Opinion   More Opinion

VoIP Security Vendors Watch & Wait for the Worst

January 26, 2009 | Denise Culver | Comment (1)
no ratings

In many ways, it is not an enviable position. After all, no one likes a doomsday prophet, but that is exactly the position in which VoIP security vendors find themselves. Their tales of woe indicate that sometime in the future – most likely in the next 12 to 18 months – a serious breach in security will occur on VoIP networks, creating a domino-like effect in the industry.

First, the bubble will burst for those who believe that hackers are not interested in VoIP networks. Next will come a round of similar, yet devastatingly painful, realizations, as increasing numbers of attacks are successfully volleyed against VoIP networks. With that, enterprises and network operators will recognize en masse that their VoIP networks simply are not equipped to handle the sophistication of attacks hitting them, and VoIP providers will suffer from the resulting lack of quality of service (QoS) and other customer service metrics that cannot withstand such breaches in security.

These are just some of the findings in this month's Light Reading's VoIP Services Insider, "VoIP Security: Vendors Prepare for the Inevitable."

Executives at many VoIP security vendors believe that enterprises will be the first targets for VoIP security breaches. "Enterprises are deploying increasing numbers of teleworking solutions," says Adam Boone, VP of marketing with Sipera Systems Inc. , "and they're federating with their partners and customers over the open Internet. This will expose them to various security threats over the Internet without adequate security measures."

Another area likely to be a significant target is SIP trunking. "In the next 12 months, there will be an increased rate at which external connections are established to VoIP networks," says Peter Cox, CEO of UM Labs Inc. "This includes SIP trunk links, links to home workers, provisioning of services to roaming users, and the use of VoIP for calling customers and service providers. In many market sectors, and specifically in banking and finance, a significant percentage of VoIP networks are operated in complete isolation, with no links to data networks and no external links other than PSTN connections."

Although VoIP security vendors can – and do – warn others about the inevitable attacks that will befall VoIP networks, their warnings can only do so much. Many VoIP customers believe their networks to be adequately protected by their service provider or data security vendor, while others are simply unaware of the impending threats. Until VoIP infrastructures are significantly threatened, the doomsday predictions of VoIP security vendors make them little more effective than folks standing with cardboard signs on the side of the Internet highway.

