* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download Comprehensive Security Protection for
Survey
Document related concepts
Next-Generation Secure Computing Base wikipedia , lookup
Deep packet inspection wikipedia , lookup
Distributed firewall wikipedia , lookup
Mobile device forensics wikipedia , lookup
Unix security wikipedia , lookup
Wireless security wikipedia , lookup
Information security wikipedia , lookup
Cyber-security regulation wikipedia , lookup
Secure multi-party computation wikipedia , lookup
Information privacy law wikipedia , lookup
Computer and network surveillance wikipedia , lookup
Security-focused operating system wikipedia , lookup
Computer security wikipedia , lookup
Transcript
News Comprehensive Security Protection for Enterprise Communication –Huawei eSpace UC2.0 Security Solution Unified communication (UC) provides a variety of brand-new IP-based communication and collaboration services, such as voice, video, instant messaging, video conferencing, email, and desktop sharing. UC solutions offer flexible communication, improve users' productivity, and lower communication costs. Following UC as a growing trend in the industry, an increasing number of enterprises are upgrading from their traditional Time-division Multiplexing (TDM) to VoIP networks. However, most UC systems are directly deployed onto existing IP networks in the enterprise running exposing it to the risk of security threats. Gartner's report shows that from 2012 to 2015, the compound growth rate of information security costs in the enterprise may reach 15%. For this reason, information security protection has become a global issue. To eliminate security risks, UC systems must have the following features. Reliable and secure terminal access Most enterprise employees use PCs, mobile phones, and IP phones in internal communication. IP phone: The Huawei UC2.0 solution uses interface-based access control protocol (802.1x) to authenticate accessed users and devices when receiving services from switches and LANs. UC services DMZ Mobile terminal: An increasing number of users are using mobile phones and laptops to perform office work and access enterprise communication servers (through the Internet). The Huawei UC2.0 solution integrates Huawei-proprietary virtual private network (VPN) solution and clients on mobile terminals. The VPN tunnel server and terminal are connected over a secure and encrypted channel, which ensures service data security. 3G mobile client Huawei SVN Mobile network Enterprise intranet Secure and integral data transmission The unified communication system controls signaling and transmits media streams using Session Initiation Protocol (SIP) and Real-Time Transport Protocol (RTP). Data is transmitted in plain text over IP networks, allowing hackers to easily access key information assets (such as user accounts and passwords), obtain confidential data, and eavesdrop on voice and video calls. In the Huawei eSpace UC2.0 solution, all components that use SIP signaling in interaction must support SIP Transport Layer Security (TLS) to ensure the security and integrity of signaling interconnection. News Additionally, all components that use RTP to perform media based communication must support Secure Real-Time Transport Protocol (SRTP) and use RTP to ensure the communication information security. Refined enterprise data management, ensuring information security The enterprise UC data is usually stored on the UC server and user terminals. The Huawei UC2.0 solution uses the following methods to ensure data security. Lightweight Directory Access Protocol (LDAP) or Secure Lightweight Directory Access Protocol (SLDAP) to ensure a secure access to already in place enterprise Active Directories (ADs). The centralized data storage and maintenance significantly reduces security risks and system operation and maintenance (O&M) costs. Some senior executives hope to keep their contact information secure to prevent undesirable calls, IMs, and emails. The Huawei UC2.0 solution classifies user information into personal and public information based on data sensitivity levels. Users (especially senior executives) can set refined and level-based information access policies, preventing enterprise address book information leak. IMs stored in local terminals are encrypted. The administrator can set and configure a word filter to censor or replace certain words. The system also supports the configuration of the message size, file type, document size, and transmission encryption for smooth and secure message transmission. Enterprise UC solutions have massive amounts of corporate data, including enterprise users, networks and devices, and user service data. The administrator manages the UC system by configuring and managing this corporate data. The Huawei UC2.0 solution fully supports security management protocols and classifies the system into several network segments. It differentiates service and management data, performs encrypted management data transmission, and offers additional protection for core servers. The Huawei UC2.0 solution offers end-to-end security protection that covers terminals (both fixed and mobile ones), networks, servers, and applications. The refined user behavior management function protects key information assets of an enterprise. This solution allows enterprises to enjoy efficient, convenient, secure, and unified internal communication.