- Nokia's new N97 vs. the iPhone
- Talk-powered cell phones?
- FBI: Copper thieves jeopardize U.S. infrastructure
- 10 Microsoft research projects
- Smartphone smackdown: Storm vs. iPhone
|
|---|
Unified communications opens up your VoIP network to new avenues of collaboration, including instant messaging, video, business applications and e-mail. And that opens up your network to new avenues of attack.
Read Network World's test of Avaya's UC platform.
While the biggest actual threats to VoIP networks remain attacks to the underlying IP network infrastructure, UC opens up new angles of attack by creating connections between VoIP networks and corporate data networks.
Typically, most corporate deployments these days try to segregate VoIP as much as possible, creating islands that protect the voice network by broadly restricting access for devices unnecessary to supporting calls, says Ted Ritter, an analyst with Nemertes Research.
Unified communications changes all that. "With UC, by definition you are opening up your infrastructure and focusing on collaboration, reaching outside the enterprise to trading partners and customers," Ritter says.
Eavesdropping, altering conversations, stealing phone access to commit toll fraud and flooding targeted extensions with calls - all of which were possible before - become easier, he says.
In reality, however, few of these theoretical VoIP-specific attacks have occurred in the wild, says David Endler chairman of Voice Over IP Security Alliance and senior director of security research at Tipping Point. Endler has co-authored a book about such attacks called "Hacking VoIP Exposed", but acknowledges that the basic step of protecting the IP network that underpins VoIP is still the best protection.
"People may tend to look at some of the sexier types of attacks out there to prevent them - things such as eavesdropping or impersonation or caller ID spoofing - the truth is the most prevalent threat right now is the very basic network-level type of attacks," Endler says.
Still, businesses deploying VoIP should be aware of security cracks that UC can open up, says Stuart McLeod, the course director for IT training firm Global Knowledge who teaches its VoIP security courses. "Security is always about having as many layers of obstacles as possible between the hacker and his goals. We lose a couple once you move to unified communications," he says.
Rss FeedRss Feed
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 The Leader in Network Knowledge© 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
The Foundry Enterprise Advantage
Foundry Networks, Inc. (NASDAQ: FDRY) is a leading provider of high-performance enterprise and service provider switching, routing, security and Web traffic management solutions. Foundry's customers include the world's premier ISPs, metro service providers, and enterprises.
For further information on Foundry Networks please click here.
Leveraging the Advantages
of a Multi-vendor Network Strategy
Today's enterprise network provides more than simply a technology infrastructure. It's an enabler for the enterprise, supporting mission critical applications, creating operational efficiencies and increasing productivity gains. Foundry Networks provides the ideal foundation for a multi-vendor network.
Click here to view whitepaper!
Comments (2)
UC deployment bookBy Mark Stevens on September 8, 2008, 1:36 pmI'm reading this post and I can't help but also note that I have a Unified Communications Solutions book on my desk, just launched from Nortel Press. One section...
Reply | Read entire comment
Beware of UC security threatsBy Scott Nursten, Managing Director on September 8, 2008, 12:37 pmOrganisations are increasingly aware of the dangers associated with poor or outdated security procedures and users are finally becoming wary of online activity....
Reply | Read entire comment
View all comments