus modem
based support ??
/thanks
_______________________________________________
Voipsec mailing list
Voipsec at voipsa.org
http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
------------------------------
Message: 3
Date: Tue, 11 Apr 2006 12:24:06 -0600
From: "Smith, Donald" <Donald.Smith at qwest.com>
Subject: Re: [VOIPSEC] VoIP Managed Security Services
To: "Savage, John C \(John\)" <jcsavage at lucent.com>, "Mark Teicher"
<mht3 at earthlink.net>, <voipsec at voipsa.org>
Message-ID:
<50E094F67A606244AE045ACB99F9E48E01E51D3D at qtdene2k3m02.AD.QINTRA.COM>
Content-Type: text/plain; charset="us-ascii"
Security through obscurity WORKS against some worms and other tools:)
Donald.Smith at qwest.com giac
> -----Original Message-----
> From: Voipsec-bounces at voipsa.org
> [mailto:Voipsec-bounces at voipsa.org] On Behalf Of Savage, John C (John)
> Sent: Tuesday, April 11, 2006 11:11 AM
> To: 'Mark Teicher'; voipsec at voipsa.org
> Subject: Re: [VOIPSEC] VoIP Managed Security Services
>
> How would VoIP traffic differ from any other public or
> private IP traffic
> from the service providers perspective?
This one is fairly odvious but "Real time protocols" have a stricter
requirement for low latency and jitter then other applications.
>
> For site to site connections the simplest route is still
> going to be sending
> the packets across whatever encapsulation method that's used
> for other IP
> traffic. Priority would (or should) be given to voice
> streams vs. data, but
> beyond that?
While many encryption network elements now support QOS on inbound and/or
outbound interfaces NONE that I know of are prioritizing the traffic
THRU the crypo engine.
>
> For external connections that will likely cross provider
> boundaries, VoIP
> capable devices would be needed, but it seems that it's still just IP
> traffic and needs to be secured in much the same fashion as any other
> traffic.
Agreed.
>
> I'd assume in the future as the telephony and data services groups in
> corporations merge this will change. But it will be more
> from a QoS and
> traffic optimization perspective than anything else.
Agreed.
>
> -----Original Message-----
> From: Voipsec-bounces at voipsa.org [mailto:Voipsec-bounces at voipsa.org]On
> Behalf Of Mark Teicher
> Sent: Monday, April 10, 2006 4:05 PM
> To: voipsec at voipsa.org
> Subject: [VOIPSEC] VoIP Managed Security Services
>
>
> After doing some prelim research on the topic, it appears
> that many of the
> known managed security service players do not offer VoIP
> managed security
> services. Is there a difference between VoIP managed
> security services and
> IDS/IPS, Firewall, VPN managed security services ? Who are the market
> leaders in this space ?? Is it really a space ?? Or is it
> just another word,
> for managed device support or remote access support via IP
> versus modem
> based support ??
>
> /thanks
>
> _______________________________________________
> Voipsec mailing list
> Voipsec at voipsa.org
> http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
>
> _______________________________________________
> Voipsec mailing list
> Voipsec at voipsa.org
> http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
>
------------------------------
_______________________________________________
Voipsec mailing list
Voipsec at voipsa.org
http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
End of Voipsec Digest, Vol 16, Issue 12
***************************************
More information about the Voipsec
mailing list