The surfacing of a pair of flaws in Cisco's CallManager IP telephony servers last week raises the hot-button issue of how to secure enterprise VoIP networks from attacks. But one industry expert says the threat of an attacker or virus taking down a businesses IP PBX or VoIP network is more phantom than menace.
"There is a lot of hype about IP telephony security threats," says Lawrence Orans, principal analyst with Gartner, in a recent interview. For organizations that don't have network or security team members who are knowledgeable about voice/data convergence as well as security, "then IP telephony security can sound pretty scary," he adds.
Best practices for securing VoIP networks include disabling unnecessary services on devices running call control software, running VoIP gear along with firewalls and intrusion prevention systems, and keeping up with software and security patches and updates for VoIP hardware, software and server operating systems.
One Cisco VoIP flaw identified last week involved the potential for denial-of-service attacks to be launched against a CallManager server. In addition to upgrading CallManagers with software fixes, the vendor says that taking steps to more tightly control what kinds of traffic can access a CallManager server is another good precaution.
"By using access lists and rate limiting to control access to the Cisco CallManager, the risk of successful attack is greatly reduced," Cisco said in its bulletin last week.
While holes can and will pop up in VoIP gear from all makers of IP telephony gear, from Cisco, to Avaya, 3Com and Nortel, "the bottom line is that IP telephony attacks are rare," Gartner's Orans says.
Converging voice and data allows for cost savings on administration and network maintenance, and provides potential productivity benefits of voice-enabled applications and unified messaging. "Enterprises that diligently use security best practices to protect their IP telephony servers should not let these threats derail their plans."
Read up on the latest ideas and technologies from companies that sell hardware, software and services. Security Inside Out
Refresh your AUP: Top tips to ensure your acceptable use policy is fit for purpose
Mimosa™ NearPoint™ for Microsoft® Exchange Server: Email Archiving 101
Email Archiving Implementation: Five Costly Mistakes to Avoid
Wireless LANs: Is my enterprise at risk?
Discover the advantages of an open architecture multi-vendor network solution
Business Intelligence and Enterprise Performance Management: Trends for Emerging Businesses
Delivering the Power of Choice with Microsoft Dynamics CRM
Zones provide focussed content from Computerworld and leading technology partners.
Discover how SOA can create smarter outcomes for your business.
Attend and learn:
- How SOA is helping leading companies to become more agile
- Where you should be applying SOA processes in your company
- The top SOA implementation mistakes to avoid
Click here for more information.
- +
Computerworld Live Podcast #97: The Future of Enterprise Networking 25/07/2008 09:45:36
This week CW Live chats with Mark Thompson, global sales and marketing manager for HP ProCurve, on the future of the enterprise networking. Mark discusses the trends we can expect to see in the near future and how the right infrastructure can ensure your enterprise network is secure. - +
Computerworld Live Podcast #96: Security at the Edge 11/06/2008 09:22:22
CW Live speaks with Amol Mitra, HP ProCurve Director of Marketing for Asia Pacific and Japan. Today's topic: how enterprises are starting to shift away from simply controlling security via server logins, firewalls and moving to more adaptive security frameworks. - +
Data Management Edition #10: Multi-Petascale Systems 02/05/2008 09:12:33
This week we look at sustainability and the development of multicore technologies to build multi-petascale systems. - +
IT Security Edition #11: How to poison the Storm botnet 01/05/2008 08:51:55
This week CW Live presents a case study on how to poison the notorious Storm botnet . Plus we take a look at Cisco's plans for Ironport. - +
IT Security Edition #10: Cyber-battles fought and won 24/04/2008 11:09:47
Vendors bow to end user pressure to improve product security, and we take a look at the latest concepts shaping the cyber-battlefield of the future.
Mitel Launches Simpler Unified Communications 2008-11-19 17:40:00+11
Symantec Security Products Shine in In-Depth Protection Reviews 2008-11-19 13:01:00+11
Digital Sense opens first stage of the world’s largest data centre complex in Brisbane 2008-11-19 13:00:00+11
RightNow Technologies Delivers RightNow November ’08 Plus New On Demand Enterprise Contact Centre Package 2008-11-19 12:00:00+11
Valorem uniquely deploys RSA SecurID for remote workforce management 2008-11-19 10:16:00+11
Mimosa™ NearPoint™ for Microsoft® Exchange Server: Email Archiving 101
Email archiving is emerging as a critical new application for managing email. Learn how to reduce and manage online and offline email storage, add powerful tools for legal discovery and compliance and extend native exchange recovery capability by reading on.
Buying Guides
Latest Products
Buying Guides
