A corporate whitepaper by Bogdan Materna Chief Technical Officer and VP Engineering
Introduction
The emergence of Voice-Over-IP (VoIP) technology is creating a major discontinuity
in telecommunications. The promise of reduced hardware and operations costs coupled
with new value-added services makes VoIP, as well as Internet Protocol (IP) TV,
videoconferencing, IP Multimedia Subsystem (IMS) and presence services, a compelling
solution for enterprises and service providers. Current voice services which are
delivered using Public Switched Telephone
Networks (PSTN) provide high voice quality,
very high reliability (99.999 per cent), carry critical services such as E911, enable
federal agencies with ability for lawful intercept, all while offering an extremely
high level of security. For VoIP networks
to become a reality, both enterprises and service providers must be able to ensure
that voice networks are able to deliver
the identical quality, reliability,
flexibility and security to that of PSTN.
With enterprises, carriers and cable companies publicly committing to VoIP deployments,
security has quickly emerged as one of the biggest barriers to the successful deployment
of VoIP. To securely implement VoIP networks
a proactive approach and an understanding of the differences between VoIP and traditional
data networks is required. This document
examines these differences, new types of attacks, and provides a comprehensive security
architecture for VoIP networks in
the context of practical VoIP security problems.