Spam, eavesdropping and toll fraud may not pose a significant threat to your customers' Voice over IP networks today, but as an increasing number of organizations adopt VoIP and extend IP telephony, VoIP system
This VoIP network security learning guide is designed to provide value-added resellers (VARs) and systems integrators with a basic framework for improving network security by addressing these weaknesses before malicious intruders take advantage of them.
Table of Contents
VoIP network security offers new challenges for channel professionals
(see link below)
As more companies adopt VoIP communications, network consultants, value-added resellers (VARs) and their customers will be faced with increasingly difficult VoIP security issues and challenges. Voice over IP requires layers of security -- similar to the underlying data network.
From VoIP-specific hardware and equipment to new protocols, careful planning and strict policy enforcement will play significant roles in protecting networks from VoIP phishing, spoofing and spamming. This tip describes the VoIP network security onion and the type of protections required at each layer.
VoIP security best practices (see link below)
VoIP is subject to the rules of the Internet, but securing VoIP doesn't have to be as difficult as some might think. Here are four basic steps for ensuring that your customer's VoIP network is secure.
In this tip, learn the three major security concerns regarding VoIP -- lack of authentication, data exposure and unwanted traffic -- and four basic steps, including best practices and baseline security controls, for mitigating VoIP security issues and ensuring VoIP system security.
VoIP system security protocols: Vulnerability protection (see link below)
VoIP technology has been recognized as a serious budget-saving technology for enterprise communications. However, VoIP also presents new targets for attacks, especially through the two standard protocols: H-323 and SIP.
In this guide, value-added resellers (VARs) and networking consultants will learn about these VoIP security vulnerabilities, as well as methods for protecting their customers' VoIP networks.
VoIP system security: Encryption (see link below)
VoIP offers businesses numerous benefits over traditional PBX phone systems. VoIP security methods, however, must gain effectiveness before companies will invest, and they have been slow to implement the technology because of some early difficulties, specifically VoIP security issues and encryption.
This tip offers some suggestions and best practices that system integrators hoping to sell VoIP security systems to their customers should be aware of.
VoIP system security: Zfone (see link below)
Zfone, a secure VoIP phone software product, offers a VoIP security and encryption option by allowing organizations to make encrypted phone calls over the Internet. Working with any standard SIP, Zfone provides encryption services for callers running the software.
Here you will learn about the security features and capabilities of the Zfone and how to use the Zfone to secure VoIP.
Signal encryption improves VoIP system security (see link below)
To avoid VoIP security issues and eavesdropping, value-added resellers and systems integrators need to consider signal encryption when designing a VoIP network. Unfortunately, beefing up VoIP system security through signal encryption is made difficult by the proprietary protocols used by most vendors.
Here you will learn how to implement signal encryption and how the technology helps to improve VoIP system security.
This was first published in July 2010