In this section:
The Ribbon ASM operates in either of two modes:
- In Appliance mode, the SBA utilizes Ribbon's solution to guarantee security and reliability. Ribbon fully support the ASM (Hardware and Software)
- In Server mode, the SBA is customized by the customer with a solution not tested or approved by Ribbon. Customization can be for functionality or security purposes. Ribbondoes not know the impact of this customization, therefore can only support the Hardware components.
By default, all ASMs are shipped in Appliance mode. Any customization will turn the ASM into Server mode. The only way to return into appliance mode is to re-initialize the ASM using the on-board capability via the WebUI.
Security Risk for a Server
The main risk for a server as a client computer is from a virus attack. A virus is a malware program that, when executed, replicates by inserting copies of itself (possibly modified) into other computer programs or data files. Viruses often perform some type of harmful activity on infected hosts, such as stealing hard disk space or CPU time, accessing private information, corrupting data, displaying political or humorous messages on the user's screen, spamming their contacts, or logging their keystrokes. However, not all viruses carry a destructive payload or attempt to hide themselves—the defining characteristic of viruses is that they are self-replicating computer programs which install themselves without the user's consent.
Infection vectors
Human interaction
Malware uses human interaction to get into a computer and execute itself. The vector can be an email, a file downloaded on web site, a file hosted into a flash drive, or newly installed software. Limiting the human interaction on an embedded system significantly reduces this risk.
Software bugs
Network-related software can contain a bug introduced during the software design that will allow the network capability of this software to execute some unwanted action (breach). Keeping the software updated reduces this risk.
Security on the ASM Module for SBA
The SBA is a mission-critical box because it provides voice survivability to branch office users. Ribbon has designed security for the SBA in partnership with Microsoft.
To reduce the attack surfaces of the Windows Server, Microsoft create some requirements for the SBA components, as well as recommending the use of a Security Configuration Wizard template provided by Microsoft to lock down the server and reduce the elements at risk of attack. These templates have been leveraged and customized by Ribbon before being applied to the ASM module in order to enhance the security offered.
Ribbon also implements architectural improvements within the SBA integration to improve the security of the SBA server still further and provide a true secured appliance.
Microsoft Security
The following areas are the Microsoft security elements within the SBA that have been implemented on the Ribbon platform in order to lock down and secure the server module, removing potential attack surfaces.
Microsoft Requirement
- Driver or software installation should not replace any Microsoft-authored system components and the driver must not bypass any Windows components.
- For each driver, no errors can occur under the Driver Verifier facility provided with Windows. Poorly written kernel-mode drivers have the potential to cause the system to become unstable or stop working.
- All drivers installed on the system must be signed.
Security Configuration Wizard Template
The Security Configuration Wizard template provided by Microsoft is a security policy created with SCW that configures services, network security, specific registry values, and audit policy. The Security Configuration Wizard template must be applied after the device has been deployed and all the applications have started.
The Security Configuration Wizard template performs the following tasks:
- Disables unnecessary services.
- Provides Windows Firewall with Advanced Security support.
- Updates the registry to secure Windows components.
Ribbon Enhancements to the Microsoft Template
In addition to the above Security Template provided by Microsoft, Ribbon has made the following enhancements to secure the SBA server even further:
- Disable RDP Printer Redirection
- Disable S-Channel Warning generated by failed TLS connection
- Disable administrative file sharing
- Disable SSL v3 client
- Disable SSL v3 server
Ribbon Architectural Security
The architectural implementation of the SBA server within the SBC platform also enhances the security of the deployed appliance by the following design factors:
Functional
- All operations for deployment and maintenance of the SBA are completed through the SBC secured WebUI and do not require physical or remote access to the ASM module. This removes the human interaction vectors.
- All communication between the SBC and SBA is internal to the SBC. This limits the risk of a software bug.
- Ribbon does not install "Internet Information Services" and Internet Explorer. This limits the risk of a software bug.
- Configuration of a Level 2 ACL within the SBC platform through the SBC secured WebUI. This limits the risk of a software bug.
- Configuration of Windows Firewall through the secured SBC WebUI. This limits the risk of a software bug and removes the human interaction vectors.
- All updates provided by Ribbon contain an MD5sum that is signed to ensure authenticity. This removes the human interaction vectors.
Support
As part of the ongoing commitment to provide partners and customers with software and security updates, Microsoft may release bug fixes or service packs as necessary to Ribbon and customers to ensure a consistent and highly robust user experience. All updates will be free of charge and are covered by the Windows license agreement. Since the SBA has two major software components — Windows Server and Lync/Skype software components — the updates for each component will be released independently of one another, resulting in a faster time to release.
Windows Server Updates
Microsoft frequently publishes updates to the Windows Server operating system. These updates are publicly available and can be downloaded and applied to the SBA should the customer wish to do so (and if found relevant).
Ribbonprovides additional checks for these update components by running checks, sanity tests, and performance controls and also by ensuring the SBA is compatible with the updates in question.
Every second Tuesday of each month, Ribbon evaluates all patches published by Microsoft. If a patch is a Critical Windows Update that has potential for severe impact, RibbonRibbon releases a critical Bulletin and package within a week. Ribbon delivers all the other updates on a monthly cycle for the SBA. Ribbon starts building and testing on the second Tuesday of the month. Building and testing takes no more than 2 weeks. Once fully tested and verified by Ribbon, a qualified update file will be posted on the Partner support portal for download. When loaded to the SBA, the system will continue to be supported in Appliance mode.
If you download and install a Microsoft update before Ribbon has verified and tested it for use in Ribbon products, the SBA will revert to Server mode.
Ribbon provides updates and improvements of the Microsoft Security template in the same update pack.
Lync/Skype Server Component Updates
SBA updates are posted on the Microsoft Update website and can be downloaded by anyone. Ribbon provides additional checks for these Lync update components by running checks, sanity test, and performance control and also by ensuring the SBA is compatible with the updates in question.
Once fully tested and verified by Ribbon, a qualified Lync update file will be posted on the Partner support portal for download. When loaded to the SBA, the system will continue to be supported in Appliance mode.
If you download and install a Microsoft update before Ribbon has verified and tested it for use in Ribbon products, the SBA will revert to Server mode.
Customer Security
It is the customer’s responsibility to use the tools available from Ribbonand Microsoft to harden the SBA. Using all the security tools as well as keeping the ASM up to date with Ribbon qualified update files will ensure ongoing security support. Use of anti-virus or other customer security solutions on the SBA is not recommended by Ribbon due to the low attack surface of the SBA that will render ineffective most of the services provided by such a security solution, and only adding overhead to the SBA performance.