A Strategy for Enterprise VoIP Security

Dwayne Stevens; David T. Green

doi:10.4018/978-1-59904-855-0.ch041

Special Offers
- IGI Global’s New Emerging Topic e-Book Collections
  Acquire highly focused and affordable Cutting-Edge Peer-Reviewed Research Content through a selection of 17 topic-focused e-Book Collections discounted up to 90%, compared to list prices. Collection topics include Artificial Intelligence, Data Science, Language Learning, Marketing and Customer Relations, Sustainability, and many more. Hosted on the InfoSci^® platform, these collections feature no DRM, no additional cost for multi-user licensing, no embargo of content, full-text PDF & HTML format, and more.
  Learn More
- Open Access Book (Free Access) - Encyclopedia of Information Science and Technology, Sixth Edition (ISBN: 9781668473665)
  The Encyclopedia of Information Science and Technology, Sixth Edition) continues the legacy set forth by the first five editions by providing comprehensive coverage and up-to-date definitions of the most important issues, concepts, and trends pertaining to technological advancements and information management within a variety of settings and industries. The entire book is being published under open access.
  Read Now
- Open Access Book (Free Access) - Food Sustainability, Environmental Awareness, and Adaptation and Mitigation Strategies for Developing Countries (ISBN: 9781668456293)
  Food Sustainability, Environmental Awareness, and Adaptation and Mitigation Strategies for Developing Countries provides information on the recent technology, mitigation, and environmental protection that must be applied for food sustainability in developing countries. This book is being published under Platinum Open Access through funding from Diponegoro University, Indonesia.
  Read Now
- Open Access Book (Free Access) - New Models of Higher Education: Unbundled, Rebundled, Customized, and DIY (ISBN: 9781668438091)
  The Walmart Corporation and the Lumina Foundation have provided funding to make New Models of Higher Education: Unbundled, Rebundled, Customized, and DIY fully open access, completely removing any paywall between scholars in education and the latest research on new models for the future of higher education.
  Read Now
- Open Access Book (Free Access) - Handbook of Research on the Global View of Open Access and Scholarly Communications (ISBN: 9781799898054)
  Through a collaboration between IGI Global and the University of North Texas, the Handbook of Research on the Global View of Open Access and Scholarly Communications has been published as fully open access, completely removing any paywall between researchers of any field, and the latest research on the equitable and inclusive nature of Open Access and all of its complications.
  Read Now
Books
- - Books by Subject
  - Business, Administration, & Management
  - Scientific, Technical, & Medical (STM)
  - Education
  - Books by Field
Journals
- - Journals
  - OnDemand Journal Articles
  - Journals by Subject
  - Business, Administration, & Management
  - Scientific, Technical, & Medical (STM)
  - Education
  - Journals by Field
e-Collections
Open Access
- View All Open Access Opportunities
  Search across all of IGI Global’s available open access publishing opportunities to unleash your research potential.
  Find an Open Access Journal for Your Next Manuscript
  Search across all of IGI Global’s available open access publishing opportunities to unleash your research potential.
  Submit an Open Access Book Proposal
  Learn more about open access book publishing and how it can propel your research forward in the field.
  Convert Your Work to Open Access
  Already published? You can convert your work to open access to increase its impact through IGI Global’s Restrospective Open Access Program.
  Utilize Open Access Collection Database
  Open up your research potential by utilizing our open access content or integrating the open access collection into your library
  Consider Open Access Agreements
  For Libraries: consider no-cost or investment-level open access agreements with IGI Global to support your faculty's research endeavors.
  Search Funding Resources
  Looking for additional funding resources to support your open accesss endeavors? View industry resources compiled by our open access team.
  Review Open Access Policies & Ethical Guidelines
  Considering IGI Global to publish your work under open access? Review IGI Global’s open access policies and ethical guidelines
Publish with Us
Resources
- - Instructors
  - Course Adoption
  - Teaching Cases
  - K-12 Online Learning Collection
  - Authors and Editors
  - eEditorial Discovery^® System
  - Peer Review Process
  - Ethics and Malpractice
  - COPE Membership
  - Fair Use Policy
  - Open Access Publishing
  - FAQ
Catalogs
About Us
Newsroom

A Strategy for Enterprise VoIP Security

Dwayne Stevens, David T. Green

Source Title: Handbook of Research on Information Security and Assurance

DOI: 10.4018/978-1-59904-855-0.ch041

OnDemand:

(Individual Chapters)

Available

$37.50

Current Special Offers

No Current Special Offers

Abstract

Voice over Internet Protocol (VoIP) networks signal an evolution in telecommunications that is accelerating the convergence of the Internet and the public switched telephone network (PSTN). Offering decreased costs and other benefits, VoIP is poised to transform telecommunications and the organizations that use them. However, some consider VoIP a security nightmare, combining the worst vulnerabilities of IP networks and voice networks. DOS attacks, crash attacks, packet spoofing, buffer overflow attacks, spam over Internet telephony (SPIT), and word injection all pose threats to commercial enterprise networks and the mission critical operations that they support.

