Six VoIP Security Recommendations
John Leonardelli
Before you begin to implement VoIP across your organization, there are several things you should consider. Security is extremely important these days and it is best to think before than act after an attack. Some vendors are building security solutions within their products others are not, leaving it up to the user to implement these measures.
1. Make sure your network and security infrastructure, including firewalls routers, VPNs, etc., are voice-optimized and capable of supporting the advanced security requirements for VoIP. More importantly, bandwidth, latency and quality of service become critical requirements for network and security infrastructure.
2. Your IP PBX is at the core of your VoIP infrastructure. Depending on the software you are using, especially windows servers, ensure that the base operating system of your IP PBX, as well as network infrastructure, are always updated and patched for the latest security vulnerabilities. Vendors that provide proprietary operating systems are a lot less vulnerable.
3. It is important to be proactive in conducting regular security assessments of your VoIP infrastructure. Being aware of such security flaws will help to avoid attacks and prevent system outages.
4. Manage your remote access ports and system backdoors. Default login and administrator passwords on such devices are a very common entry for attacks. Disable any insecure remote access features, such as FTP and Telnet, and disable local administration and management features.
5. Structure your network to use VLANs to separate voice and data devices and its corresponding traffic. Deploying VoIP devices on separate VLANs permits isolating data traffic from voice and signaling traffic, as well as utilizing Quality of Service (QoS) capabilities. VLAN separation does not ensure a robust security practice but having separate VLANs will help in isolating the traffic.
6. If your VoIP traffic goes over the Internet, use encryption technologies like IPsec tunnels to secure the VoIP traffic. While many of the VoIP protocols include capabilities for encryption and authentication, most of them are optional. Ensure your vendor has a security policy within the product itself.
About the author:
John Leonardelli, President, Gale Force Communications. John
brings 20 years of voice, data and wireless telecommunications
experience in various sales, management and operational roles.
John is a Certified IP Telephony Expert where his expertise has
been focused on IP Telephony, Contact Centre and complex
technical solutions. John has a degree in Electronics
Engineering, Telecommunications and Sales Management.
The latest information and news on VoIP :
Mobile VoIP company Fring adds a number of advanced features to its Windows Mobile app, including file transferring.
Mumbai gunmen used U.S. VoIP service to talk to their superiors during their ...
A U.S. VoIP phone service kept one of the terrorists who carried out deadly attacks in Mumbai, India, in November in touch with his handlers based in Pakistan, according to reports describing a dossier of evidence compiled by Indian officials.
SDK helps developers VoIP-enable Pocket PC applications. (ThomasNet)
VoIP EVO SDK for Pocket PC contains C-API DLL and COM control of VoIP EVO client that can be used from any programming language C++ and .NET Compact Framework. It comes with Windows as well Linux server (running as service), and enables VoIP conferencing with crystal clear sound for both low and high-bandwidth users (Speex Codec). Supported development environments include Visual Basic .NET, ...
FXO Chipset enables backup of VoIP traffic. (ThomasNet)
Comprised of FX1000 system control interface and FX1041 data access arrangement codec, LSI(TM) FX1000 foreign exchange office chipset enables connections between IP applications such as media gateways and VoIP devices and conventional analog lines. Solution provides Internet-based communications services with backup or alternate routing over PSTN, resulting in integrated communications services ...
Motorola Combines WiMax, WiFi, Ethernet, VoIP In One Device (InformationWeek)
The Motorola wi4 WiMa CPEi 775 will be available only to carriers initially and will not be offered for retail markets.
VoIP: Beyond the Status Quo (CircleID)
On New Year's Eve 2008 I felt compelled to respond to the stories being written about the Death of VoIP which lead to my recent blog post: VoIP is NOT Dead!
ESS Technology Announces World?s First VoIP Single-Chip Solution to Embed Two...
ESS Technology, a leading provider of high performance audio/video solutions, today announced the ES9701 as the newest member of its VoIP product line. First in the industry to embed two Subscriber Line Interface Circuits (SLICs) and an Ethernet switch, the ES9701 brings the highest integration and lowest bill of materials to consumer VoIP adapters and IP phone applications.
Truphone adds Skype, Twitter to iPhone client (CNET via Yahoo! News)
The Internet telephony company Truphone has turned its client for the iPhone and iPod Touch into an aggregator for a range of popular VoIP and instant-messaging applications.
Mumbai gunmen used US VoIP service (ARNnet)
Indian dossier says handlers used a virtual phone number provided by service provider CallPhonex to call a cell phone used by one of the terrorists in Mumbai.
ESS Technology Announces Worlds First VoIP Single-Chip Solution to Embed Two ...
FREMONT, Calif.----ESS Technology, a leading provider of high performance audio/video solutions, today announced the ES9701 as the newest member of its VoIP product line. First in the industry to embed two Subscriber Line Interface Circuits and an Ethernet switch, the ES9701 brings the highest integration and lowest bill of materials to consumer VoIP adapters and IP phone applications.