Converged networks create security problems unheard of in the traditional, voice-only telecom world.
Traditionally, calls are sent and received over closed, circuit-switched networks. Security and performance concerns are minimal in that world. Calls rarely get dropped. Eavesdropping on a call only happens if someone has physical access to the dedicated circuit set up between the two endpoints.
But the introduction of Voice over Internet Protocol (VoIP) into a network can have dramatic consequences. Instantly, the once simple and secure voice call is broken up into thousands of far-from-secure IP packets that are sent over public and private networks and re-assembled at the other end. Along the way, the call (and, by extension, the whole network) can be hacked at various points inside and outside the company network.
Common threats and vulnerabilities
In a converged network the threats against data remain unchanged, yet their reach is wider. For example, a denial-of-service (DOS) attack against a router can also damage phone communications.
As many VoIP protocols are open source -- notably, the Session Initiation Protocol and H.323, the two most widely used –- it's easy for hackers to get copies of them and launch attacks. While open source applications and protocols are (arguably) more secure than proprietary ones, they are not invincible.
Operating system (OS) threats come into play because a lot of call-processing software runs on Windows or on o
To continue reading for free, register below or login
To read more you must become a member of SearchCIO-Midmarket.com
pen source operating systems. Hackers attack Microsoft products every hour of the day and are increasingly turning their attention to the open source world. Viruses, worms, Trojan horses and spyware, originally intended to steal and corrupt IP data, can ruin the quality of voice and video communications, too.
One of the weakest points in a converged network is the remote access connection from a home-office or road warrior's computer. The connection can become the pinprick-sized hole in the firewall that allows hackers to unleash viruses, spyware and other destructive attacks. The security consequences include data theft, privacy violations and breaches in regulatory compliance.
Protecting your converged network
Faced with the above threats and vulnerabilities, the best course of action is to develop a strong security policy that includes multiple layers of protection and covers key issues. This policy should protect the perimeter layer, the network layer, the host layer and the application/data layer. Multiple layers of protection are the best safeguard against the ingenuity and determination of hackers, and against viruses and malware.
Key issues for each layer:
If you follow these steps, your small or medium-sized business can enjoy all the benefits of a converged network without putting your network and entire business at risk.
Herman Mehling is a freelance writer based in San Anselmo, Calif. He can be reached at hermanmehling@sbcglobal.net.
