Do you need anti-virus capabilities on the computer that provides your VoIP service?

VoIP security
Do you need anti-virus capabilities on the computer that provides your VoIP service?

Answer Wiki

Thanks. We'll let you know when a new response is added.

I believe that every server should have an anti-virus on it unless there is a very good reason not to have one.

Of course, any computer running machines should have an antivirus software. There are many forms of antivirus that may hide itself. It may hide to your files, folders, music, videos, etc. You have to secure your computer using the latest antivirus software programs.
When it comes to VoIP server penetration, on a commercial level you’re
fighting off stack overflows, and zero day remote exploits, all day to
say the least. Just make sure your server isn’t running any vulnerable services, etc. You’ll be fine, with just a layer 3 hardwall. You could probably get by with just IPTables, industry standard is at least 3 layers, especially on dedis.

Discuss This Question: 2  Replies

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.
  • Kevin Beaver
    You absolutely need malware protection in any Windows system. All it takes for infection is someone browsing to an infected site, opening an infected email, or inserting an infected USB drive/CD/DVD/floppy. If it's going to affect performance of the VoIP system, then exclude the real-time protection capabilities for the specific VoIP directories on the drive.
    27,550 pointsBadges:
  • James Murray
    I'm curious why this question was asked? I wonder if there is more going on than we understand. The question was not a best practices question about virus software... or was it? Most VoIP systems are simply IP devices on the network. In the question you ask about computers that manage VoIP systems. A VoIP server is no different than any other server on the network in terms of risk to pickup a virus. Virus software though is not required to run the VoIP software. It is just a best practice recomedation. With the right edge and boundary control systems in front of the VoIP servers and if those servers never communicated directly with systems outsite these boundaries a virus system or malware software would not be needed. At the same time if there is a possibility that an infected system could communicate with the VoIP system the system would be at risk. But this also could be avoided by only permitting remote terminal connects through a terminal server that did have Virus software on the system. Technically no, you don't need anti-virus capabilities to run any server system. Virus software is not "required" for any system. The problem comes when the system becomes infected. If there is no risk of infection, there would be no need for anti-virus solution. there are plenty of reasons not to put virus solutions on a system. Complex test enviroments have servers with no virus solution installed at all. Packets containing virus bits cross a router do not infect the router. Until all the packets are re-assembled the virus can not affect the system. So if packets crossing the system through the VoIP server are never assembled on the VoIP server, the virus software wouldn't protect the server. The server would be safe. The phone that assebled the infected packets would be infected. Presumably though the edge system in front of the VoIP servers would clean those packets before they reached the VoIP server and the phone. The visus solution on the VoIP server would only protect it from the virus that was able to load itself on the server. The anti virus solution would not clean the packets being passed to the phone. That is the job of the edge system surround the VoIP server. When running a production VoIP server nobody should be using the VoIP server to surf the net, recieve emails, loading contaminated USB drives or disks nor should that system be communicating with risky systems. The architecture around the VoIP server should filter all the packets coming into the server long before the packets reach the server. With the right controls and systems in place, I think that the VoIP server may not in fact even need a Virtus solution on the system. There is the possibility that someone might purposely try to infect the server, but then that person could just as easily disable the virus software if that were there intention. We can't protect servers from stupidity, incompetence and human error other than to fire incompetence. Finally if a system was somehow infected, a contaminated virtual image could be replaced in minutes. Redundancy of the system could easily handle the load while that system was replaced. Ok one more finally... When working on red alert the system kept re-infected the systems as soon as they were connected to the network. The answer was build the system, inoculate the system before connecting the system to the network. Even with a strong virus solution on the servers, it didn't make a difference. There is always a risk of infection, but I believe with the right architecture and control processes in place, the risk could be minimized to where the virus solution on the server may cause more risky than not having the anti-virus solution.
    1,795 pointsBadges:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.


Share this item with your network: