Securing Your Internet Phone SystemBy Steven S. Ross | Posted 2005-08-03 Email Print
Once you've decided to switch to a phone system that uses voice-over-Internet Protocol technology, you must secure the system as well.
Running phone calls over an Internet Protocol network can save money by reducing per-call fees and taxes. But security considerations can eat into your savingsor swallow them wholeif the bad guys bring down your voice network. Here are a few potential problem areas with a telephone system based on Internet protocols, according to Gartner's Meta Group:
1. Calls may be intercepted. 2. Other network services may be open to attack because of vulnerabilities in the telephony implementation. 3. Internet-based phone equipment can be used to make unauthorized calls or commit fraud.
4. Voice service may be degraded or interrupted.
2. Other network services may be open to attack because of vulnerabilities in the telephony implementation.
3. Internet-based phone equipment can be used to make unauthorized calls or commit fraud.
4. Voice service may be degraded or interrupted.Attacks can corrupt the setup of a system; viruses and denial-of-service attacks can affect the functioning of servers in the data network as well as phone handsets.
Each piece of the telephony infrastructure requires different security considerations. Traffic from devices such as IP phones should be considered untrusted, Meta says; data generated by such devices should be monitored and controlled by a firewall.
Media-related servers, such as voice-mail message servers, should be accessible only by telephony devices. Tight controls must be in place for administrative access to telephony systems and equipment.
Finally, call-handling servers, which take care of call routing and maintain the database of employee extensions, should be protected from denial-of-service attacks by placing them on "virtual" local area network segments; that makes them, practically speaking, invisible to the outside world.