Challenges: Converging voice and video onto IP networks can cause a pileup at the corporate gateway. NAT/firewalls and other gateway security devices are designed for data security. These data-centric solutions end up blocking IP-based voice and video calls at the boundary between trusted and non-trusted IP networks.
Not only that, existing data security deployments have usually been in place for some time and changing the associated policies and equipment to protect voice and video traffic would result in invasive changes to communications and business processes that are otherwise fully operational. Modifications to existing data security policies also leave the organization vulnerable to security breaches without substantial regression testing to ensure all critical network assets remain secure. Finally, enterprises typically want to preserve their investments in data security infrastructure and do not want to fund a "rip and replace" type of network upgrade.
Solution: A VoIP or unified communications (UC) security solution can and must coexist with existing data networking and security equipment. This means introducing application-aware firewall protection for the voice and video traffic using a network design that works in conjunction with existing security devices. A VoIP/UC security gateway must also offer broad interoperability with PBX systems, video content distribution networks and external carrier networks, which requires support for a wide range of protocols and interface standards.
Securing voice traffic and voice channels
Challenges: Threats that are unique to communications traffic -- eavesdropping, for example -- are not addressed by data security solutions that block viruses, malware or hackers. However, just as hackers and cybercriminals send out bots and phishing attacks to gather digital data assets, a digital eavesdropping attack can target conversations or corporate video content as a method for stealing corporate secrets, private employee identification information, credit card numbers, Social Security numbers and a long list of other sensitive information.
