SIP Security Training | Session Initiation Protocol Security Training

SIP Security Training

Course Delivery

This Course is available in the following format:

Request this course in a different delivery format

GSA Schedule 70 Saving for Government Customers

Course Overview:

SIP Security Training Course Description

This SIP Security Training course will help you understand the issues of network security as they relate to the use of the SIP protocol. We will examine the security vulnerabilities of the protocol as well as each component in a SIP design for a comprehensive review of SIP security issues. We will conclude with a discussion of the policies and procedures that enhance SIP security.

Security is a concern for every company at every level. The introduction of media gateways to handle traditional telephony converted to SIP protocol for VoIP introduces many security management challenges on the data network. If not using media gateways, many organizations are starting to use VoIP providers who carry voice traffic on an IP network connection using the SIP protocol. The widespread adoption of SIP opens potential threats exposing the vulnerabilities of the protocol.

Customize It:

• If you are familiar with some aspects of this SIP Security Training course, we can omit or shorten their discussion.
• We can adjust the emphasis placed on the various topics or build the course around the mix of technologies of interest to you (including technologies other than those included in this outline).
• If your background is nontechnical, we can exclude the more technical topics, include the topics that may be of special interest to you (e.g., as a manager or policy-maker), and present the course in manner understandable to lay audiences.

Related Courses:

SIP Protocol, Architecture and Design Training
SIP Training Advanced | Advanced Session Initiation Protocol Training

Objectives:

Upon completing this SIP Security Training course, learners will be able to meet these objectives:

• Learn how to evaluate your SIP security concerns on all levels
• Understand the key components for security planning purposes
• Discern security vulnerabilities of SIP at the protocol layer
• Design for secure network communications by understanding protocol level attack methods

This SIP Security Training – Course Syllabus:

SIP Security: An Introduction

◾SIP security challenges: An overview
◾How SIP security fits into the overall data security strategy
◾How SIP security relates to the traditional telecommunications security
◾Discussion of the SIP protocol using the OSI model
◾SIP’s architectural vulnerabilities

Physical Layer Security: Discussion of Security Factors of SIP Endpoints (Telephones)

◾Configuration files
◾Tools for loading configuration files
◾User access levels
◾Other security factors

Data Link Layer Security

◾Firewalls and NAT’s
◾SIP architecture and potential threats that are handled by the firewall
◾Denial of Service (DoS) attacks
◾DoS attacks on SIP network components
◾DoS risk mitigation

Transport Layer Security: Digest Authentication and SIP

◾How it is implemented in the SIP protocol
◾How it is used against threats or attacks.

Session Layer Security

◾Security vulnerabilities of the SIP protocol
◾SIP standard and attacks
◾IETF and security standards
◾Application-level security vulnerabilities
◾General
◾Vendor-specific issues for the leading vendors
◾Encryption issues for SIP
◾Encryption as it relates to SIP
◾Tradeoff between real-time processing requirements and security
◾Presentation Layer Security: Rights and Access Levels

Application Layer Security: Load Balancers, Proxy Servers, Media Servers, etc.

◾Securing SIP architecture components
◾Password issues with SIP and applications
◾User authentication
◾Remote system access issues

Network Security Issues and SIP

◾New vulnerabilities related to SIP messages on the network
◾How SIP fits into the current network security plans and designs
◾Security of Gateways, One of the Most Vulnerable Elements of SIP design

Security Best Practices Related to the SIP Protocol

◾Security audit methods
◾Vendor management
◾Testing systems and devices: Available tools

Whether you are looking for general information or have a specific question, we want to help!

Request More Information

Print Friendly, PDF & Email