Securing VoIP
The adoption of VoIP simplifies the delivery of this critical service. But its roots in IP makes voice services susceptible to all the same vulnerabilities of data communications.
The key issues with VoIP are:
- the call manager must be protected
- only SIP or H.323 protocols should reach it
- only VoIP phones should have access to it
- call quality must be preserved
- IT needs to block worms and against phone reboot attacks
- PCs supporting softphones present a special challenge
- which VLAN should the PC be in?
- VLAN separation does not work
The deep packet inspection at the heart of the LANShield platforms provides excellent application-level policy enforcement for total network access control. The LANShield platforms are designed to classify applications and compare traffic to policy to support only the allowed flows. With the LANShield platforms, IT can:
- automatically recognize VoIP phones
- restrict access to the call manager based on device and/or protocol
- detect anomalous behavior symptomatic of worms or DoS attacks
- block only the infected application or all traffic from the infected user
- segment voice and data traffic to provide better quality of service for voice flows
With ConSentry, IT can rest easy knowing their voice service is well protected. From the call manager to call quality, ConSentry protects it all.
ConSentry – Intelligent Switching
|
»
