Avaya 3.7 VoIP

Overview of implementation

28 Avaya VPNmanager Configuration Guide Release 3.7

Ping of Death. - The ping of death sends packets with invalid lengths. When the receiving

system attempts to rebuild the packets, the system crashes because the packet length exhausts

the available memory.

IP Spoofing. - This attack sends an IP packet with an invalid IP address. If the system accepts

this IP address, the attacker appears to reside on the private side of the security gateway. The

attacker is actually on the public side, and bypasses the firewall rules of the private side.

Smurf Attack. - This attack floods the system with broadcast IP packet pings. If the flood is

large enough and long enough, the attacked host is unable to receive or distinguish real traffic.

Tear Drop.- This attack sends IP fragments to the system that the receiving system cannot

reassemble and the system can crash.

Flood Attack. - This attack floods the system with TCP connection requests, which exhausts

the memory and the processing resources of the firewall. Flood attacks also attack the UDP

ports. This attack attempts to flood the network by exhausting the available network bandwidth.

WinNuke Attack. - This attack attempts to completely disable networking on computers that

are running Windows 95 or Windows NT. This attack can be swift and crippling because it uses

common Microsoft NetBIOS services.

Buffer Overflow. - This attack overflows the internal buffers of the application by sending more

traffic than the buffers can process.

Quality of Service (QoS) allows you to classify and prioritize traffic based on DHCP values and

TCP/IP services and networks. The bandwidth available to a class of traffic can be allotted to a

specific percentage of the total upstream bandwidth. Configuring QoS allows VoIP traffic to

receive a higher priority. If QoS is disabled, all traffic receives the same priority.

VoIP

The security gateway can be configured to protect and enable the communication of VoIP

telephones either within a VPN or firewall. The security gateway can be configured to secure

Avaya Multivantage™ and IP Office™ VoIP solutions as follows:

●Secure site-to-site voice trunks such as between headquarters and branch offices or

between main offices and home offices using VPNs.

●Secure VoIP servers or endpoints (IP telephones) by providing perimeter security using

the VoIP aware firewall filtering that is able to d ynamically open and close all ports r equired

to pass VoIP communication between servers and endpoints