WAN Technology: Part 2
Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or
Already have an account? Sign In »
Time
15 hours 43 minutes
Difficulty
Advanced
CEU/CPE
16
Video Transcription
00:00
>> Let's look at the second half of WAN technology.
00:00
In this section, we're going to talk
00:00
about MPLS switching,
00:00
and we'll also talk about Voice over IP or VoIP.
00:00
Now, with Multi Protocol Labeled Switching,
00:00
>> MPLS for short,
00:00
>> what we're looking at is creating an alternative
00:00
>> to a VPN connection across the Internet.
00:00
>> What we're doing is we're leasing a provider's network,
00:00
and across that provider's network,
00:00
there are series of routers.
00:00
These routers are running
00:00
this MPLS protocol that's going to allow
00:00
the prioritization of traffic
00:00
based on ideas like quality of service.
00:00
For instance, VoIP,
00:00
if your organization uses
00:00
a lot or has a lot of VoIP traffic,
00:00
MPLS is a great environment
00:00
because that allows the prioritization so that
00:00
>> the VoIP traffic can get the amount of bandwidth
00:00
>> and can get the quality of service that's necessary.
00:00
>> On your environment,
00:00
>> you're going to have a label edge router
00:00
>> that's going to take your land traffic,
00:00
>> prepare it to go across the MPLS network,
00:00
attach a label based
00:00
on the type of traffic that you have.
00:00
Goes across what feels like an end-to-end circuit,
00:00
it's really a virtual circuit
00:00
>> to get to the destination,
00:00
>> whether it's a branch office
00:00
or another physical facility.
00:00
At that end, the organization has a label edge router
00:00
as well that can read the labels that have been put on,
00:00
and then that traffic is forwarded
00:00
into the off-site location or again,
00:00
whatever the destination is.
00:00
But the whole thing about MPLS,
00:00
this idea of labeling,
00:00
we're moving traffic across
00:00
a high speed routed
00:00
network and I know it's called switching,
00:00
but it's all Layer 3 technology.
00:00
This is going to give us a more private option
00:00
>> than tunneling across the Internet.
00:00
>> Now, Voice over IP.
00:00
For a long time,
00:00
we had digital computer systems
00:00
>> and we wanted to take that data
00:00
>> and run it across analog phone lines.
00:00
>> We wanted to put digital on analog lines,
00:00
and now that everything is digital,
00:00
we want to put analog voice on digital lines.
00:00
We've always tried to run
00:00
analog and digital on the same line,
00:00
but the problem is they're
00:00
two totally different signaling types.
00:00
Digital is one or zero, on or off.
00:00
With analog, there're all sorts of possibilities
00:00
>> in the waves of communication.
00:00
>> If we're going to allow
00:00
these two different signaling types
00:00
to traverse the same cable,
00:00
then we have to have a means of converting
00:00
digital to analog or analog to digital.
00:00
Back in the day, we used modems.
00:00
We had a modem that would take
00:00
the digital signal from our computer,
00:00
translate it to analog so it could
00:00
go across the analog phone lines.
00:00
But today with analog voice needing to go
00:00
across data lines or digital lines,
00:00
>> instead, we use what we refer to as telephony.
00:00
>> Telephony is essentially the conversion of analog voice
00:00
>> to traffic that can traverse an IP network.
00:00
>> Those telephony devices,
00:00
>> those are usually our smartphones
00:00
>> that we use to initiate the communication.
00:00
>> I'll just mention another protocol
00:00
involved with VoIP is one called SIP,
00:00
which stands for Session Initiation Protocol.
00:00
That's what allows the connection
00:00
from one phone to another.
00:00
Think about its session layer,
00:00
Session Initiation Protocol.
00:00
That connection making the VoIP phones ring,
00:00
that's all SIP.
00:00
Now when it comes down to the actual data transfer,
00:00
we have a protocol called RTP,
00:00
which stands for Real-time Transfer Protocol.
