Security Considerations for Voice Over IP Systems

966 KB | 3 files
PDFDOC

Just because voice data travels in packets doesn't mean that your current IT network can handle the QoS needed to support latency-sensitive applications. This research note covers the myriad networking issues associated with VoIP.


Partner logo

NIST is a non-regulatory federal agency within the U.S. Department of Commerce. NIST's mission is to promote U.S. innovation and industrial competitiveness by advancing measurement science, standards and technology in ways that enhance economic security and improve our quality of life.

All IT Downloads from National Institute of Standards and Technology » | Visit National Institute of Standards and Technology »

From National Institute of Standards and Technology | Aug 10, 2009

Voice over IP — the transmission of voice over packet-switched IP networks — is one of the most important emerging trends in telecommunications. As with many new technologies, VOIP introduces both security risks and opportunities. VOIP has a very different architecture than traditional circuit-based telephony, and these differences result in significant security issues. Lower cost and greater flexibility are among the promises of VOIP for the enterprise, but VOIP should not be installed without careful consideration of the security problems introduced. Administrators may mistakenly assume that since digitized voice travels in packets, they can simply plug VOIP components into their already-secured networks and remain secure. However, the process is not that simple. This publication explains the challenges of VOIP security for agency and commercial users of VOIP, and outlines steps needed to help secure an organization's VOIP network. VOIP security considerations for the public switched telephone network (PSTN) are largely outside the scope of this document.

VOIP systems take a wide variety of forms, including traditional telephone handsets, conferencing units, and mobile units. In addition to end-user equipment, VOIP systems include a variety of other components, including call processors/call managers, gateways, routers, firewalls, and protocols. Most of these components have counterparts used in data networks, but the performance demands of VOIP mean that ordinary network software and hardware must be supplemented with special VOIP components. Not only does VOIP require higher performance than most data systems, critical services, such as Emergency 911 must be accommodated. One of the main sources of confusion for those new to VOIP is the (natural) assumption that because digitized voice travels in packets just like other data, existing network architectures and tools can be used without change. However, VOIP adds a number of complications to existing network technology, and these problems are magnified by security considerations.

The attached Zip file includes:

  • Intro Page.doc
  • Cover Sheet and Terms.pdf
  • Security Considerations for Voice Over IP Systems.pdf
IT Downloads help you save time and money while executing essential IT management tasks. Download this useful resource now and put it to work for your business.

White Papers, Events, and Resources

8 Reasons You Need Hosted VoIP

Download this guide for eight reasons your business needs to make the switch to hosted VoIP to save on telecommunications costs, increase collaboration and focus on growing your business.

Voice Transformation

Visit this resource center to learn more about converging your complex communications platforms, integrating your applications, and preparing for the future of unified communications.