• For caller ID blocking on your outgoing calls, simply dial *77, followed by the number and your call will come up as “UNKNOWN” on the recipient’s caller ID.
• To block incoming calls from a specific number, log into your account and click on 'Phone Numbers' and enter a phone number you want to block including callers that use UNKNOWN or anonymous on their caller ID.

• Provides application-layer encryption and privacy to any supporting end-point.
• Forks both signaling and media for monitoring and recording of clear traffic, even when it is encrypted, enabling centralized call recording and simpler architectures.
• Enables full privacy of communications to remote call centers, and teleworkers, traveling workers, with no VPN appliances or concentrators to configure and manage.
• Safely supports SIP trunks with the industry's best protection against toll fraud, eavesdropping and intrusion.
• Supports advanced access control and user authentication, including clientless two-factor authentication, for VoIP phones.
• Enables compliant VoIP and Unified Communications to VoIP phones, smartphones, soft-clients, video phones and other devices.
• Complements an existing security architecture and compliance processes, including firewalls, IDS/IPS and other functions.

• A security appliance that sits in the enterprise DMZ, providing access control, authentication, encryption, policy enforcement, and threat detection and mitigation.
• Interoperable smartphones with native SIP clients, or the downloadable Sipera SLiC client, which provides a secure SIP stack, VoIP capabilities and integration with enterprise security.

• Transport Layer Security which authenticates communication parties and encrypts the signaling on the public side, even if it is in the clear on the LAN.
• Secure Realtime Transport Protocol, which adds encryption when the voice media streams are transported outside the enterprise LAN. When combined with TLS it further shields users from eavesdroppers, hackers and spoofers.

• Unveiling secure Unified Communications on the iPhone, extending private, controlled and compliant IP-based UC from the enterprise to employees in any location using the Sipera SLiC secure smartphone UC solution. Sipera SLiC already supports leading smartphones and secures the mobile UC traffic of thousands of enterprise employees in countries around the world.
• Demonstrating compliant and secure enterprise Video Conferencing for teleworkers and the distributed virtual enterprise. Demonstrations will showcase methods to avoid common service disruption risks, prevent security violations and ensure communications compliance.
• Securing enterprise Instant Messaging, to satisfy privacy and security mandates, which is critical for users in healthcare, financial services, and other industries handling large quantities of real-time and historic sensitive information.

• Extend UC and VoIP to smartphones while ensuring privacy and security compliance by seamlessly extending the enterprise security perimeter to these devices.
• Securely enable office phone functionality on smartphones, such as interoffice extension dialing, no matter where the employee is using the smartphone.
• Offload cellular minutes to VoIP for dramatic savings, while maintaining confidentiality of mission-critical communications. This enables fully secure utilization of VoIP with dual-mode mobile phones.
• For the first time ever, use Two-Factor Authentication with smartphone VoIP for enhanced access control.
• Block threats that result in data leakage, toll fraud and a host of other security risks.
• Enforce control on incoming voice spam with a one-click option on the phone to black list calls.
• Easily manage and enforce the enterprise communications security posture on any device in any place, both inside and outside the enterprise border.

• Automatically authenticates the smartphone back into the enterprise PBX or call manager.
• Ensures encryption of IP-based communications.
• Enforces security policies in real-time.
• Blocks threats or blacklisted callers.

• Sipera's award-winning UC-Sec security appliance, deployed in the enterprise VoIP or UC network and providing encryption, access control and authentication, policy enforcement, and threat mitigation.
• Integration and interoperability of UC-Sec with the enterprise's smartphones, which could be complemented by the Sipera SLiC Client, available for leading smartphone operating systems.

• Denial of Service (DoS) attacks causing VoIP services to fail
• Directory Harvesting entailing hackers using brute force to search for VoIP on a network
• Eavesdropping using man in the middle attaches spoofing the MAC address of two users forcing the VoIP packets hackers force the packets to pass through their system for eavesdropping
• Registration Hijacking where hackers get the Session Initiation Protocol (SIP), disable a valid user's SIP registration, and substitute it with their IP address
• Spam over Internet Telephony (SPIT) produced by botnets using compromised systems to target millions of VoIP users.
• Vishing (Voice Phishing) seeking to make users disclose sensitive or personal information for identity theft
• Voice Service Theft involving unauthorized users who get access to a VoIP network

BIO:         SonicWALL Vice President, Product Management Patrick Sweeney
             Patrick Sweeney is SonicWALL's Vice President, Product
             Management for all SonicWALL Business Units. With more than
             20 years of software development and product management
             experience, his current focus at SonicWALL is developing
             products that keep networks secure and wipe out the scourge
             of spam and phishing from inboxes, digital telephony and
             video everywhere.

WHAT:        Sweeney is available to discuss packet manipulation trends in
             VoIP and video technology and the potential political issues
             spawned by hackers and dictators working together in
             countries like China and Belize.

RESOURCE:    Easily managed and highly cost-effective, SonicWALL Converged
             Network Security solutions offer a high performance, multi-
             layered security approach that also maintains quality of
             service for time-sensitive voice and video applications.
             Further, all VoIP traffic between third-party VoIP telephony
             devices can be easily configured to traverse any SonicWALL
             Secure Remote Access solution.

