Home
VoIP At Home
Business VoIP
Carrier VoIP
VoIP Learning
VoIP Terminology
Cheapest Providers
VoIP News
VoIP Network Blog
Contact Us
Free Broadband TV
Cheap Business VoIP
Free VoIP Providers
Web Hosting
 

VoIP Security - Is It A Concern?



VoIP Security is one thing that has hindered the progress of the technology over the past few years, as consumers and businesses alike have been concerned over potential breaches of their communications network.

In particular, VoIP business security has been a big concern for all sizes of company, but particularly those handling large amounts of sensitive data on their network.

The following article gives an interesting insight into practical VoIP security and asks how much there really is a security issue with VoIP.

VoIP Security

VoIP Security

By Peter Nisbet

Voice Over IP security has been called in question recently, though there is little evidence to indicate that the security of VoIP is any less than conventional telephony systems.

VoIP voice data is transmitted via a packet-switched data network using IP. VoIP systems can carry a significantly higher number of calls, and very much faster, than traditional PSTN networks due to compression of the voice packets, modern broadband technology and a number of other gateway developments. These have reduced the previous packet delivery problems to an extent that the protocol is now a viable mainstream telephony solution to most business needs.

VoIP business security should therefore be shown to be at least as effective as that of traditional telephone systems.

There is actually very little difference between VoIP security and that required for any other type of data transmission system. Look on it the same as you do your email system. The same as your office LAN if you have one. You probably have a system in operation whereby only authorized personnel can use certain aspects of the network. Practical VoIP security can, and does, use the same techniques.

However, having said that, let’s have a look at potential weak points in VoIP security that budding hackers may see as good points of attack.

IP PBX CALL MANAGEMENT BOXES

PBX stands for Private Branch Exchange, and is piece of software running on a server. It’s function is to deal with all the switches and connections involved in the telephone system. These can be attacked by hackers or viruses which could compromise sensitive data. VoIP business security solutions are designed with this risk in mind.

PBX equipment should be placed behind firewalls, locked down and regularly monitored for unwarranted intrusions using intrusion-detection software. It is also possible to put the server in a different domain from the rest of the system, making it much more difficult for intruders to reach. PBX security is a basic aspect of a Voice Over IP security system

GATEWAYS AND DATA PACKETS

The gateway’s job is to convert voice to data packets, transmit them then receive and convert the packets back into voice. These are a potential security risk in that thy can be hacked into unless there is an access-control system in place to prevent unauthorized people from accessing the system. VoIP calls should only be permitted to specific people, and most good VoIP security systems allow only authorized user to operate VoIP systems under password control.

The data packets themselves can be hacked into using data-sniffing techniques. This can be a serious security risk, and packet sniffers, as they are often called, capture binary data passing through your network and can reroute it to a computer on another network for decoding into a readable form. In order to do this, the ‘sniffers’ has to be on the same network wire as the packet is using to reach its destination. The problem in installing an effective and practical VoIP security system is that there is usually a lot of information passing at any one time, and the hacker has a higher probability of getting useful information than from a conventional telephone system.

Encrypting VoIP traffic and routing it through a virtual private network would reduce the security risk of VoIP, and most corporate systems have multiple encryption layers for external messages. Internal security could be improved by running internal VoIP messages through this corporate network. Small businesses should seek the advice of their supplier, or of a security expert if they feel that they may be subject to such attacks.

However, VoIP security advisors can point small to medium companies in the right direction. VoIP security in corporations is generally not so much problem in that it is normally contracted out to expert advisers.

In the final analysis, however, there are no real differences between Voice Over IP security and the normal security concerns associated with any data network service, such as normal office internet and email LANs. The security firewalls and restricted access to use, common on these systems, should suffice to deal with VoIP security

Copyright 2006 Peter Nisbet

Peter is an industrial research chemist with almost a fixation with data transfer systems, starting with audio and video file formats and codecs, and here with telephonic transmission systems which allow what is commonly known as VoIP. His fascination with subject is obvious from his website: http://www.data-voip-solutions.com

Article Source: http://EzineArticles.com/?expert=Peter_Nisbet

Return from VoIP Security to VoIP Learning Centre


footer for VoIP security page