— Denise Culver, Research Analyst, Light Reading's VOIP Services Insider

The report, VoIP Security: Vendors Prepare for the Inevitable, is available as part of an annual subscription (6 bimonthly issues) to Light Reading's VoIP Services Insider, priced at $1,295. Individual reports are available for $900. For more information, or to subscribe, please visit: www.lightreading.com/entvoip.
Newest Comments First       Display in Chronological Order
ODonnell
User Ranking
Wednesday January 28, 2009 9:17:17 AM
no ratings
Denise. Thanks for the post. All voice security awareness helps everyone out. As for the article. I am assuming you are referring to the SIP/VOIP only security plays that are watching and waiting. We at SecureLogix are solving big VOICE issues on the security front today. We are not waiting for anything. We see and prevent massive amounts of fraud and close EXISTING security vectors today. Its not about Packet Only voice security. It's Network to Network security. In the enterprise there are 2 big networks that have ALWAYS been connected. It is not a "backdoor". Some of the biggest breaches have been done via a 56k modem. (Try Citi in the 90's....$10M gone.)14 years later....no packet security company can or does solve that issue. Is packet voice security necessary? Yes. But please don't beleive it's all you need. Dial through fraud is going through the roof. It doesn't discriminate. Vishing to extort and transfer funds in banking call centers is pervasive. It's interesting to see the greater security community watching and waiting for hypothetical SIP fuzzing attacks on hypothetical SIP voice networks whilst customers are being breached today. Broadband attacks "may" be sexier but one doesn't need a broadband connection to get an IP address. Narrowband has been a successful tool in the journeyman's bag for decades.
Joe ODonnell
SecureLogix Corporation
LIGHT READING MARKET PLACE
Unified Communications Solutions
Streamline Communications, Increase Efficiency & Lower Costs. Learn More.
Free Network Management Tool!
Find and fix problems 70% faster, even through the cloud. Free management tool!
Used and Refurbished HP ProCurve Switches
Lifetime Warranties, Professional Testing & Shipping on all HP Equipment Purchases!
Master Your Asset Retrieval
OnProcess helps leading companies return inventory faster, saving $$Millions
Mobile Device Management
AirWatch Tracks, Monitors and Manages your Mobile Devices and WLAN in Real Time.
The blogs and comments are the opinions only of the writers and do not reflect the views of Light Reading. They are no substitute for your own research and should not be relied upon for trading or any other purpose.
Most Popular
Read
Related Content
White Papers SPONSORED CONTENT
Featured
Podcasts SPONSORED CONTENT
Services Transformation - by Alcatel-Lucent Communications service providers want to be able to bring new services to...
Rural Ops Bridge the Digital Divide - by Tellabs Tellabs helps IOCs build triple play networks
Driving Network Transformation - by Alcatel-Lucent In order to deal with competitive pressures, the change in service models...
Back(haul) to the Future - by Tellabs Tellabs works with Vodafone to meet growing mobile broadband demands.
MRS Logistica - by Tellabs Tellabs helps MRS Logistica transform its existing, largely outdated TDM networks to IP.
Carrier Ethernet Offers an Enterprising Solution - by Tellabs What is VPLS and how does it work? Tellabs takes a closer look.
Swisscom’s Network Makeover - by Tellabs Fresh off the launch of 7.2 Mbps HSDPA, Swisscom sees 3G as an opportunity to launch a unifying ...
Telecom in Namibia - by Tellabs Tellabs helps Telecom Namibia with next-gen challenges
Companies
Alcatel-Lucent (5872), AT&T (1948), BellSouth (848), BT (1287), Cablevision (615), Cisco (5297), Comcast (1910), Cox Communications (858), Deutsche Telekom (807), eBay (Skype) (345), Ericsson (1617), France Telecom (964), Google (489), Huawei (1045), Intel (1127), Juniper (2022), Microsoft (1115), Motorola (1486), Nokia Siemens Networks (2645), Nortel (3956), NTT (173), Siemens (1359), Sprint (1059), Telefonica (439), Time Warner Cable (969), Verizon (2587), Vodafone (510), Yahoo (339)

Broadband
Access equipment (2168), Access technologies (2378), Broadband loop carriers / multiservice access nodes (388), Cable modem termination systems (CMTSs) (1104), Cable TV chips (286), DSL (2424), DSL chips (227), DSLAMs (703), Free-space optics (35), FTTx (3264), Gaming consoles (58), Gaming servers (22), Media adapters (23), Municipal networks (106), PON (1363), PON chips (217), Satellite (497), WiMax (880), Wireless LAN (354)

Cable Digital
Cable Modems (681), Cable/MSO equipment (2802), CableLabs (470), Compression (MPEG-2 and MPEG-4) (279), Docsis (1046), Embedded multimedia terminal adapters (E-MTAs) (213), Head-ends (233), PacketCable (129), QAM (307)

Chips, Components & Subsystems
ASICs & FPGAs (101), ATCA (480), ATM chips (13), Comm chips (2360), Dispersion compensators (149), Lasers (920), Modulators (163), Mux/demuxes (299), Network processors (933), Optical amplifiers (349), Optical channel monitors (92), Optical components (2824), Speciality fiber (94), Switches & OADMs (397), Transceivers (1247), Transmission fiber (419), Variable optical attenuators (139)

Ethernet
10-Gbit/s Ethernet switches (1454), Access devices (272), ATM switches (333), Circuit emulation (16), Converged access (103), Ethernet chips (573), Ethernet equipment (2211), Ethernet over copper (230), Ethernet PONs (160), Ethernet services (1909), Ethernet technologies (568), Multipoint (131), Multiservice edge equipment (143), Multiservice provisioning platforms (622), Multiservice switches (389), PBT (Provider Backbone Transport) (256), Point-to-point (139), Pseudowire (Layer 2 tunnels) (132)

