317 KB | 3 files | PDF, DOC
In this book chapter, you'll learn about the benefits and disadvantages of using VoIP, its vulnerabilities and components. This chapter also dispels some myths about the cost-saving IP telephony solution.
VoIP security issues are becoming increasingly serious because voice networks and services cannot be protected from recent intelligent attacks and fraud by traditional systems such as firewalls and NAT alone.
After analyzing threats and recent patterns of attacks and fraud, consideration needs to be given to the redesign of secure VoIP architectures with advanced protocols and intelligent products, such as Session Border Controller (SBC). Another type of security issue is how to implement lawful interception within complicated service architectures according to government requirements.
The book "Voice over IP Security," by Patrick Park, focuses on the analysis of current and future threats, the evaluation of security products, the methodologies of protection, and best practices for architecture design and service deployment. This book not only covers technology concepts and issues, but also provides detailed design solutions featuring current products and protocols so that you can deploy a secure VoIP service in the real world with confidence. This excerpt is the book's entire first chapter entitled, "Working with VoIP." In this chapter, you learn about the benefits and disadvantages of using VoIP, its vulnerabilities and components, and this chapter also dispels some myths. The content in this chapter refers to recommendations from the National Institute of Standards and Technology.
The attached ZIP file includes:
This document makes recommendations for how users and developers should select checklists from the NIST National Checklist Repository, evaluate and test checklists, and apply them to IT products. ... More >>
This publication is intended to assist organizations in understanding the basics of application whitelisting. It also explains planning and implementation for whitelisting technologies throughout the security deployment lifecycle. ... More >>
This publication assists organizations in understanding the basics of SSH interactive and automated access management in an enterprise, focusing on the management of SSH user keys. ... More >>