VoIP – Security Considerations An Examination Ricardo Estevez CS 522 / Computer Communication Fall 2003

Security Considerations Prevent outside (inside) attackers 3 security measures that MUST be implemented H.323 Registration, Admission, Status (RAS) Authentication Network Access Security Device Security Other measures include physical site security, security management, audit trails, logs

H.323 Registration, Admission, Status (RAS) Authentication H.235 Security defines the protocol of exchanging digital certificates between gateway and gatekeeper Cisco uses Challenge Handshake Authentication Protocol (CHAP)-like security procedure

H.323 Registration, Admission, Status (RAS) Authentication

Network Access Security Protect VoIP network from malicious IP or PSTN interfaces Some security mechanisms Virtual local-area networks (VLANs) can separate voice traffic, voice signaling, and data traffic RADIUS Server grants authentication to trusted devices

Device Security Protect the physical devices from improper configurations Use passwords Set permissions

References Durkin, James F. Voice-Enabling the Data Network. Cisco Press: Indianapolis, IN, 2003 ISBN: