Apple iPod Touch Set to Become VoIP Phone

Coming Tomorrow, January 1 - Make VoIP calls on the iPod Touch.

Three French developers have created a hack for the Apple iPod Touch that will allow it to be used as a VoIP phone. I have to assume they've added the SIP stack to the Touch and are using the WiFi connection on the iPod Touch to make VoIP calls.

Will Apple squash this French iPod VoIP Revolution and make bricks out of iPod Touch devices? Possible but since there's not a required ATT service agreement for the Touch like the iPhone there's not the same network restrictions.

Interesting idea, I can see the tagline now.  Let your Apple iPod Touch reach out and touch someone! Ha, those craaaazy frenshhh peep-pulz!

When good VoIP security tools turn to the dark side

It's 10pm... and do you know if your VoIP network is safe? Just like any other kind of the technology, it's all a matter of who's hands tools are in as to whether they are used for good or bad. That's no different for the open source VoIP penetration testing tool VoIP Hopper, as this Wired story describes how easy it is to hack into many VoIP networks.

VoIP hopper is roughly the equivalent of an early Nessus scanner for the VoIP world. Using VoIP Hopper you can simulate the interactions between a VoIP handset and PIBXs. In the Wired article even basic security such as MAC address filtering wasn't being used on VoIP networks they broke into. Unfortunately, again, VoIP is like so many other new technologies that are widely deployed but security is an afterthought. If someone told you we were going allow some new strange mobile device onto the network, we'd at least take a second look wouldn't we? Many VoIP networks still consider the wired network inside the firewall a "trusted" network but the opposite is really true.

If you are using VoIP in your network, you should at least be firewalling VoIP traffic through a firewall setup sepcifically for SIP and VoIP call handling, preventing access to other data and servers. VLANs and MAC filtering can help but aren't a cureall. VoIP is another reason to get your network into the 802.1X era so handsets have to authenticate. Bottom line, don't take VoIP security lightly. Voice is likely your most mission critical buisness application. Bring down voice and email, and many businesses are severely crippled.

10G, NAC, Security, VoIP, SMB, "You like-a?"

At every "show", like Interop this week, a theme emerges of what the dominate product interest and announcements are about. It seems the last several RSA and Interop shows were all about NAC...NAC...NAC. Will it be a repeat again at this show? As Borat would say (smiling); "In my country, you they would like-a, 10G, a-vera mucha. NAC? You, not so mucha." (and then stop smiling).

We're always enthralled with the "next" thing when it comes to speed and while most networks today wouldn't yet benefit from 10G, that's certainly where we are all headed. Heck, I even have a 1G switch in my home network. While I think 10G will be a good bit of what we heard about at Interop this week, I actually believe that this year we will hear about a wider range of interests. VoIP of course is a big topic but SMB is picking up steam too (that's where our Cobia is focused for course). So stay tuned and we'll see how the week unfolds.

Podcast #37-Paul Congdon, HP ProCurve CTO

This week's podcast special guest is Paul Congdon, CTO of HP's ProCurve division. If you're not aware, HP ProCurve is #2 in market share of network switches. HP ProCurve has done a fantastic job of not only offering a good product at the right price point, they also differentiate themselves with integrated network management and identity management capabilities. In our interview, Paul talks about those aspects of HP ProCurve, his view on the future of the market, and also Paul's unique perspective as an HP Fellow.

In The Converging Minute I follow up my recent post about Cisco's entry into the low end of the SMB market with their VoIP centric SBCS product bundle.

This Week In Security is a discussion of Sourcefire's misfire in revenue and impact in the stock market, Sourcefire's ETM product annnouncement, and the most recent Microsoft DNS vulnerability for Windows 2000 and 2003 Server.

Thanks for listening and as always please feel free to send Alan and me comments or questions at podcast@stillsecure.com.

mp3 file

Cisco SMB convergence

Earlier this month, Cisco announced the bundling of multiple Cisco products aimed at the SMB market, specifically businesses with 8-16 employees (i.e. that's how many phone sets are supported.) Dubbed the Smart Business Communications System, it consists of a bundle of of Cisco VoIP, switch, router, firewall, wireless access point, VPN and management software.

Cisco announced this at their partner summit, clearly indicating who would be the channel for delivering, and more importantly installing, these services for customers. Businesses that small rely on a service provider or integrator to sell and install voice and network services unless someone in the business has a pre-existing "geek chromosome".

Rather than a "business network in a box", this is a bundling of multiple Cisco products: hardware - UC 500 router/IP PBX/firewall/VPN, CE500-8PC power-over-Ethernet switch, 7931 IP phone, Wireless Express Access Point (pre-configured for security), and software - Smart Assistant remote configuration and troubleshooting software, Configuration Assistant (to configure all SBCS elements), and Monitor Manager and Manage Director.

