A blog written by security staff at supplier VeriSign has outlined 25 ways to secure an enterprise network that runs voice over IP (VoIP).
VoIP security has been a key concern for IT professionals to date, along with VoIP quality.
The tips include restricting all VoIP data to one Virtual Local Area Network (VLAN); monitoring and tracking traffic patterns on your VoIP network; using multiple layers of encryption; and even avoiding remote management.
Other tips are: to lock down your VoIP servers; keep your network away from the internet; update patches regularly; minimise the use of softphones; isolate voice traffic; and use vendors who provide digital security certificates.
"Some of the ideas are specific to VoIP, and some are just good general computer security," said the VeriSign IIS Zone Staff on their blog. "Nothing wrong there: a VoIP server compromised through conventional methods is still a compromised VoIP server," they added.
"A VoIP network is susceptible to the usual attacks that plague all data networks: viruses, spam, phishing, hacking attempts, intrusions, mismanaged identities, Denial of Service (DoS) attacks, lost and stolen data, voice injections, data sniffing, hijacked calls, toll fraud, eavesdropping, and on and on and on, but VoIP security can help to mitigate these risks," said VeriSign
The full list of tips can be viewed at www.voiplowdown.com/2006/12/voip_security_c.html
Comment on this article: [email protected]