How Secure is Your VoIP Network

By Jelani Harper
Updated: September 15, 2011

How Secure is Your VoIP Network

Security has long been a topic of concern for VoIP users, particularly those who employ VoIP service over networks with valuable customer and proprietary company information. Common threats to security for such networks involve both authentication-related and privacy issues, many of which are similar to those for any sort of data transmission system and which have, for the most part, similar solutions. Denial of service attacks or network security leaks are most susceptible in areas in which specific ports in an organization’s firewall must open to permit transmission of voice data packets, in which there are IP PBXs, and in which gateway technologies are employed.

Open Ports

Due to the fact that a network’s firewalls must be opened at certain ports to allow transmission of VoIP data, prudent security measures to compensate for this occurrence include the encryption of the entire computer network, which will enable VoIP transmissions to be encrypted as well. The encryption of internal VoIP traffic should significantly reduce insider attacks, while it is useful to separate and isolate voice traffic onto a virtual LAN and run the encrypted VoIP traffic over a virtual private network for external communication. Other effective means of compensating for open ports is to turn off VoIP protocols that aren’t currently being used by the network to seal those points of entry.

IP PBXs

IP PBXs, which are largely server-based and are used for logging call information as well as for facilitating VoIP service through an internal or a proprietary operating system, are frequently vulnerable to a number of infiltrations and viruses. Hacking into these areas can result in substantial compromising of valuable information, which is why it’s best to keep such equipment frequently monitored with intrusion detection systems and securely placed behind firewalls. Other security measures for IP PBXs include patching them against vulnerabilities and separating their domain from that of other servers to deny internet accessibility to them. It may even be useful to grant limited administrative access to their servers.

Gateway Technologies

These technologies also provide a means through which hackers may infiltrate a VoIP system and make free phone calls. The external use of VoIP requires gateway technologies to convert data packets from the IP network into voice information which is then sent over a public switched phone network, which allows infiltrators to the ability to modify, store, identify, and play back the traffic transmitted through the network. The key to compensating for this particular vulnerability is to restrict access control lists and configure the gateway so that only approved users have the ability to utilize voice calls.
 

Featured Research
  • Phone Systems Comparison Guide: VoIP for Small to Midsize Businesses

    It was a painstaking process, but to help B2B companies start 2017 off on the right foot, we recently compiled a comparative list of the top 43 small to midsize business phone vendors. more

  • 16 Mistakes to Avoid When Buying a Phone System

    Purchasing a phone system for your business is a major investment. With the average business changing phone systems only once every seven years, it’s important to make the right decision. more

  • [Infographic] Top 11 VoIP Vendors

    A good VoIP provider will offer additional benefits as well, but many first-time buyers find assessing each option to be difficult. Nevertheless, this is an important step in the buying process because a substandard provider can easily waste both your time and money. more

  • The New 2017 Phone Systems Comparison Guide

    It was a painstaking process, but to help B2B companies start 2017 off on the right foot, we recently compiled a comparative list of the top 34 business phone vendors in the world. In one, easy-to-reference location, we’ve neatly outlined the information you need. more

  • 8 Common Pain Points UC Eliminates

    Many businesses rely on a collection of communication tools that they adopt to address specific needs as they arise. This strategy may seem to work in the beginning, but eventually will lead to a system that is cumbersome to use, difficult to explain to new hires, expensive, and effective in some areas, but full of gaps. more