For enterprises deploying IP Telephony (IPT), attempting to adequately address both the range of performance criteria and security threats (related to voice traffic over remote and WAN connections) can be difficult and costly without direction. Fortunately, VoIP-ready security technologies and practices are now well-established. Implementing these measures is relatively straightforward and an important component of end-to-end IPT security.

Securing the Enterprise Network Perimeter

Worrisome to many IPT implementers is the fact that by moving voice traffic onto the enterprise IP network, the enterprise is essentially opening critical voice services to a wide range of IP network-based vulnerabilities. While true in theory, in practice basic enterprise network security practices are highly effective in mitigating key external threats, including Denial of Service (DoS) and related packet flooding attacks.

Although VoIP-specific threats are numerous (VOIPSA maintains the comprehensive VoIP Security Threat Taxonomy Project), the bulk of these threats apply to operation...