We are searching data for your request:
Upon completion, a link will appear to access the found materials.
IP telephony, or VoIP, is a communication system that is provided by the transmission of a voice signal over IP networks, in particular, over the Internet. The signal is transmitted in digital form, while it is usually compressed in order to reduce traffic and remove redundancy. VoIP was first implemented in 1993. IP telephony attracts with its ease of implementation and its rich functionality. However, many companies are in no hurry to switch to VoIP, paying tribute to prejudices and myths, the main of which we will consider.
IP telephony is subject to wiretapping. To maintain confidentiality of conversations, the most advanced solutions in IP telephony use several mechanisms and technologies at once. Firstly, voice traffic is directed to a specially dedicated network segment, and access to the voice stream is delimited on routers and firewalls using strict access rules. Second, by building virtual private networks (VPNs), you can protect traffic from illegal eavesdropping. The used IPSec protocol allows you to protect the telephone conversation from eavesdropping, even if the communication is carried out over an open network, for example, the Internet. Some companies are implementing SecureRTP (SRTP) on their IP phones to enhance security, which is specifically designed for this purpose, discouraging attackers from intercepting voice traffic.
IP telephony can be infected with Trojans and viruses. As a matter of fact, the infrastructure supporting communications may be damaged. Typically, a telephony system is protected by a whole set of tools that build a layered defense against malicious attacks. The first line, together with antiviruses, are firewalls, which delimit access to the IP telephony infrastructure from the outside. The next line is considered to be intrusion detection systems and the same antiviruses, but at the end nodes of IP telephony. In the end, another line of defense was built on the initiative of Network Admission Control. According to the rules, all stations and servers that do not comply with the general security policy (for example, lack of critical system updates or irrelevant anti-virus software) can be denied access to the corporate network, which means they cannot harm the infrastructure in case of infection. For such nodes, a special network segment is allocated - quarantine, in which they can receive the updates necessary for full functioning.
Substitution of telephones and control servers is also possible in IP telephony. The best means of protection against devices that try to "pretend" to be authorized IP phones illegally connected to the corporate network are not only routers and firewalls with prescribed access rules, but also means of strong authentication of each subscriber of the IP telephony network. This also applies to the telephone connection management server itself. For authorization, standard protocols are used, just designed for this - 802.1x, PKI X.509 certificates, RADIUS, etc.
If an attacker gains administrator rights, he can disrupt the operation of all IP telephony infrastructures. Serious servers running IP telephony provide for granting system administrators a limited set of rights that they need to perform their immediate tasks. For example, an administrator can have read access to settings, but have rights to change them, full access to them. Do not forget that all the administrator's actions are recorded in the registration log and can be analyzed at the right time in search of forbidden activities. The structure of a network that uses IP telephony is usually quite extensive, therefore, usually interaction with the management server for managing configuration files is carried out via a communication channel protected from unauthorized access, which prevents an attacker from intercepting and reading control commands. For this, special protocols are used to ensure security - SSL, TLS, IPSec and others.
IP telephony is prone to frequent outages. It is usually believed that frequent attacks by cybercriminals also lead to frequent failures in the telephony network, but this is not the case. Network security companies offer a range of measures to help combat both attacks and their consequences. You can use the protection tools already built into the network equipment, or you can use additional solutions:
- division of the corporate network into data transmission segments that do not overlap with each other, which can prevent DoS attacks and others from appearing in the segment with "voice" data;
- setting up rules for accessing the network and its segments on routers, as well as firewalls along the network perimeter;
- installation of systems to prevent attacks on nodes;
- installation of highly specialized software that protects against DDoS and DoS attacks.
- a special setting of network equipment, which does not allow spoofing of the address during DoS attacks, limits the traffic bandwidth, which does not allow generating a large data stream that disables equipment.
Unauthorized access can be made directly to IP phones. The IP telephony devices themselves are not as simple as they seem. To prevent illegal access to them, they contain a number of special settings. For example, access to the functions of the device can be obtained only by presenting the ID and password, you can set a prohibition on changing the settings of the device itself, etc. To prevent unauthorized uploading of modified program code and configuration files onto the phone, the integrity of such data is controlled by X.509 certificates and an electronic digital signature.
With a large number of calls, the IP telephony infrastructure management server can be disabled. The number of calls that the management server can receive ranges from 100,000 per hour to 250,000 when using the cluster structure of these servers. But nothing prevents the administrator from applying settings that limit the number of incoming calls to a fixed value. In case of failure of one of the control servers, it is possible to configure call forwarding to the backup option.
The IP telephony network is prone to fraud. Telephony fraud is common, but the server that manages the IP telephony infrastructure has a number of capabilities in the fight against service theft, payment denials, call falsification, and more. For example, any subscriber can:
- filter calls by specific parameters;
- block the ability to forward your call to certain groups of numbers, for example, to long-distance, international, etc.;
- block generally incoming or outgoing calls to certain numbers.
And the possibility of taking these measures does not depend on which device the subscriber is calling from. Protection is enabled when the subscriber is authenticated on any IP telephony device. If the user does not confirm his authenticity, then the list of numbers to which he can call is usually limited, for example, the support phone or the numbers of the police, ambulance.
IP telephony is less secure than conventional telephony. But this statement is the most common in the world of telephony. Conventional communication lines, developed many decades ago, do not provide the level of security that IP telephony offers with its new, more advanced technology. In ordinary telephony, there are frequent cases of a subscriber connecting to someone else's telephone line, listening to other people's conversations. An attacker can easily make a substitution of a number, "flood" with calls and perform a number of actions that are, in principle, impossible in IP telephony. If expensive equipment is used to protect traditional communication lines, then in IP telephony they are already included in the components of the technology itself. For example, conventional telephony uses scramblers to protect against eavesdropping. But centralized management of these devices is impossible, and purchasing and installing each scrambler in front of each telephone set is not cheap. Recently, much attention has been paid to the security of information technologies in general and IP-telephony in particular. Many people fear new risks of confidentiality with the introduction of new systems. It is no coincidence that in the issue of building new systems in IT, much attention is paid to their security. Much has been written about this, for example, NetworkWorld magazine together with the independent laboratory Miercom conducted comprehensive security testing of a number of the most popular solutions in the field of IP telephony. The results confirmed the sufficient security of the infrastructure with proper configuration and advantages over traditional communication means. The cost of protection is much less than that of its older sister, while network management is much more convenient. For big business, the transition to IP-telephony is only a matter of time, and the one who is the first to occupy this niche will undoubtedly become the leader in its segment.