What issues can arise if there are IP phones on a network that uses 802.1x? What if, behind the phones, there are connected PCs that share the same switch port?
Voice over IP (VoIP) telephony technology is beginning to replace traditional PBX (private branch exchange) telephony in the enterprise. Last year, SearchSecurity.com discussed Cisco's move toward quadplay convergence – putting data, voice, video and mobile communications on the same network. And you're right to question the security issues of such an arrangement.
When deploying VoIP on an 802.1x network, a significant issue is the use of the Ethernet port. Most VoIP phones provide this port so that a client PC can connect to the network. If you're using 802.1x, make sure that the switch is configured to allow multiple devices on the same port. Otherwise, only the first device to establish a connection -- the phone or the PC -- will be able to access the network.
You'll also need to take measures to protect against a new kind of eavesdropping threat. By placing your voice traffic on the same network as your data traffic, it's exposed to confidentiality risks not seen on a traditional voice network. Now, if your security controls aren't up to par, any computer on your network has the potential to become an eavesdropping device. For that reason, not only should VoIP traffic be placed on a separate VLAN, but you also need to consider the security of the VLANs themselves. Read Combining 802.1x and VLANs for advice on implementing VLAN segregation, or check out Popular VLAN attacks and how to avoid them for tips on securing your VLAN implementation.
Dig deeper on Network Protocols and Security
Related Q&A from Mike Chapple, Enterprise Compliance
Social media compliance is not typically considered a big issue for companies, but expert Mike Chapple explains why it should be.continue reading
Metadata tagging is not just for security. Expert Mike Chapple explains how tagging tools can be used to achieve PCI DSS compliance.continue reading
Before using the HIPAA-compliant cloud services from Google, there are some things companies need to know, according to expert Mike Chapple.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.