When voice was just voice, it did not pose a security risk to the data network…at least not directly. It could be argued that there is still potential to exploit the voice network for social engineering purposes that result in a compromised data network, but that is a semi-convoluted argument and not really the point of this post.
With VoIP alone, standard best practices suggest keeping the voice VLAN and the data VLAN separate so that a compromise of the voice network would not have any effect on the data network. However, we live in a converged world. Unified communications merges voice and data and requires that they all play nice on the same network. Where does that leave us? That leaves us with some new security concerns to be aware of and guard against.
This post from Nortel’s Voice Security Blog, in conjunction with Sipera Systems Chief Marketing Officer, Eric Winsborrow, provides some additional detail and illustrates some potential scenarios that could exploit a vulnerable VoIP system and lead to a compromise of the UC or data network.