|
½ÃÀ庸°í¼
VoIP security
| ¸®¼Ä¡»ç |
Ovum, Ltd. |
| ¹ßÇàÀÏ |
2006³â 08¿ù |
»óÇ°ÄÚµå |
44516 |
| ÆäÀÌÁö Á¤º¸ |
23 PAGES |
| °¡°Ý |
|
|
Abstract
Voice over IP (VoIP) is gaining ground in both the corporate and consumer
domains. Its headline promise of free, or very cheap, long-distance phone
calls is resonating widely. However, what are the risks of relying on the
Internet for telephony services, and what risks does this further opening up
of data networks to the outside world pose to them? Numerous risks have been
mentioned, but it is hard to find documented successful attacks relating to
VoIP. There are similarities with the wireless telephony and instant messaging
arenas where theoretical threats did eventually become real as deployment
became widespread, while the configuration of VoIP services tends to diminish
the immediate threat.
This report puts the threats in the context of the use of VoIP, particularly
in the enterprise, and describes what could, should, and is being done to
mitigate them.
Table of Contents
Key messages
The importance of VoIP security
- VoIP in the business
- VoIP and the individual
- Security is an issue for VoIP service providers
- Real VoIP risks may be unknown but they are real
What is VoIP?
- VoIP protocols
- VoIP as part of a collaboration framework
- What is the composition of a VoIP network?
- Service level
VoIP security issues
- General threat scenario
- The risk to voice communications
- The risk to corporate data systems
- Regulatory concerns
- Government interception requirements
- Protecting the PSTN infrastructure
- Spam, phishing and misrepresentation
How to address VoIP security
- Defending corporate gateways
- Defending VoIP servers
- Defending VoIP user devices
- Defending VoIP signalling protocols
- Defending messages
- Caller authentication
- Software examination
- Wireless connections
- Voice spam
- Industry collaboration
|
