Unified Communications: Click to talk

Oct 19 2008   1:28PM GMT

VoIP Security: Don’t Be Complacent



Posted by: Tony Bradley
Tags:
Encryption
Security
VLAN
VoIP

One of the biggest problems with information security is that it is almost always reactive. The entire antivirus industry is built on a model where new threats are unleashed on the unprotected public first, then the antivirus vendors capture a sample and create a defense for the threat to add to the signatures their antivirus product can detect.

Unfortunately, it is easy to be complacent…until it isn’t. In other words, complacency only works until an attack catches you sleeping and you end up with catastrophic results. Security experts continue to talk about the potential threat of VoIP attacks, but the fact that no credible attack has been perpetrated (or at least reported) leads many to feel like these are just ‘sky is falling’ predictions from security vendors with a product to sell.

To some degree that may be true, but VoIP administrators need to be diligent about understanding the potential security risks and strike a balance between paranoid and healthy skepticism. This report from Silicon.com provides a link to various tools capable of attacking a VoIP network which are currently available publicly- highlighting that the threat is real even if the attacks haven’t occurred.

It then goes on to talk about VoIP security. VoIP merges the communications network with the data network, making voice communications subject to the same sorts of threats and compromises that used to affect only data networks. Most of VoIP security rests in sound, best practices for network security. The article focuses on two additional measures though- using VLAN’s to segment VoIP communications and using encryption to ensure that VoIP communications data can not be understood by anyone who might intercept the data packets. 

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: