VoIP Security Framework Emerges amidst Vendor Releases
Security continues to be a hot topic in the VoIP market. This week the draft version of the VoIP security framework from the VoIP Security Alliance (VOIPSA) was released, as vendors new and old continue to put out solutions to secure IP telephony.
VOIPSA is an industry associationformed in February of this yearthat currently claims more than 100 member organizations. The VoIP Security Threat Taxonomy is an effort to clearly identify the threats to which VoIP is vulnerable; it is the first project completed since the group's formation.
The Taxonomy provides a detailed structure that discusses potential VoIP vulnerabilities including social attacks, eavesdropping attacks, interception and modification, service abuse, and intentional interruption of service attacks.
"While some early press accounts have focused on the potential for VoIP spam and VoIP call hijacking, the consensus of learning from this project is that there are many other threats inherited from traditional data networks (worms, DDoS, etc.) that are more likely to occur today," the VOIPSA website states.The Taxonomy is only a first step for VOIPSA; its expected next step, a list of VoIP security requirements, is being targeted for release by the end of the year
Though VOIPSA is just now formalizing its definition of security threats, member companies (and others) are already in market helping enterprises identify security threats in their respective environments.
VoIPShield Systems of Ottawa, Ontario is now out in the market with its VoIPaudit solution, which it bills as a VoIP vulnerability assessment solution. They claim that it's the first solution that addresses VoIP security at the systems level.
Bogdan Materna, vice president of engineering and CTO at VoIPshield, explained to VoIPplanet.com in a briefing that he anticipated VoIPaudit will be used as a sales tool by VoIP vendors to help validate security and close deals.
Juniper Networks this week unveiled its latest VoIP security initiative, a Dynamic Threat Mitigation solution that aims to prevent denial of service (DoS), worm, and SIP attacks from affecting VoIP networks.
The solution includes Juniper's service deployment system (SDX), intrusion detection and prevention (IDP), and Juniper routers. The way the solution works is that if the IDP component identifies some form of intrusion attempt it relays that information to the SDX, which automatically limits the traffic from the source of the intrusion based on policy to the router. In the case of a worm infection, for example, the infected VoIP subscriber is redirected to a web page that notifies the subscriber and provides details for remediation.
Voice qualitya concern that must be balanced against securityis maintained with Dynamic Threat Mitigation, according to Juniper. Dean Sheffield, voice solutions marketing manager for Juniper Networks explained that the solution combines firewall and VPN functionality with IDP capabilities. The solution can split the VoIP signaling (SIP) from the voice media.
"The signaling goes through the IDP and the media goes through the firewall ASICs," Sheffield said. "This helps to ensure that minimal latency and jitter are introduced through the ISG [integrated security gateway] with the IDP device, resulting in high quality voice."
Like VoIP security in general, Juniper's Dynamic Threat Mitigation solution is a work in progress that will improve as time goes on.
"SDX is a mature product that has been in production networks for more than five years now," Sheffield said. "We will continue to develop IDP as a mechanism for detecting voice related attacks. The integration between the two is very tight now."
"We will continue to improve the ease of deployment of the solution so that IP telephony can be implemented with more confidence by service providers and enterprises."