According to this year’s respondents in Steve’s annual “VoIP State of the Market” survey, security is now the No. 1 concern about VoIP deployments. This week, we’d like to take a look at some network security basics and share our observations about VoIP security.
According to this year’s respondents in Steve’s annual “VoIP State of the Market” survey, security is now the No. 1 concern about VoIP deployments. This week, we’d like to take a look at some network security basics and share our observations about VoIP security.
First, recall that security exists on many layers, and network security considerations begin with (but are not limited to) a range of considerations, including:
* How company office facilities are selected and maintained.
* How potential employees are screened.
* The remote access policy to a company’s systems and information.
* What kind of encryption and firewalls are provided in the corporate network.
Best-practice security isn’t just good business - in some cases, it’s also the law.
Another consideration in security has to do with the nature of VPNs. Each VPN should address layer-specific security precautions. Layer 1, the private line, relies principally on physical security, since copper loops are separated by physical barriers, and the core TDM network doesn’t allow “sharing” of unreserved time slots between users. Layer 2 VPNs, like those based on frame relay and ATM services, enjoy certain built-in protection. Even though Layer 2 VPNs use statistical multiplexing, their connection-oriented switching protocols don’t permit easy diversion of user data to the wrong recipient.
As a connectionless protocol, IP is the least secure protocol, compared to TDM, frame relay, or ATM. Therefore, IP VPNs can be more susceptible to security breaches than a Layer 1 or Layer 2 VPN. The most susceptible VPN can be an IP VPN that uses the Internet as a WAN, since there’s nothing inherently private about the Internet or its core infrastructure.
Remote access to any VPN, including dial access or remote connectivity using the Internet, also adds security holes to the network.
Next time, we’ll look at some techniques used to secure IP VPNs.