VoIP security has been called in question recently, though there is little evidence to indicate that VoIP security is any less than conventional telephony systems.
VoIP voice data is transmitted via a packet-switched data network using IP. VoIP systems can carry a significant higher number of calls, and very much faster, than traditional PSTN networks due to compression of the voice packets, modern broadband technology and a number of other gateway developments which have reduced the previous packet delivery problems to an extent that the protocol is now a viable mainstream telephony solution to most business needs.
VoIP security should therefore be shown to be at least as effective as that of traditional telephone systems.
There is actually very little difference between VoIP security and that required for any other type of data transmission system. Look on it the same as you do your email system. The same as your office LAN if you have one. You probably have a system in operation whereby only authorized personnel can use certain aspects of the network. VoIP security can, and do, use the same techniques.
However, having said that, let's have a look at potential weak points in VoIP security that budding hackers may see as good points of attack.
IP PBX CALL MANAGEMENT BOXES
PBX stands for Private Branch Exchange, and is piece of software running on a server. It's function is to deal with all the switches and connections involved in the telephone system. These can be attacked by hackers or viruses which could compromise sensitive data. VoIP security systems are designed with this risk in mind.
PBX equipment should be placed behind firewalls, locked down and regularly monitored for unwarranted intrusions using intrusion-detection software. It is also possible to put the server in a different domain from the rest of the system, making it much more difficult for intruders to reach. PBX security is a basic aspect of VoIP security systems
GATEWAYS AND DATA PACKETS
The gateway's job is to convert voice to data packets, transmit them then receive and convert the packets back into voice. These are a potential VoIP security risk in that thy can be hacked into unless there is an access-control system in place to prevent unauthorized people from accessing the system. VoIP calls should only be permitted to specific people, and most good VoIP security systems allow only authorized user to operate VoIP systems under password control.
The data packets themselves can be hacked into using data-sniffing techniques. This can be a serious VoIP security risk and packet sniffers, as they are often called, capture binary data passing through your network and can reroute it to a computer on another network for decoding into a readable form. In order to do this, the 'sniffers' has to be on the same network wire as the packet is using to reach its destination. The problem in installing an effective VoIP security system is that there is usually a lot of information passing at any one time, and the hacker has a higher probability of getting useful information than from a conventional telephone system.
Encrypting VoIP traffic and routing it through a virtual private network would reduce the VoIP security risk, and most corporate systems have multiple encryption layers for external messages. Internal security could be improved by running internal VoIP messages through this corporate network. Small businesses should seek the advice of their supplier, or of a security expert if they feel that they may be subject to such attacks.
However, VoIP security advisors can point small to medium companies in the right direction. Corporate VoIP security is generally not so much problem in that it is normally contracted out to expert advisers.
In the final analysis, however, there are no real differences between VoIP security and the normal security concerns associated with any data network service, such as normal office internet and email LANs. The security firewalls and restricted access to use, common on these systems, should suffice to deal with VoIP security
VoIP Security
Subscribe to:
Post Comments (Atom)
About Me
- VPN.CO.IN
- Your information resource for Virtual Private Networks | Vpn Setup | Cisco Vpn Client | Tunneling | Tunnel | Computer Networking | Secure | Mpls Network | Cisco Vpn | Vpn Network | Wireless Router | Routers | Sonicwall | Remote Access Vpn | Cisco | Router | Firewall | Remote Access | Checkpoint | Safenet at Vpn.co.in
Followers
Powered by Blogger.
Blog Archive
-
▼
2010
(1174)
-
▼
June
(181)
- 642-504 Study Guides
- Cisco ASA 5520 VPN/Firewall with SSM-AIP-20
- Buy a Replica iPhone, the most popular phone in th...
- Setting up your Small business VoIP
- USB DVR - Home Security at Your Fingertips
- Cisco 350-029 exam questions
- 640-553 brain dumps
- Firebox X5500E Firewall
- 642-524 Study Materials
- Get to Know about Cisco?s CCSP Certification
- CompTIA XK0-002
- Examining the Security Systems Company Option
- Cisco 350-029 dumps
- Zed-3: public security emergency communication pra...
- MSG100 Secure Wireless Office Controller with VPN/...
- Why and How to Choose a PC Backup Solution?
- Bpo Services - Present and Future?
- Nortel Secure Router improve the quality of conver...
