Home
 Hot Topics
 Alliances
 Events
 Resources
 Statistics
 News & Alerts
 Tools

Hot Topic

Voice over IP


Voice over Internet Protocol (VoIP) is rapidly gaining traction and facing the same security, compliance and privacy threats as other messaging protocols such as e-mail and instant messaging.

VoIP is the intersection of "Cyber" and "Telecom," inheriting the benefits, footprint and vulnerabilities of each. VoIP security must mitigate the quality of service versus quality of security to enable high-performance secure communications on a medium that promises to connect all points on the globe at light speed for voice conversations.

Just as traditional IP communications, every VoIP handset (e.g. phone or PDA) must be governed by a communications security policy, whether from a corporation, a government or service provider. VoIP is simply another application of IP.

Secure Computing Research, as the dominant market leader in gateway messaging security, is uniquely positioned to provide the security and policy governance for VoIP, with experience in multiple protocols, multiple data collection points, data correlation, and real-time policy enforcement. Check back often for updates on this area of secure messaging.

VoIP security headlines and resources:


Voice over IP Security Alliance - www.voipsa.org

VOIP may be vulnerable to barrage of threats
Date: 10.25.2005
Author: Leon Erlanger
Source: Computerworld
Is enterprise VoIP due for a security wakeup call or are the threats mostly exaggerated? It depends on who's talking.

Trojan Targets Skype Users
Date: 10.20.2005
Author: John Blau
Source: PC World
After making a big splash in the news through its $2.6 billion deal with EBay, Skype Technologies is getting more worrisome network chatter in the form of a malicious Trojan horse that is circulating as an e-mail attachment.

SIP traffic fuels need for security, performance tools
Date: 10.17.2005
Author: Stephanie Sanborn
Source: InfoWorld
Growing interest in SIP-enabled communications -- from VOIP to SIP-based collaboration apps such as Microsoft's LCS (Live Communications Server) 2005 -- has sparked the need to better secure SIP traffic.

Dial VoIP For Vulnerability
Date: 10.11.2005
Author: Susannah Patton
Source: CIO Magazine
CIOs ready to take the plunge with VoIP need to understand that data firewalls alone won't protect them. They need only look to the past to remember the state of the Internet 10 years ago, when security was usually an afterthought.

VoIP: Is It Safe?
Date: 10.04.2005
Author: Carl Weinschenk
Source: SmartBiz
Many people feel that VoIP will replace the century-old traditional phone network-but only if users are confident that it is safe.

Can only you hear me now?
Date: 10.03.2005
Author: Wayne Rash
Source: Federal Computer Week
The basic concepts of VOIP security are fairly simple, but the details aren't.

VoIP Security Takes Center Stage
Date: 09.30.2005
Author: Sean Michael Kerner
Source: Enterprise VoIP Planet
Among the myriad conference panels at last week's VON show in Boston were a number on the topic of VoIP security.

Encrypting Voice: An Interview with Phil Zimmermann
Date: 09.30.2005
Author: Sean Wolfe
Source: VoIP Magazine
With voice over IP security one of the hottest topics around, Zimmermann is now preparing to release zFone, a working title for his latest application, which is aimed at encrypting VoIP calls.

Who Is Listening to Your Internet Phone?
Date: 09.29.2005
Author: Mark Long
Source: Newsfactor Magazine
The Federal Communications Commission is about to introduce new regulations that will give law-enforcement agencies the ability to tap Internet-based voice calls to help thwart terrorism.

Signal vs. Noise: Is VoIP Security a Risky Proposition?
Date: 09.29.2005
Author: Mary E. Shacklett
Source: VoIP Magazine
A potentially serious exploit in a Cisco router demonstrated at July's Black Hat USA conference renewed IT concerns about the safety of running voice and data on converged corporate networks.

The Current State of VoIP Security
Date: 09.28.2005
Author: Mark Collier
Source: VoIP Magazine
You need not look far to find a slew of articles, white papers, and research reports describing the vulnerability of voice over IP systems.

Oh, SPIT! Security woes hit VoIP too
Date: 09.25.2005
Author: Timothy Roberts
Source: MSNBC
As the adoption of voice-over-Internet protocol (VoIP) rises, security experts are beginning to warn that hackers and other evil-doers will eventually turn their attentions to the telephone.