IP & Convergence
B-RASs (229), Cell/WLAN (77), Compression equipment (13), Core routers (1294), DNS (56), Edge routers (1686), ENUM (53), Fixed/Mobile Convergence (485), GMPLS (76), IMS (1088), IMS Control Layer (27), IMS Service Layer (27), IP equipment (1224), IP software (381), IP technologies (1482), IPv6 (99), Layer 3 VPNs (194), MPLS (1774), MPLS (687), Multicast (36), P2P (258), Pseudowire (Layer 2 tunnels) (132), QOS (350), SIP (396), Traffic managers (808), Wireline/Wireless (59)

Mobile/Wireless
3G Evolution (175), Broadcast (Mobile TV, etc.) (189), Carrier WiFi (226), CDMA (3G) (367), Core Network (173), EV-DO (126), Femtocells (30), Fixed Wireless (Microwave, etc.) (71), Fourth Generation (4G) Wireless (70), GSM/EDGE (430), HSDPA/HSUPA (321), IMS Core (47), Long-Term Evolution (LTE) (188), Mobile Advertising (24), Mobile Music (31), Mobile TV (130), Mobile Video (65), Mobile WiMax/WiBro (92), Mobile/Wireless (5877), Packet Core (61), Radio Access Network (236), TD-SCDMA (Chinese 3G) (67), Transmission (38), Ultra-Mobile Broadband (UMB) (8), UMTS(3G) (340), Voice Core (21), WiMax (880), Wireless Backhaul (272), Wireless Chips (191), Wireless LAN (354)

Optical Networking
40-Gbit/s transmission (452), Core optical switches (760), CWDM (289), DWDM (1842), Long-haul WDM equipment (654), Metro optical switches, ROADMs (1173), Metro WDM equipment (773), Multiservice provisioning platforms & add/drop muxes (375), Optical equipment (2191), Optical switches & crossconnects (398), Optical technologies (417), Sonet/SDH (1036), Sonet/SDH chips (351), Wavelength services (305)

Security
Anti-virus (29), Denial-of-service attacks (44), Encryption (97), Endpoint security (22), Firewalls (61), Intrusion detection & prevention (45), IPSec VPN (801), Security (1835), SSL VPN (862), URL filtering (12), User authentication (24)

Services Software
Activation (415), Billing systems (761), Content/software downloads (231), Customer relationship management (231), Data Integrity (61), Element management systems (36), Fault management (69), Inventory management (153), Mediation systems (204), Messaging (231), Middleware (72), Mobile location (41), OSS (2584), Performance monitoring (335), Policy control (269), Provisioning (553), Revenue assurance & fraud management (334), Service delivery platforms (SDPs) (328), Service management (220), Service-oriented architectures (310), Services (2480), Web gateways (56), Web services (124), XML (51)

Test & Measurement (Sponsored by Etaliq Inc)
Access equipment Access test & measurement equipment (126), Comm chips Comm chips test & measurement equipment (29), Ethernet equipment Ethernet test & measurement equipment (170), IP equipment IP test & measurement equipment (122), MPLS MPLS test & measurement equipment (14), Optical components Optical components test & measurement equipment (113), Optical equipment Optical test & measurement equipment (886), OSS OSS test & measurement (1059), Sonet/SDH Sonet/SDH test & measurement equipment (1599), Test & measurement (1755), VOIP equipment VOIP test & measurement equipment (145)

Video (Sponsored by Ericsson Televisionary)
Broadcast (Mobile TV, etc.) (189), Broadcast video equipment (including encoding) (730), Content delivery network (CDN) (394), Content protection (270), DVRs (665), Internet Video (840), IPTV (3461), Middleware & business support systems (845), Set-top boxes (1624), Stored video servers (379), TV (3581), Video equipment (2448), Video services (4130), Video software (1349), Videophone (185), VOD (2635)

VOIP
Application servers (186), Centrex (198), Conferencing (78), Contact centers (38), Enhanced voice (34), Enterprise (637), Media gateways (357), Messaging (73), Presence management (43), Residential (835), Session border controllers (398), Signaling gateways (104), Softswitches (1090), VOIP chips (167), VOIP equipment (3423), VOIP services (3768), VOIP software (620), VOIP VPNs (28), Wholesale (220)