Chapter Preview

Top

Introduction

Traditional telecommunications carriers are now facing the very real prospect that the “large networks they’ve been meticulously building for more than 100 years will be, if not entirely useless, certainly unsustainable in the very near future.” Already reeling from the “fixed-to-mobile substitution” brought about by migration of landline traffic to the cellular platform, Local Exchange Carriers (LECs) are now facing competition with VoIP (Conti, 2004).

This chapter will seek to first provide an analysis of the benefits of VoIP, and then will discuss the three current prominent models of VoIP that are being utilized. The chapter will then briefly look at how educational institutions are using VoIP and examine the implementation and security concerns of VoIP. Finally, the chapter will then address Quality of Service concerns, and list strategies for security assurance and disaster recovery planning in relation to VoIP.

BENEFITS OF VoIP

VoIP is revolutionizing telecommunications in large part because IP telephony is based upon standards which are vendor agnostic, ensuring interoperability between products from different manufacturers in almost any combination (Ross, 2004). Many of the companies who have adopted VoIP have been very pleased with the results in this technology which “crosses the boundaries of public and private networks, enterprise and residential markets, voice and data technologies, as well as local and long-distance services.” By converging voice and data into a single, powerful network, an organization can “reduce costs, consolidate and simplify networks, as well as better serve its customers and constituents” (Young, 2005).

In a recent product spotlight in IEEE Review, relatively low-cost items like the Firebox VoIP Cyberphone were featured, which allow users to make low-cost calls to landlines and mobile phones all over the world and free calls to anyone using a similar VoIP phone (Calls over the Net, 2005). It is technology such as this which has in part fueled the flurry of corporate adopters. In excess of nine million North American corporate telephone lines ran on VoIP in 2004, a full 11 percent of the total. That number was up from 4 percent from 2002, according to Gartner Inc., and is expected to reach 41 percent by 2008 (Fahmy, 2005).

VoIP installations achieve cost savings from a variety of sources. Obviously, running voice and data on the same network reduces the hardware, maintenance, and service needed. A great example of the financial benefits of VoIP is illustrated by the recent adoption of VoIP by the accounting firm Grant Thornton, LLP. The firm used to spend more than $800,000 a year on long-distance calls made from its 49 U.S. offices. VoIP installations cut that spending by more than 60 percent. In addition, local phone charges fell by 40 percent (Fahmy, 2005).

Several other factors also influence the adoption of VoIP technology, including improved network utilization, opportunities for value-added services, and progressive deployment. Traditional circuit-switched networks have to “dedicate a full-duplex 64 kb/s channel for the duration of a single call, whereas with VoIP networks the bandwidth is used only when something has to be transmitted,” utilizing network resources more effectively and allowing more calls to be carried over a single link. In addition, VoIP offers many other advanced features such as caller ID and call forwarding that can be added as value-added services to VoIP networks at minimal cost. Finally, IP telephony is “additive to today’s communications networks since it can be easily integrated with existing PSTN infrastructure and networks” (Zeadally, 2004). However, there are other, less obvious benefits that corporate users are discovering that merit mention:

•
VoIP reduces the cost of reconfiguring the network every time an employee switches office or cubicles.
•
VoIP allows users to easily self-administer their call forwarding, helping to route calls to either voice mail or external lines depending upon the caller.
•
Using a popular feature called unified messaging, employees can check messages left at different numbers on one centralized platform (Fahmy, 2005).
•
Businesses can amortize their VoIP equipment in as few as three months (Ross, 2004).

Telecommunication service providers are in the midst of developing converged core networks for both data and voice to support this evolution. There are also economic incentives, improved productivity, and new revenue-generating services that come along with these new networks (Prabhakar, 2005).

Key Terms in this Chapter

Disaster Recovery: The process of regaining access to data, hardware, or software after a computer based human or natural disaster.

Local Exchange Carrier (LEC): A regulatory term in telecommunications for the local telephone company.

Multiprotocol Label Switching (MPLS): A data-carrying mechanism which emulates some properties of a circuit-switched network over a packet-switched network.

Quality of Service (QoS): A set of quality requirements on the collective behavior of one or more objects in the field of telephony.

Voice Over IP (VoIP): The routing of voice conversations over an Internet Protocol-based network.

Public Switched Telephone Network (PSTN): The network of the world’s public circuit-switched telephone networks.

Plain Old Telephone Service (POTS): The voice-grade telephone service that remains the basic form of residential and small business service connection to the telephone network in most parts of the world.

Complete Chapter List

Search this Book:

Reset

MLA

APA

Chicago

Export Reference

A Strategy for Enterprise VoIP Security

Abstract

Introduction

BENEFITS OF VoIP

Key Terms in this Chapter

Complete Chapter List