Net phones vulnerable to sabotage
Date: 09.24.2005
Author: Hiawatha Bray
Source: Boston Globe
It takes something really big -- like Hurricane Katrina -- to disrupt the nation's telephone system on a massive scale. But in a few years, it might only require something as simple as a computer virus.

Is VOIP the Next Target of Worms, Spam?
Date: 09.21.2005
Author: Melissa P. Vergara
Source: Computerworld
While many issues remain unsettled in the area of Voice over Internet Protocol (VOIP) technology, IT security experts believe that it can be the next major target for various attacks.

Hackers Target Net Call Systems
Date: 09.20.2005
Source: BBC News
Malicious hackers are turning their attention to the technology behind net phone calls, says a report.

VoIP Security Uncertain in EBay-Skype Deal
Date: 09.19.2005
Source: Information Week
Skype Technologies SA, the Internet telephony vendor that online auctioneer EBay Inc. plans to buy, is unlikely to offer a business-class system anytime soon, and enterprises should avoid deploying the company's technology, a research firm said Friday.

Wireless VoIP Security Fundamentals
Date: 09.16.2005
Author: Mark Collier
Source: VoIP Magazine
From a security point of view, security issues presented in wired VoIP are also present in wireless VoIP. The main difference is the need to secure the wireless link.

How secure is VoIP?
Date: 09.13.2005
Author: Jeffrey L. Vagle
Source: IT Manager's Journal
You'd be well within your rights to ask, "If VoIP isn't currently secure, how can it be offered to companies and individuals as a legitimate service? And if it is secure, why all the fuss?"

VoIP Sets Stage for Security Appliance Surge
Date: 09.08.2005
Author: Jennifer LeClaire
Source: TechNewsWorld
The report, "Trends and Spending Plans for Security Appliances: Are We Ready for VoIP?," covers the impact of VoIP in the security appliance market, and concluded that while VoIP can add many desirable new features to business telecom systems, vendors and

VoIP Security Debate Heats Up
Date: 09.01.2005
Author: Grant Gross
Source: CIO
Lawrence Orans, principal analyst at Gartner, and John Pescatore, vice president and Gartner fellow, say that while attacks on IP telephony and mobile devices may come eventually, vendors of security technologies and services have overblown the current da

Security in SIP-Based Networks
Date: 09.20.2005
Source: Cisco Systems
This paper explores various network security threat models faced by today's Session Initiation Protocol (SIP)-based voice networks, and describes network security solutions based on Cisco SIP-enabled products.

SIP, Security and Session Controllers
Date: 06.15.2005
Source: Newport Networks
Rolling out a public SIP service brings with it several security issues. Both users and Service Providers must understand these issues, but the burden is with the Service Provider to offer a secure and reliable service to the user.

Security Issues with SOHO VoIP Gateways
Date: 05.20.2005
Author: Peter Thermos and Guy Hadsall
Source: VopSecurity
This paper reflects the results of a research study that aimed at identifying security issues associated with residential VoIP gateways, including signaling and media routing, implementation, operation, and network management.

Evolution of Session Border Controllers
Date: 04.01.2005
Source: Juniper
his paper discusses VoIP networking issues in different customer environments and how three-way architecture efficiently addresses the range of VoIP topologies.

Security Considerations for Voice Over IP Systems
Date: 01.01.2005
Author: D. Richard Kuhn, Thomas J. Walsh, Steffen Fries
Source: NIST
Voice over IP - the transmission of voice over packet-switched IP networks - is one of the most important emerging trends in telecommunications. As with many new technologies, VOIP introduces both security risks and opportunities.

Building Residential VoIP Gateways: VoIP Security Implementation
Date: 11.10.2004
Author: Debbie Greenstreet and Sophia Scoggins
Source: AnalogZone
This article addresses the implementation of security in residential VoIP networks.

Voice Over Internet Protocol (VoIP) and Security
Date: 10.26.2004
Author: Greg S. Tucker
Source: SANS
Business concerns of implementing VoIP, components of a VoIP system, and relevant security issues and concerns as they apply to the topics, are explored.