Everyone has wondered what Cisco would do in SMB after its investment in the retail market through Linksys, and SBCS represents a clear move into the lower end of the SMB market. Cisco is treading into a part of the SMB market many have feared and question how to make money in. Key to this working of course will be showing the channel they can make more money with Cisco gear rather than other providers. The cost to the customer has got to be very competitive as opposed to other alternatives. This is yet to be seen so we'll have to watch the uptake on Cisco SBCS by the channel.

In addition to hardware/software cost, a very important part of this profit equation is largely going to be the ease of installation and operation of Cisco's SMB equipment. (Garrett Smith of Smith on VoIP commented on this as well.) Installers are going to insist that installation be quick and easy so they can either focus on other differentiated services or (more likely) quickly move on to the next customer installation. Ease of use has never been a Cisco strength. Even recent attempts through the Express product line and it's GUI-like configuration software haven't changed the minds of many about Cisco's ease of use.

When it comes down to it, in this part of the market hardware is hardware - the customers don't much care. If the last Linksys broadband router failed, then lets try Netgear this time. It's about cost to the customer and cost incurred by the channel to deliver.  A  law office with a staff of 8 isn't going to care if it is Cicso, Netgear or XYZ gear. They just want it to get installed quick, and never have to call the service provider back because of problems. The secret to solving the problem here is enabling the channel to deliver services cost effectively and make good money at the same time.

Announcement - Cobia(tm) Unified Network Platform

Today, StillSecure is announcing our open source UNP product, Cobia(tm). The press release is available here. Visit the Cobia site to learn more and download the Cobia software at http://cobia.stillsecure.com.

The following is the product description of Cobia:

Cobia™ Unified Network Platform™ is a modular, open source software platform for networking and security in SMB and enterprise remote office networks. Overcoming the limitations and upgrade hassles of traditional fixed-appliances, Cobia offers greater flexibility through its plug-n-play software modules, operates on off-the-shelf Intel/AMD hardware, and brings virtualization capabilities to networking and security. The Cobia software is comprised of a base software platform with routing, firewall, DHCP and other modules that are installed when and where needed within the network. Cobia runs as a dedicated device or as a VMware virtual appliance on Intel/AMD servers, computers and hardware appliances.

Cobia is a next generation open source product, offered under a dual-use license structure. The community license includes Cobia source code and allows organizations to use Cobia for free as part of their business or personal network infrastructure. Commercial licensing is available for those who bundle Cobia with hardware, integrate Cobia as part of their product or service, or create products utilizing Cobia. StillSecure will be offering commercial support (email, phone and 24x7) and commercial paid-for Cobia modules and products in the near future. Cobia partner and channel programs are available for resellers, integrators, hardware providers and ISVs. Currently in beta, Cobia software download, forum-based support, source code and licensing information are available at http://cobia.stillsecure.com.

Whitepaper: Unified Network Platform

I’ve put the finishing touches on the convergence whitepaper I’ve been working on over the last few weeks (minus some time interrupted for RSA).

I’m introducing my vision for convergence via this whitepaper focused on my concept of a Unified Network Platform(tm) for networking, security, and network centric applications. UNP is the basis for creating a new paradigm whereby network and security functions can be delivered into the network through a software-based framework operating on general purpose computing hardware.

I will let the whitepaper do the talking about more specifics but here are some things I would like to point out.

• Plug-n-play security and network services. Put the appropriate services where they belong in the network, rather than being limited the feature set of any one piece of hardware or it’s location in the network architecture.
• Use an open platform to manage security and networking. Users have full control and the ultimate in customization options because of UNP’s open platform.
• Take advantage of the latest advances and economies in general purpose OTS hardware. Specialized ASICs should be used in specialized situations. Multi-core technologies are a new era for network and security processing applications.
• Unlock the handcuff hold vendors have on users. Upgrades, migration, replacement are all within the control of the user.
• Today’s and tomorrow’s network and security functionality. An expandable platform offers an open path to future needs.
• A UNP software-based platform can leverage current and future virtualization technology. I believe this will have an even greater profound effect on our thinking about network architectures, networking, security and network applications.

By no means do I see this whitepaper as complete. It truly is only a start. My thoughts and ideas about convergence are ever evolving and maturing. I see expanding on this vision over time, refining the UNP concepts and introducing new ideas and directions. The applications are just beginning. For example, the few network and security applications I mention in the paper are just the start to help communicate the ideas behind UNP.

Take a read of the whitepaper and let me know what you think. I'd love to hear any reactions, ideas, etc. I believe the timing is right and there's an exciting future for UNP.

