Sep 20 2008 5:13PM GMT
Posted by: Tony Bradley
VoIPshield,
SecureLogix,
monoculture,
Real-Time Transport Protocol,
RTP,
VoIP security,
FUD
One of the issues or stumbling blocks facing organizations as they adopt unified communications is the interoperability (or lack thereof) between systems. A company would like to know that the platform they invest in will be able to integrate, or at least cooperate with, disparate platforms being used by vendors, customers, or future merger and acquisition targets.
In the world of VoIP (Voice over IP), there is a more or less agreed upon standard in RTP (Real-Time Transport Protocol). That is great for universal interoperability, but some have suggested that it may also pose a security risk for VoIP networks. The potential ‘monoculture’ of RTP could mean that any successful exploit against the protocol could cripple not one VoIP platform, but all VoIP platforms simultaneously.
I do agree that organizations need to be concerned with VoIP and unified communications security, but I believe that the ‘RTP monoculture’ issue is primarily FUD being used to sell VoIP security solutions from the vendors claiming the sky is falling. The thing is that monoculture is largely a myth. The ‘Microsoft monoculture’ was just anti-Microsoft FUD.
Each organization has different perimeter security, different products and applications inside the network, different security policies and controls across their environments. Yes, they may all use RTP, but everything else about their network and VoIP configuration is unique to each organization. Hopefully, if they have done their homework and put the right kinds of security controls in place, an RTP exploit that impacts one company won’t necessarily impact them.
Jun 3 2008 3:13PM GMT
Posted by: Tony Bradley
Security,
VAR,
Unified Communications,
UC,
VoIP,
ETM System,
SecureLogix,
Nortel
Nortel has formed an alliance with SecureLogix to enable Nortel VAR’s to market and sell the SecureLogix ETM System and other security services in conjunction with Nortel’s new Voice Security Services offering. Adding to the arsenal already available to Nortel VAR’s, the SecureLogix ETM System provides a powerful voice security and management platform. Nortel customers will be able to optimize their investment in voice technologies, while protecting the voice and data networks from telephony-based attacks and abuses. Unified communications and VoIP are hot technologies that many companies have adopted or are looking at implementing soon, but few have taken the time to understand the security risks or proactively safeguard their unified communications investment. Nortel and SecureLogix are moving in the right direction by recognizing the security concerns and providing products and services to help their customers leverage the benefits of these new technologies securely.