Most IT professionals are familiar with, and practice the idea of "layered security approaches." This idea literally states that multiple layers of protection are required to effectively secure any system, network, or service. Especially with the advent of converged networks, IP telephony, and unified communications, this now applies directly to the telecom field as well.
As you may have recently read, I've discussed VoIP and telecommunications security many times on the blog before. With the new Securing the Line feature, I plan to delve into each "layer" of potential security vulnerability and recommend strategies, architectures, and even solutions that will make any converged network more secure.
It's incredibly important to note that no solution is a good solution unless it has been compared and contrasted with others. For this, before considering any vulnerability or "weak spot" in any system, it is important to analyze the environment as one system. This system is made up of many components that traverse many networks and individual systems, which may extend across the world. One vulnerability or weakness in one component, and the entire network or system can be affected. With a layered approach, there are multiple "checks and balances" to handle such large-scale vulnerabilities.
So, before we dive into the world of Voice VLANs, common TCP-style attacks against converged networks, NAT, DMZs, VPN architecture, etc, remember to analyze your infrastructure as a group of many devices that make it work. In the next post, we'll begin to discuss proactive convergence security through the use of segmentation and Voice VLANs.
Happy Friday everyone! Be sure to check in with Considering Convergence this afternoon for some discussion on Cisco's SMB IP Communications Portfolio.
Coming Up on "Considering Convergence":
- Afternoon Newsbreak : Cisco's SMB IP-PBX Push
- "Securing the Line" : Voice Network Segmentation
The Leader in Network Knowledge
