Signal encryption is an important security measure value-added resellers (VARs) and systems integrators need to consider when designing and securing their customer's VoIP network. Eavesdropping is a significant concern in a technology where confidential information is passed over potentially vulnerable lines. Unfortunately, the process of fortifying VoIP security through signal encryption is made difficult by the proprietary protocols used by most vendors.
Don't forget to secure the signaling
Most of the concerns VARs intuitively have about VoIP security are related to high-tech eavesdropping via packet sniffing, or to denial of service attacks or to new IP-based versions of good old fashioned toll fraud. The obvious solution to the eavesdropping is encrypting the media streams.
The details of this can be vendor-specific, since many vendors implement proprietary signaling protocols, or at least proprietary extensions to standardized protocols. So in the absence of a standard signaling protocol that provides privacy and non-repudiation, odds are good that you'll see some implementation of IPSec, but keep in mind that if you've got a multi-vendor solution, encrypting your signaling may be especially challenging.
Learn more about securing VoIP with signal encryption.
About the author
Tom Lancaster, CCIE# 8829 CNX# 1105, is a consultant with 15 years experience in the networking industry, and co-author of several books on networking, most recently, CCSPTM: Secure PIX and Secure VPN Study Guide published by Sybex.
This was first published in April 2007