Security Inside

Brian Chee at Infoworld starts 2007 on the right foot by talking about network and security convergence. Brian notes how Extreme Networks and HP ProCurve have both seriously taken on security in their product lines with new IDS capabilities. Extreme also offers an excellent NAC product in the Sentriant AG product (blatant self-promotion on my part since my company StillSecure partners with Extreme on this product). HP ProCurve also has a very strong offering in their IDM (Identity Management) solution. Consentry and others are making a play by integrating security at the chip level (for inspection) within switches for IDS and partnering for post-connect NAC needs.

Just like routers aren't really just routers any more (they do a multitude of functions), switches are morphing into multi-function platforms; embedded security processors, content inspection and sampling technologies, and security apps. These are being integrated into the switching fabric for line-speed needs and as adjunct security devices for NAC or non-line speed security functions. And of course many switches are starting to look a bit like or are (L3/L2) routers too.

So someday will we be able to tell the difference between a switch, router, security appliance or network application? I'd argue the dawn of that day is upon us - at least we are seeing the beginnings of the lines blurring. The paradigm of a box that does a single network or security function is under siege. So is the idea that it is a closed box, with it's own proprietary OS and monolithic software architecture. And frankly, it needs to be. We need to move away from our hardware centric paradigm and view this from a fabric of networking, security and application services that live on the network - maybe in multiple places.

We're way past the days of networking equating to just moving bits on wires, between ports and converting protocols. Networking today is also about what's inside those datagrams, who''s sending them, what kind of devices are sending/receiving them and are they supposed to be on the network with those characteristics. Hardware centric thinking by the vendor or the network consumer doesn't solve these kinds of problems.

Podcast 26 - Special 2006 Bloggers' Wrap Up

Alan and I wrapped up this year with a very special year end podcast #26. First, Mike Rothman joined us as a special guest for the show. A number of our security blogging friends recorded and sent to us their thoughts on the most important security events of 2006. Alan, Mike and I then get to add our two cents on the subject as well.

Joining us on podcast 26 with their own recorded thoughts are:

• Martin McKeay from Network Security Podcast and blog
• Michael Farnum from Information Security Place
• Perry Carpenter from Security Renaissance blog
• Ravi Char from Musings on Information Security
• Larry Pesce from Paul Dot Com
• AndyIT Guy from Andy ITGuy blog
• Michael from MCW Research
• Mike Murray from epistome.ca blog
• Dan York from Blue Box VOIP podcast and blog

And of course our special guest for this show Mike Rothman from Security Incite.

We owe thanks to so many people throughout the year that have joined us for the podcast. Most important are you the listeners who continue to follow our musings on happenings within network security. Thank you for a successful '06 and here's to a safe and secure '07! - Mitchell

Listen to podcast #26 at www.clickcaster.com/ss.

The VoIP switch is on - to open source

Well you know that open source software is making inroads when organizations start replacing commercial VoIP solutions with open source software. That’s exactly what’s happened at Sam Houston State University. They are replacing their Cisco VoIP system with Asterisk open source software. Moving 6,000 students, faculty and staff to any new phone system is no small project (1,600 have been moved so far).

If you’ve been following the open source 2.0 companies then Digium (Asterisk) is definitely on the radar of interesting companies to watch. VoIP has become very competitive with a wide variety of offerings from the traditional PBX companies (Avaya, for example), NEC plus networking providers like Cisco. Skype, Gizmo, Vonage and others have broken open the single user computer and home markets. I can’t remember the last time I paid for a long distance call unless it was for international (and that’s not happening much anymore thanks to Skype and others.)

Asterisk offers an open source based VoIP system that's compatible with existing Cisco IP phones. Rather than using proprietary Cisco Skinny Call Control Protocol, Asterisk instead uses a standard SIP software image. (These proprietary Cisco protocols are happening at a pretty high frequency lately, eh? I thought network people believed in standards and standards-based products. When did proprietary protocols suddenly get a pass? Time for a gut check people! Do we want standards or not?) Interesting were SHSU views that they felt less secure having to rely on slow to materialize security fixes and patches from Cisco rather than more rapidly fixing a security problem themselves if needed.

Now that Cisco is a software company, will Cisco and other traditional players “open up” and offer any kind of open source alternative? Ya, right - lets talk about fixing the proprietary protocols problem first. Cisco may have adopted a new tune about being a “software company” but nobody would say they’ve gone as far as saying Cisco’s got software religion. OSS and Open source 2.0 business models are making the game interesting. As an observer of new trends, technologies and businesses, I’m watching with punctuated anticipation. Here’s rooting for the new guys!