ToIP security; policies and strategies

Description

You are already using Telephony over IP in your enterprise or you are considering its implementation. You consider your IP network already well secured. However, you should know that the nature of telephony as well as specific ToIP components and protocols will alter the way networks are attacked. Consequently implementing telephony over your IP networks will have a significant impact on your network security architecture and policies.

This course is about specificities related to ToIP networks security.

Prerequisites:

« Securing and enterprise network; from intrusion to solutions… » or equivalent.

Target audience:

Sales representatives, account managers, help desk technicians (level 1 and 2), managers and support staff who’s functions requires a good level of understanding of ToIP security, its policies and components without requiring a deep knowledge of architectures and protocols.

Learning objectives:

Upon completion of this course, the participants will be able to briefly explain network security solutions that are specific to ToIP networks;
Most precisely, he will be able to:

1. Describe intrusion risks specific to ToIP;

2. Describe ways to counterattack those intrusions;

3. Discuss solutions pertinences relatively to the risks.

Course duration: 1 day

Course content:

LU 1

Intrusion risks
What are the risks?
Attacking a ToIP network; why?
Typical attacks
Phone system attack
Computer network attack
Signaling protocols vulnerabilities
Transport protocols vulnerabilities
Equipment vulnerabilities

LU 2

Technical solutions
Bastions and firewalls specific to ToIP

LU 3

Security policies
Security strategies
The best practices
Architecture of a secured network

Pedagogic techniques:

Most training activities are using the « presentation » as their main pedagogic technique. This course innovates in offering different techniques, rigorously chosen in regard with their potential to create and maintain interest, to facilitate learning and to increase retention. It is using many techniques as animation, simulation, guided discovery, case study and demonstrations.

Note :

For audiences who do not have the prerequisites and would like to get knowledge specific to this course, we can merge essential concepts from « Securing an enterprise network; from intrusion to solutions.. » with this course.
The course duration would then be 2 days.