Online guide to VoIP world, news,
software, solutions and VoIP providers

VoIP software
VoIP providers
VoIP technology
VoIP news
VoIP business
VoIP announcements
VoIP mobile
VoIP hardware
VoIP accessories
VoIP services
VoIP security
VoIP Pabx
VoIP integration
VoIP market
Mac VoIP
Windows VoIP
VoIP Question and Answers
VoIP guides
VoIP conferences
VoIP in Europe
VoIP in Asia
VoIP in South America
VoIP in Africa
VoIP headsets
iPhone VoIP
Portable Console
Booking Deals
News Archive
Legal disclaimer
Contact us
 Subscribe in a reader
voipstage.com rss xml feed RSS XML 2.0 Feed
voipstage.com - Online guide to VoIP world, news, software, solutions and VoIP providers
VoIP security fundamentals 06-08-2007
Voice over IP (VoIP) security is a challenge for IT staff because IP telephony (IPT) brings with it not only the security problems of data networks but also new threats specific to VoIP.

In this fundamentals guide, learn about network security threats and emerging IP telephony threats, and how to secure your VoIP systems and endpoints from them.

How to think about VoIP security
Security requires constant vigilance. Security is all about the protection of resources -- data, devices, networks, applications and people. While access to these resources is the goal of the user, securing access to these resources means the administrator of the resources wants to limit, even prevent, that access. Enterprises already have many security problems with their data network infrastructure, servers, desktops and software. Adding VoIP and IPT to the mix only compounds the security problems.

There are several security issues with VoIP networks:

The VoIP/IPT devices, servers, gateways and phones share the data network and inherit the data network's security problems.
There will be data attacks on voice devices such as Denial of Service (DoS) and malware.
It is easier to eavesdrop on IP calls than on TDM calls.
The centralised TDM PBX is gone. The VoIP/IPT resources are scattered around a network.
The operating systems of the VoIP/IPT devices are less secure than the TDM operating systems of the past.
Systems (PBX) administration can be located at multiple locations and can be accessed by Web browsers.
VoIP security vs. voice quality

It may not be apparent, but security tools and solutions will conflict with voice quality. The more barriers there are in the network and endpoints for security purposes, the more interference there will be with voice quality.

One of the first issues is the firewall. The firewall can block calls because it cannot process the signaling or dynamically allocate the UDP ports for the calls to pass through it. Firewalls may not read the QoS markers in the voice packet, thereby degrading the packet delivery service. Other issues include:

Voice packets, when they pass through security devices, can cause added delay, jitter and packet loss during the call.
Intrusion prevention systems perform considerably more processing than a firewall and have been proven to cause voice quality degradation.
Encryption and decryption add delay to the calls.
VPN connections encrypt the QoS markers. The routers consequently cannot deliver the needed QoS for the voice packets.
The security vs. voice quality conflict will be hard to resolve. The voice manager, obviously, does not want poor-quality calls. If the calls are poor, then why have calls travel over the data network in the first place? The security manager does not want to open the network and endpoints to security exposures that will not only compromise the voice services but weaken the data functions as well. This will require a great deal of negotiation and compromise. Security is important, but not at the cost of an unacceptable voice service.

[Click here to read the whole VoIP security guide]
Source: [Computer Weekly]

Read more news on this topic: