VOIP Security

Publication Date	August 2006
Publisher	Ovum
Product Type	Report
Pages	23
ISBN Number	not applicable
Product Code	OVM00098

Price

£900.00
approximately: $1,768 | €1,144

PDF

PRINT £950 ($1,866 | €1,208)

Order above formats by FAX

Summary

Voice over IP (VoIP) is gaining ground in both the corporate and consumer domains. Its headline promise of free, or very cheap, long-distance phone calls is resonating widely. However, what are the risks of relying on the Internet for telephony services, and what risks does this further opening up of data networks to the outside world pose to them? Numerous risks have been mentioned, but it is hard to find documented successful attacks relating to VoIP. There are similarities with the wireless telephony and instant messaging arenas where theoretical threats did eventually become real as deployment became widespread, while the configuration of VoIP services tends to diminish the immediate threat. This report puts the threats in the context of the use of VoIP, particularly in the enterprise, and describes what could, should, and is being done to mitigate them.

Content

Key messages
The importance of VoIP security
- VoIP in the business
- VoIP and the individual
- Security is an issue for VoIP service providers
- Real VoIP risks may be unknown but they are real
What is VoIP?
- VoIP protocols
- VoIP as part of a collaboration framework
- What is the composition of a VoIP network?
- Service level
VoIP security issues
- General threat scenario
- The risk to voice communications
- The risk to corporate data systems
- Regulatory concerns
- Government interception requirements
- Protecting the PSTN infrastructure
- Spam, phishing and misrepresentation
How to address VoIP security
- Defending corporate gateways
- Defending VoIP servers
- Defending VoIP user devices
- Defending VoIP signalling protocols
- Defending messages
- Caller authentication
- Software examination
- Wireless connections
- Voice spam
- Industry collaboration