Search /
Docfinder:
Advanced search  |  Help  |  Site map
RESEARCH CENTERS
SITE RESOURCES
Click for Layer 8! No, really, click NOW!
Networking for Small Business
TODAY'S NEWS
Cisco warns UC users of limited support for Windows 7
VMware bolsters desktop virtualization product
VMware bolsters desktop virtualization product
Microsoft Exchange set; SharePoint, OCS to follow
Veterans agency looks beyond EMC for multi-million storage deal
Security pros seek hacking, forensics skills
Cisco doubles down on collaboration with 61 new products
Open source software ready for big business
Google AdMob buyout latest in long line of acquisitions
NYSE puts stock in 10G Ethernet
Cisco extends Tandberg deal deadline
Internet battlefield program marshals NATO forces
Review: SharePoint Server 2010 beta pulls it all together
Mobile users get faster WAN links
Apple as an obsessive-compulsive case study
Convergence /

VoIP, common sense and security

Related linksToday's breaking news
Send to a friendFeedback

By Steven Taylor
Network World, 07/15/02

I recently hosted a voice-over-IP seminar in New York. On the taxi ride from LaGuardia to midtown, my driver mentioned that he was a student taking network classes. When I told him I was going to be speaking on VoIP, he immediately asked, "But is it secure?"

My answer was no, but it's a helluva lot more secure than the cell phone you were just talking on.

I'll admit it: Security is a tough issue. It's a lot safer and more convenient not to do something than to move forward if there is a security issue that can come back to haunt you. Consequently, security has recently become one of the major reasons given for delaying the implementation of VoIP.

The ultimate decision point for all security issues should be how difficult it is to gain access to confidential information, not whether it is theoretically possible to intercept the information. All information can be compromised. Our job is to make sure that the effort required to gain access to the information is several orders of magnitude greater than the intrinsic value of the information. So what are the major security concerns about VoIP and how real are they?

No. 1 on the list is usually the fact that Ethernet is a shared-medium technology. Ethernet switching has negated this concern. Essentially all Ethernet connections are switched, which means that you have a dedicated path to your desktop.

What about sending information over the Internet? I have yet to hear of a documented case of information being pirated while in transit over the Internet. It's not worth the trouble. Further, most VoIP implementations today are over corporate intranets.

What about sniffing VoIP packets? Possible, but unlikely. One could quite reasonably argue that VoIP is more secure than traditional voice because the transmission protocol is significantly more difficult to decode than traditional digital voice.

Denial-of-service (DoS) attacks? A DoS attack could cripple your VoIP implementation. But keep two facts in mind. DoS attacks occur primarily on the Internet, and, again, corporate VoIP tends to be on an intranet. And you already should be taking appropriate measures to safeguard your servers from DoS attacks for data applications. These same measures work for VoIP.

Voice is intrinsically unsecure, whether it's VoIP or traditional voice. The greatest risk for voice security is somebody hearing your conversation over the cubicle wall. And tapping into traditional PBXs doesn't take rocket science.

Ultimately, your organization must decide whether VoIP is sufficiently secure for you to move ahead. But as you make that decision, be sure that it's a reasonable, fact-based assessment and not an attempt to hide from reality.

RELATED LINKS

Taylor is president of Distributed Networking Associates and editor/publisher of Webtorials.com. He can be reached at taylor@webtorials.com.


NWFusion offers more than 40 FREE technology-specific email newsletters in key network technology areas such as NSM, VPNs, Convergence, Security and more.
Click here to sign up!
New Event - WANs: Optimizing Your Network Now.
Hear from the experts about the innovations that are already starting to shake up the WAN world. Free Network World Technology Tour and Expo in Dallas, San Francisco, Washington DC, and New York.
Attend FREE
Your FREE Network World subscription will also include breaking news and information on wireless, storage, infrastructure, carriers and SPs, enterprise applications, videoconferencing, plus product reviews, technology insiders, management surveys and technology updates - GET IT NOW.
* HOME    * RESEARCH CENTERS     * NEWS     * EVENTS

Contact us | Terms of Service/Privacy | How to Advertise
Reprints and links | Partnerships | Subscribe to NW
About Network World, Inc.

Copyright, 1994-2006 Network World, Inc. All rights reserved.