• Protection against denial of service attacks, eavesdropping, and toll fraud, as well as reconnaissance attacks and spoofing that lead to social engineering, vishing, SWATing, ID theft and similar criminal activity
• Pandemic planning, business continuity and remote teleworker capabilities
• Compliance with HIPAA and patient privacy requirements in healthcare
• Targeted security architectures that meet FERPA privacy requirements in education
• Encryption and privacy compliance that satisfy PCI DSS, GLBA and other mandates in financial services

• Telecom Connectivity Vulnerabilities: Many enterprises have moved to SIP trunking for low-cost telecommunications connectivity. Unfortunately, these enterprises often rely on Session Border Controllers for security of real-time VoIP and UC traffic, making them highly vulnerable to toll fraud. In production security architecture analysis, Sipera has identified nine common configuration errors, vulnerabilities and functional limitations that leave enterprises using SBCs for VoIP security exposed to toll fraud risk.
• Application-Level Vulnerabilities: In many cases, application servers, voicemail systems, and other communication systems can be easily exploited by fraudsters because of weak passwords and authentication schemes. Furthermore, security policy enforcement mechanisms in such systems are often inadequate to stop fraudsters from using them to gain access to toll calling facilities.
• End-Point Vulnerabilities: Weak security on user devices and inadequate authentication schemes enable fraudsters to exploit these devices to pose as authorized users and gain access to toll calling facilities.

• Security assessments: Sipera's VIPER Lab offers the industry's most advanced VoIP and UC security architecture consulting services, including VoIP penetration testing and comprehensive UC vulnerability assessments.
• Seamlessly integrated security appliances: Sipera's award-winning UC-Sec security appliances are the industry's only purpose-built, comprehensive security solutions designed for real-time VoIP and UC traffic. Used in dozens of deployments worldwide, UC-Sec prevents toll fraud in VoIP and UC via policy enforcement, access control, threat mitigation and encryption. UC-Sec fits flexibly into any security architecture to complement and enhance an enterprise's security posture.

• Will help the readers to understand the actual problems of using and developing VoIP services, and to distinguish between real problems and the general hype of VoIP security
• Discusses key aspects of SIP security including authentication, integrity, confidentiality, non-repudiation and signalling
• Assesses the real security issues facing users of SIP, and details the latest theoretical and practical solutions to SIP Security issues
• Covers secure SIP access, inter-provider secure communication, media security, security of the IMS infrastructures as well as VoIP services

• Denial of Service (DoS) - Similar to DoS attacks on data networks, VoIP DoS attacks leverage the same tactic of running multiple packet streams, such as call requests and registrations, to the point where VoIP services fail. These types of attack often target SIP (Session Initiation Protocol) extensions that ultimately exhaust VoIP server resources, which cause busy signals or disconnects.
• Spam over Internet Telephony (SPIT) - Much like the majority of e-mail spam, SPIT can be generated in a similar way with botnets that target millions of VoIP users from compromised systems. Like junk mail, SPIT messages can slow system performance, clog voicemail boxes and inhibit user productivity.
• Voice Service Theft - VoIP service theft can happen when an unauthorized user gains access to a VoIP network, usually by way of a valid user name and password, or gains physical access to a VoIP device, and initiates outbound calls. Often, these are international phone calls to take advantage of VoIP's toll by-pass capabilities.
• Registration Hijacking - A SIP registration hijack works by a hacker disabling a valid user's SIP registration, and replacing it with the hacker's IP address instead. This allows the hacker to then intercept incoming calls and reroute, replay or terminate calls as they wish.
• Eavesdropping - Like data packets, voice packets are subject to man-in-the-middle attacks where a hacker spoofs the MAC address of two parties, and forces VoIP packets to flow through the hacker's system. By doing so, the hacker can then reassemble voice packets and literally listen in to real-time conversations. From this type of attack, hackers can also purloin all sorts of sensitive data and information, such as user names, passwords, and VoIP system information.
• Directory Harvesting - VoIP directory harvesting attacks occur when attackers attempt to find valid VoIP addresses by conducting "brute force" attacks on a network. When a hacker sends thousands of VoIP addresses to a particular VoIP domain, most of the VoIP addresses will "bounce back" as invalid, but from those that are not returned, the hacker can identify valid VoIP addresses. By harvesting the VoIP user directory, the hacker now gains a new list of VoIP subscribers that can be new targets to other VoIP threats, such as SPIT or vishing attacks.
• Vishing (Voice Phishing) - Vishing mimics traditional forms of phishing - attempts to get users to divulge personal and sensitive information, such as user names, account numbers and passwords. The trick works by spamming or "spitting" users and luring them to call their bank or service provider to verify account information. Once valid user information is given, criminals are free to sell this data to others, or in many cases, directly siphon funds from credit cards or bank accounts.
• Because of these quickly emerging threats, WatchGuard recommends that businesses using VoIP systems review their perimeter and VoIP security to ensure they have the most proficient security solutions in place.

• Identify and defend against VoIP security attacks such as eavesdropping, audio injection, caller ID spoofing, and VoIP phishing
• Audit VoIP network security and assess the security of enterprise-level VoIP networks such as Cisco, Avaya, and Asterisk and home implementations like Yahoo! and Vonage
• Use VoIP protocols like H.323, SIP, RTP, and IAX
• Locate potential vulnerabilities in any VoIP network
• Use both existing and newly released VoIP security tools

• Avaya - Communication Manager, Message Storage Server, SIP Enablement Server, IP hard-phones, and IP soft-phones.
• Nortel - Business Communication Manager, Communication Server 1000, Media Communication Server Applications, IP hard-phones, and IP soft-phones.
• Cisco - Call Manager, Unified Communication Manager, Unity Unified Communication, IP hard-phones, and IP soft-phones.
• Microsoft - Office Communications Server and Office Communicator.