|
EXPOSE
Will VoIP's shortcomings give businesses a wake-up call?
[IMAGE] [IMAGE] [IMAGE] [IMAGE]
[IMAGE] [IMAGE] [IMAGE] [IMAGE]
[IMAGE] [IMAGE] Internet Telephony
[IMAGE]
[IMAGE] [IMAGE] [IMAGE] [IMAGE]
[IMAGE]
[IMAGE] [IMAGE] [IMAGE] [IMAGE]
H.323: The standard for sending voice and video using IP on the public Internet and within an intranet. The standard, approved by the International Telecommunication Union (ITU) in 1996, describes how multimedia communications occur between terminals, network equipment and services.
IP Telephony (IPT): A general term for the technologies that use the Internet Protocol's packet-switched connections to exchange voice, fax and other forms of information that have traditionally been carried over the public-switched telephone network.
Media Gateway Control Protocol (MGCP): A protocol that defines a means of communication between a media gateway, which converts data from the format required for a circuit-switched network to that required for a packet-switched network, and the media gateway controller.
Session Initiation Protocol (SIP): A standard protocol for initiating an interactive user session that involves multimedia elements. It enables common telephony features like time-of-day routing and call forwarding.
Voice over Internet Protocol (VoIP): A set of facilities for managing the delivery of voice information using the Internet Protocol. Now used somewhat generally, it derives from the VoIP Forum, an effort by some vendors to promote the use of H.323.
Source: WhatIs.com
To continue reading for free, register below or login
To read more you must become a member of SearchSecurity.com
small>
[IMAGE]
[IMAGE] [IMAGE] [IMAGE] [IMAGE]
[IMAGE]
[IMAGE]
Dont' be surprised when your boss says you're about to enter the phone business.
Voice over Internet Protocol (VoIP), a specific iteration of generic Internet Protocol telephony (IPT) voice technology, is coming on strong as carriers roll out connection plans, and companies of all sizes deploy software and equipment to add services and save money.
So what's keeping security managers up at night as executives insist on wringing more productivity out of the network? Security, of course. Vendors have yet to create a complete solution that includes strong user/device authentication, end-to-end encryption and bulletproof management systems.
But, hang on the line and we'll show you how to identify the security obstacles of VoIP.
Security Disconnects
At its most basic level, IPT is the technology by which phone calls are converted into packets and delivered over the same pathways that carry data across local networks, leased lines and the public Internet.
Sounds simple enough, but amid widespread agreement on how to keep your data networks secure and healthy, the simplicity--and security--disappears as your business adds voice devices to its network.
VoIP's early adopters have encountered various high-priority security concerns that best practices and standards must address. Groups such as VoIP Security Alliance are identifying potential pitfalls in heterogeneous networks, with an eye toward creating a list of common issues. But, in the end, it will be up to vendors to recognize that, for VoIP to become ubiquitous, standards must be agreed upon and adopted.
Regardless of their technology choices, businesses' problems cut across product lines and go to the heart of VoIP's implementation challenges:
IPT networks have many holes.
Everyone understands how to set up a safe data network, but there's less agreement when faced with new, IPT-related obstacles. For example, many session initiation protocol (SIP)-enabled firewalls, which ground IPT-based communication, allow the dynamic opening and closing of ports required for telephony. Not only is port 5060 active for signaling (the process of setting up and tearing down a call), but ports 1124 through 1760 will open and close automatically as calls are set up and audio begins to pass through the firewall. During calls, those ports are wide-open highways into the network.
|