00:00
Now we'll point out that
00:00
the original Real-time Transfer Protocol
00:00
was not secure, because once again,
00:00
we don't build products to be secure,
00:00
we build them with a function in mind,
00:00
and then we wind up thinking
00:00
about security after the fact.
00:00
Of course, as long as we still have that mentality,
00:00
we're going to continue to design products
00:00
that aren't inherently secure.
00:00
Now we have secure RTP,
00:00
but we have to make sure that,
00:00
that's the option we choose,
00:00
just like we have to make sure we're using HTTPS
00:00
or any other secure protocol
00:00
when there are others that are available.
00:00
There's also a protocol H.323,
00:00
that controls the gateway,
00:00
which is the connection
00:00
>> from our internal VoIP network out
00:00
>> to the rest of the world, so to speak.
00:00
>> That doesn't have built-in authentication,
00:00
so that can be an issue.
00:00
But when it comes right down to it,
00:00
the greatest security issue with VoIP is eavesdropping.
00:00
Anything that traverses an IP network
00:00
is susceptible to eavesdropping.
00:00
Anytime we're moving data on the network,
00:00
someone could be listening,
00:00
and someone could be tapping into the line,
00:00
someone could have a packet sniffer
00:00
>> so that secure RTP is going to mitigate
00:00
>> the risk of eavesdropping.
00:00
>> But I would know that's the greatest threat.
00:00
Now, other threats, one might be toll fraud.
00:00
This goes back to the days
00:00
where somebody might be making long-distance calls
00:00
on your company lines
00:00
>> or even today international calling
00:00
>> is so expensive still,
00:00
>> making country-to-country calls
00:00
>> on the company's VoIP network.
00:00
>> Sometimes charging up, thousands,
00:00
tens of thousands,
00:00
>> even hundreds of thousands of dollars in bills.
00:00
>> Now vishing is just like phishing,
00:00
but using your VoIP system.
00:00
The reason it's specific to
00:00
VoIP is because with your smartphones,
00:00
your telephony devices,
00:00
usually these smartphones have
00:00
a lot of benefits and features,
00:00
one of which is caller ID.
00:00
When I call you and say, "Hey,
00:00
this is Kelly from the Tampa office,"
00:00
>> and you look down at your phone
00:00
>> and you see the phone number for the Tampa office,
00:00
>> that authenticates me a little bit.
00:00
I have the right number,
00:00
I've told you I'm from Tampa,
00:00
you see the phone number from Tampa,
00:00
but phone numbers are easy to spoof,
00:00
just as easy as IP packets.
00:00
The idea is sometimes
00:00
>> we can use these VoIP devices
00:00
>> and take advantage of some of their features,
00:00
>> their good features,
00:00
>> and use them to an attacker's benefit.
00:00
>> Then we have SPIT,
00:00
I don't make this stuff up.
00:00
It is spam over IP telephony
00:00
>> and if you can build it, they can spam it.
00:00
>> Now the last two, latency and jittering,
00:00
these are both delays.
00:00
Latency is a fixed delay.
00:00
Jittering is a variable delay.
00:00
That fixed delay is usually easy to work around.
00:00
I realize, okay, I can see you talking
00:00
>> it's going to take two seconds
00:00
>> for me to get the audio and I can wait.
00:00
But with jittering, it's so
00:00
unpredictable that we wind up talking over each other.
00:00
Just wrapping this up, we talked about
00:00
Multi Protocol Labeled Switching,
00:00
which is label 3 WAN technology,
00:00
we lease an MPLS connection network from a provider,
00:00
it allows for quality of service
00:00
>> and high-speed routing from one point to another.
00:00
>> Then we talked about VoIP,
00:00
Voice over IP, where we take analog voice,
00:00
transmit that analog data across digital lines
00:00
>> through telephony devices.
Up Next
Instructed By
Similar Content
