Gartner and German government give VoIP warnings

Gartner is advising business users to steer clear of IP-based voice services based on proprietary protocols.

Gartner is advising business users to steer clear of IP-based voice services based on proprietary protocols.

 

The analyst group believes that unlike standard protocols, such as the Session Initiation Protocol (SIP),  which have well-known vulnerabilities, a proprietary protocol carries hidden vulnerabilities.

 

For example, just like other P2P technologies such as Kaaza—of which incidentally Skype’s CEO Niklas Zennström was a co-founder— Skype is “port agile". If a firewall port is blocked Skype will look around for other open ports it can use to establish a connection. The risk is that it could provide a backdoor entry into otherwise secure networks for Trojans, worms and viruses, as well as offering a channel for corporate data to be shared freely between users without any of the usual security considerations.

 

Meanwhile, Germany 's Federal Office for Security in Information Technology (BSI) has backed the concerns by warning businesses of the potential security risks with voice over IP (VoIP) technology, in a study presented at the Systems IT exhibition and conference in Munich .

 

In its VoIPSec report, the BSI warned that although no spectacular attacks in the business world have been reported yet, it is only a matter of time before problems emerge.

Get ready for that plague of VoIP security alerts – a security company near you is just waiting to publish its latest vulnerability report.

Read more on Voice networking and VoIP

SearchCIO
SearchSecurity
SearchNetworking
SearchDataCenter
SearchDataManagement
Close