Intrusion Prevention: The Future of VoIP Security
Date: 10.18.2004
Author: Rohit Dhamankar
Source: TippingPoint
VoIP packetizes phone calls through the same routes used by network and Internet traffic and is consequently prone to the same cyber threats that plague data networks today.

Enterprise Telecom Security Threats
Date: 10.01.2004
Author: Mark D. Collier
Source: SecureLogix
Legacy voice networks have never been properly secured, and the convergence of voice and data is dramatically increasing network complexity and security risks.

Security Considerations when Implementing IP Telephony in Enterprise Networks
Date: 05.26.2004
Source: ERICSSON
As we will see, already today there are technologies and products available that can be installed and used to secure the usage of IP Telephony as well as other related applications.

Secure IP Telephony For The Enterprise
Date: 04.18.2004
Source: CheckPoint
Security is an important consideration when implementing VoIP because each element in the VoIP infrastructure, accessible on the network like any computer, can be attacked or used as a launching point for deeper attacks.

Voice over IP Security
Date: 03.12.2004
Author: Matthew Tanase
Source: SecurityFocus
Careful planning and architecture, borrowed from our data security experiences, can help mitigate the risks and amplify the returns of VoIP.

Protection for VoIP Vulnerabilities
Date: 02.24.2004
Source: Ranch Networks
The mass deployment of this new technology also brings along with it many challenges - one area being the security of your network.

VOIP SECURITY TECHNICAL IMPLEMENTATION GUIDE
Date: 01.13.2004
Source: Defense Information Systems Agency
This VoIP Security Technical Implementation Guide (STIG) is published as a tool to assist in securing of Department of Defense (DOD) networks and systems supporting VoIP technology.

Next Generation Networks and Security: An Introduction
Date: 01.01.2004
Author: Peter Thermos and Guy Hadsall
Source: VopSecurity
Any complex system is prone to inherit oversights which may be exploited in order to realize an attack. As such, a NGN infrastructure maintains a high level of complexity, which also inherits a respective number of weaknesses.

Security Analysis: Traditional Telephony and IP Telephony
Date: 04.01.2003
Author: Alan Klein
Source: GIAC
The goal of this paper is to take a step back and analyze the security implications of migrating from a traditional telephony architecture to an IP telephony architecture.

Often Overlooked: PBX and Voice Security in a Networked World
Date: 01.24.2003
Author: Chris Herrera
Source: SANS
This paper provides a concise summary of voice security issues in an enterprise.

Security threats to IP telephony-based networks
Date: 12.15.2002
Author: Ofir Arkin
This article highlights the security risk factors associated with IP telephony-based networks, and compares them, when appropriate, with the public switched telephony network (PSTN) and other traditional telephony-based solutions.

Securing IP Telephony
Date: 12.15.2002
Author: Tony Rybczynski
Source: Internet Telephony
Enterprises are starting to roll out IP telephony solutions. With online security breaches doubling every year, enterprises need to address IP telephony system security.

VoIP Security Challenges In Enterprise And Service Provider Networks
Date: 11.01.2002
Author: Steve Bakke
Source: Internet Telephony
The promise of mass VoIP consumption also increases the risk for widespread security violations, spawning a new sense of urgency to plug potential security holes now before hackers wreak havoc on corporate voice networks.

How VoIP is changing the network security equation
Date: 10.14.2002
Author: Philip Bednarz
Source: EE Times
VoIP equipment manufacturers are under pressure to design phones that are cost competitive with ordinary handsets while duplicating their quality, functionality and security features.

Eavesdropping an IP Telephony Call
Date: 10.04.2002
Author: Tom Long
Source: SANS
This paper suggests that the art of call eavesdropping may be easier that ever before. Therefore, careful consideration is required before implementing an IP Telephony solution.

Security Concerns with VOIP
Date: 08.18.2001
Source: SANS
Until the present time, security issues in the data and voice worlds have been seen to be completely separate in the minds of most users. This paper will deal briefly with four security issues that are well known in the data world.
No Upcoming Events

© 2006 Secure Computing, Inc., All Rights Reserved.