Despite the sharp focus put on virus filters, firewalls and other protective measures, many corporate networks remain vulnerable to hacker intrusions. A company out of Burnaby, B.C. means to change that with a new telecom firewall offering.
Sentry Telecom Systems Inc. late in 2001 said field trials of its Phonewall Telecom Firewall device were underway. The product stands guard between the PSTN and a company’s PBX, making sure only authorized traffic gets through. Sentry says Phonewall helps keep at bay intruders who might otherwise discover easy access to the corporate network.
Sometimes employees attach dial-up modems to their company computers in order to access them from outside the office.
“The problem is, that creates a vulnerability in the network,” said Brian Cherrin, Sentry’s director of business development. “Hackers, using war-dialling software, will attack a network (through these modems).”
These “rogue modems” leave a back door open for intruders. By dialling a block of numbers in a certain geographic area – “war dialling” (see Network World Canada, Aug. 24, 2001, page 16) – hackers might access the computer and, in turn, find their way into the corporate network.
It’s not a new method, but the current crop of software designed to protect Internet intrusions does little to keep the telecom infrastructure safe, Cherrin said.
A company could use a form of war dialling itself to see if the network sports any rogue modems, but the practice doesn’t make perfect, Cherrin said. If the rogue modem is in use, for example, the scan might skip it, leading administrators to believe the network is tight when it is not.
If intruders access the PBX, they might also make long-distance phone calls and charge them to the company. Toll fraud, Cherrin said, remains the bane of too many enterprises.
Phonewall would put a stop to this sort of theft, he said. It monitors calls and keeps track of which phone lines are used for modems, and which are used for voice. Thus the device sniffs out rogue modems and gives network managers the edge over intruders.
The product also offers policy controls, according to Cherrin. Users can set the system to watch out for data calls en route to supposed voice-only lines. Phonewall would cut the connection, either silently or with a pre-recorded warning about violating corporate policy.
Phonewall creates call-detail records for scrutiny, generates alarm records if policies are violated and records specific calls for analysis. If the device fails, an automatic bypass mode connects the PBX to the PSTN directly.
Sentry’s product is not the first of its kind. Consider SecureLogix Corp.’s TeleWall for comparison. It acts much the same as Phonewall does, offering policy enforcement and call-type recognition. It is part of SecureLogix’s Enterprise Telephony Management Platform, which consists of hardware and software like TeleWall and other telecom protective offerings.
Lisa Pierce, an analyst with Cambridge, Mass.-based Giga Information Group, said Phonewall is at least half as useful as Sentry claims. “I believe the big PBXs have toll fraud prevention schemes… However, the rogue modem issue still exists.
“The other thing is, when you look at IP PBXs like Cisco’s AVVID (Architecture for Voice, Video and Integrated Data) product line, they are susceptible to both problems, both the hair-pinning (toll fraud) and the rogue modem problem. So there is a market for this, perhaps not as a stand-alone product but incorporated into a PBX or IP PBX.”
Cherrin said Phonewall works with traditional PBXs, not with IP PBXs. But as VoIP becomes more and more popular, Sentry plans to build a Phonewall for these so-called next generation networks. Meanwhile, he said, the current product is good for discovering just how much traffic travels the PBX and helps companies decide how much VoIP capacity they need, if they’re inclined to migrate.
Cherrin said the PBX version of Phonewall should be available come springtime at a price of US$8,500. For more information, visit Sentry’s Web site at www.sentrytelecom.com.