- Access control system--Proactive Software and the ...
- U.S. IP VPN Services: A Demand-Side View from the ...
- NETGEAR LAUNCHES FVS328 CABLE/DSL PROSAFE VPN FIRE...
- 642-415 practice test
- Cisco Training From Experienced Professionals
- 2msolutions to access control panels with Galaxy C...
- Palm Treo Pro now available
- In Need of Tried and Tested World Wide Web Connect...
- Introduce Four Free Tools Which Every Administrato...
- D-Link NetDefend DFL-210 VPN/Firewall
- How to gain knowledge in 642-515 Cisco SNAA certif...
- Comstor UK Introduces New Development Programme an...
- Communication Manager Software ? An Overview
- Invest in Window Alarms for Home Security and Safety
- Netgear ProSafe VG318 Wireless VPN FireWall
- VPN/FIREWALL HIGH AVAILABILITY
- 642-524 practice test
- Vpn Client for Unix V3.3 Single User
- the original Apple iPhone went on sale,
- Netvanta Vpn Client 50 Users
- ADOT uses for virtual private networking technolog...
- Purchasing The Best Samsung Security Camera
- Purchasing The Best Samsung Security Camera
- Broadband Satellite In Cars
- Server Security Research and Achievements
- VPN/FIREWALL-1 CUSTOMER LOG
- CradlePoint CTR500 3G travel router
- Nortel CONECTIVITY VPN CLIENT FOR MAC
- Getting an Isecp Certification
- Finding The Right Sanyo Security Camera
- NETGEAR - NETGEAR ProSafe Wireless-N VPN Firewall ...
- PC Backup Software: Which one's the right one? (Pa...
- VPN Client for SonicWALL Pro
- ADOT uses for virtual private networking technolog...
- Everything You Wanted To Know About Ccsp Training ...
- 642-825 exam training
- Guide to Wireless Network Security
- Orange Introduces VPN Firewall Solution for Branch...
- Apple Iphone: Questions and Answers
- Raptormobile VPN-Client
- Why You Have To Choose A VoIP Internet Phone
- Cisco 642-533 Exam
- Enhance Your Browsing Experience With Secure Browser
- D-Link DIR-330 NetDefend 802.11G Wireless VPN Fire...
- CONTIVITY VPN CLIENT FOR MAC V1
- Belkin Routers
- Comprehensive and Customized Penetration Testing F...
- Netgear FVL328 Cable/DSL ProSafe High-Speed VPN Fi...
- SonicWALL Global VPN Client Windows - 10 License
- Virtual Private Networking: Designing Private Netw...
- Features & Benefits Comprehensive Security products
- enVigil for Schools, Colleges,Universities and edu...
- RESILIENCE LAUNCHES VPN/FIREWALL APPLIANCE.: An ar...
- SonicWALL Global VPN Client Windows - 5 License
- Virtual Private Networking with L2tp, Volume I
- Comprehensive Security products that helps your se...
- What's The News With Advanced Home Security Systems?
- New cybersecurity focus for federal R&D group
- Cisco 642-426 exam
- NETGEAR FVS328 ProSafe VPN Firewall with Dial Back...
- Great Features on a Business Phone
- SonicWALL VPN Client Setup Kit
- Biometric system has Comprehensive Security Solution
- How Much Should I Expect to Spend on Web Security?
- Watchguard Firebox X750e VPN/Firewall - 8 x 10/100...
- All The Information You Need On Hotspot Billing An...
- Understanding Ccie
- 70-221 practice test
- Compliance, Security, And Cost-Efficient Managemen...
- DHS deploying the wrong weapons in cyberwar
- Netgear ProSafe FVS338 VPN/Firewall 8 x 10/100Base...
- Hotspot Billing And Hotspot Software: The Benefits...
- VPN Client - Category: Software Licensing
- Knowledge About Cisco Ccdp Certification
- Guideline For Scns Tactical Parameter Defense Ex0-106
- The Benefits of Automatic Files Backup and Secure ...
- Cyberwar debate rages on
- NESIC Chooses Vyatta for the Virtual Foundation of...
- Japan IP VPN Services 2004-2008 Forecast
- New resilience VPN/firewall APP delivers great per...
- The Nokia E55 ? for the Office on the Road
- SonicWALL Global VPN Client - license
-
▼
June
(181)
0 comments:
Post a Comment