Security
There are numerous threats to a Voice over IP (VoIP) network, many of which aren’t obvious to organisations used to separate voice and data infrastructures. The networking devices, the servers and their operating systems, the protocols, the phones and their software are all vulnerable.
SBL can assist companies in designing and implementing secure converged networks. The information about a call is almost as valuable as the voice content – a compromised signaling server used to setup and manage calls, might yield the following: a list of incoming and out going calls, their durations and parameters. Using just this information, an attacker could map all of the calls on your network, creating complex conversation records and user tracking.
The conversation itself is also at risk and the most obvious target of a VoIP network. By breaching a key part of the infrastructure, such as a VoIP gateway, an attacker could capture and reassemble packets in order to eavesdrop on the conversation, or, record everything and replay all conversations occurring on your network. On the PSTN, this would be extremely difficult since few are skilled enough on or have access to the huge switches managing calls. That’s obviously not the case on a data network, and if your VoIP packets traverse the Internet to reach a destination, a number of potential hackers have access to your voice data.
The availability of the VoIP network is also a major concern. On the PSTN, availability is rarely a problem. Attackers would need to overload some very large circuits or cut a connection. It’s much easier to thwart a VoIP network. All of us are familiar with the crippling effects of distributed denial of service attacks. If directed at key points of your network, it would disrupt your ability to communicate via voice or data.
The phones and servers are targets themselves. Although as a whole they mimic phones, they are, at the core, computers with software. Obviously, this software is vulnerable to the same types of bugs and exploits that hamper every operating system and application available today. Code could be inserted to perform any number of malicious actions.
SBL – being an IP centric organisation – understands the security risks associated with IP Telephony deployment. We can provide encryption solutions (IPSec, SRTP, VPN), advise on Quality of Service (QoS) standards, implement firewall solutions and ensure that all necessary redundancy options are considered.
IP Telephony benefits carry with them the new burden of voice security. Careful planning and architecture, borrowed from our IP data security experiences, can help mitigate the risks and amplify the returns.
For more information please call SBL on 01256 316170