Print
Discuss
Send to friend
RSS feedsThe top threat for 2008 will be denial of service (DoS) and distributed DoS (DDoS) attacks on voice over IP (VoIP) networks, according to VoIP security vendor Sipera.
In a statement summarising recent research carried out by Sipera’s Viper Lab, Sipera chief technology officer Krishna Kurapati said that the openness and extensibility of session initiation protocol (SIP) make it an attractive choice for enterprises and service providers to realise the promise of unified communications. “Unfortunately, those very attributes make it attractive to the hacking community and increase the overall security risk,” he said.
Several days after that announcement, communications vendor Avaya announced its new call centre product incorporating updated IP telephony software. With this release, Avaya has moved away from proprietary systems and incorporated the SIP standard end-to-end.
One device currently capable of defending against DDoS and DoS attacks on IP telephony, and being increasingly touted as the answer to these threats especially for large IP telephony deployments such as IP-based call centres is the session border controller (SBC).
Communications vendor Covergence’s marketing vice president Rod Hodgman describes an SBC as, “A system providing a single point of policy-based integration, control, security and management for SIP applications. We normally deliver this as a hardened appliance, but increasingly we’ve had requests from customers wanting to use this on other platforms, particularly in enterprises.”
SBCs have been deployed at carriers and service providers for years, but in late January, Covergence launched what it said was the first SBC “wrapped up” as a virtual appliance.
The Covergence Virtual Appliance 50 (CVA-50) is a pre-configured, ready-to-run enterprise SBC integrated with an operating system inside a virtual machine.
Kevin Mitchell of SBC specialist Acme Packet said that SBCs were the main piece of hardware used for securing IP voice systems, especially for service providers. He added they are becoming more important for enterprises as they interconnect their VoIP systems to IP networks.
Asked whether the main driver for using an SBC was securing IP telephony systems, Covergence’s Hodgman said, “It’s an important factor, but it’s not the main driver today for these purchasing decisions that goes to the process of rationalising your infrastructure.”
Hodgman added that the key goal of deploying IP telephony systems was to get voice to run on corporate networks. “Today it does not do that. It may run from the handset to your PBX, but then it jumps off to a service provider to do any routing to any other PBX the enterprise may have,” he said. “Once you have VoIP integrated onto your IP network then you are ready to move to unified communications it is just another data type that can be integrated into other applications.”
See also:
Avaya announces its range of new contact centre tools 21 Jan 2008
The only reason to use a PBX is as a backup system, argues Interoute’s Gareth Williams 04 Dec 2007
Social sites likely to be big targets for cyber criminals 16 Nov 2007All Voice & Data
del.icio.us
Digg this
reddit!
