VoIP Security

Forward-thinking service providers are seeking to capitalize on the advantages of voice over IP (VoIP) services, but the real world is not a friendly place for VoIP networks. All components of a VoIP infrastructure are targets, even from internal threats. Attempted attacks are inevitable, so protections are imperative. Yet delay-sensitive voice traffic cannot be compromised by processing-intensive security measures.

Special considerations for VoIP environments include, amongst others:

• VoIP spam
• Eavesdropping
• Message manipulation
• Service disruption
• User impersonation
• Unauthorized access

Fortunately, there are pragmatic and proven answers to all these challenges. Security mechanisms can be implemented into service provider VoIP networks at multiple levels—protecting against these cyber-threats without adding undue latency to delay-sensitive voice traffic or complexity to user login procedures, network architecture, or network administration.

Intertek EWA-Canada has been conducting Vulnerability Assessment (VA) activities at client sites for many years. Increasingly these environments include converged data and telephony equipment. In addition, Telecom vendors are looking at securing their VoIP implementations. Intertek EWA-Canada’s position as a high-quality provider of assessment services, coupled with our VoIP Security Assessment methodology, provides for a consistent manner in which to identify vulnerabilities in VoIP implementations while being cost effective.