“Indy Review” – Cisco: IP Communications, Voice over IP Security

Cisco Press and Patrick Park released, “Cisco: IP Communications, Voice over IP Security” in the beginning of 2009. There is a good knowledge transfer in this book for newcomers and I suspect a bit of review for seasoned practitioners. Nonetheless, you’ll be given a nice primer to VoIP security from the packet level, all the way through architecture. This book is divided into three different areas , which consists of VoIP Security Fundamentals, VoIP Security Best Practices and Lawful Interception (CALEA). I’ll briefly describe some content from each area, to give you a better idea of what is covered in the book and to help you protect your investment. I would encourage anyone reading this book to read the VoIPSA Threat Taxonomy version 1, side by side with this book, “http://voipsa.org/Activities/taxonomy.php”

The first part of the book gets into VoIP Security, where you’ll read about inherited and protocol vulnerabilities. You’ll also find that Cisco Press classifies attacks in four categories, which are threats against availability, confidentiality, integrity and social context. They explain call flows and security profiles that are associated with H.323 “D,E,F”, SIP and MGCP. If you have little to no experience with cryptography, they explain the functions and uses of a few implementations that are in use today. If you’re looking for network modeling for architecture and design they have something in the book for you as well.

Switching gears to VoIP Security Best Practices, you’ll be introduced to analysis and simulation of current threats, where they talk about mitigating DoS, sniffing, spoofing and VoIP spam. This section of the book identifies how to secure VoIP protocols with authentication, encryption, transport and network layer security, threat modeling and prevention. They will give you an overview in how SBC’s are deployed and used to resolve DoS, L.I.“Lawful Interception’’, exposed network topology, and performance issues. Then they get into Enterprise Network Devices and security devices, so you’ll be introduced to “Cisco Solutions” like Call Managers, End-Points, ASA’s, PIX’s and FWSM’s.

The last section of the book explains Lawful Interception (CALEA). They talk about requirements and standards that have been developed and implemented in Europe and the United States. There will also be a walk through in how L.I. is generally implemented and “possibly detected”, but the examples in the book are not limited to certain geographic areas or countries.

I would recommend this book to folks who are looking for a solid introduction to VoIP Security. After reading this book, along with the VoIPSA Threat Taxonomy “http://voipsa.org/Activities/taxonomy.php”, you will be aware of the different types of attacks and methods of mitigation that you may use to stop or just stall your next attacker……