Secure VoIP in simple steps
Securing VoIP doesn't have to be a challenge for systems integrators and their customers. Because VoIP is basically a phone call over the Internet, it offers the same strengths and weaknesses as the Internet. But it's not as scary as it seems. Most of the tuning required to secure VoIP involves the same efforts as hardening Internet and Web connections your customer's network probably already has in place. And most of that work can be handled by the system integrator or VAR.
Here are four suggestions for protecting your customer's VoIP network:
- Run all VoIP traffic through a separate Internet connection, separating voice and data into their own network segments.
- Avoid cheap systems, rather partner up with more established vendors.
- Encrypt any VoIP traffic to ensure confidentiality.
- Place VoIP servers in a secure physical location.
Find a more complete list, including more best practices for ensuring VoIP security.
About the author
Joel Dubin, CISSP, is an independent computer security consultant in Chicago. He is a Microsoft MVP in security, specializing in Web and application security, and the author of The Little Black Book of Computer Security available from Amazon. You can visit his blog, The IT Security Guy, at www.theitsecurityguy.com.
This was first published in March 2007