According to a new report from research firm In-Stat, concern over VoIP security is fueling sales of security appliances.
In-Stat reports that among companies that have deployed VoIP systems, more than three-quarters indicated that they plan to replace their security appliances with the next year. According to survey respondents though, concerns over VoIP security usually do not precede the installation of a VoIP system.
“We were surprised that the highest percentage of concern (63.8 percent) for VoIP security was after implementation,” In-Stat analyst Victoria Fodale told VoIPplanet.com. “Respondents [articulating security concerns] who were still in the planning stages were between 10 and 12 percent.”
The study also showed that companies with 500 to 999 employees had a higher degree of VoIP security concern than larger or smaller companies.
Fodale explained that all the threats currently found in the data networking world—including worms and viruses, DoS attacks, spam, and even phishing—are applicable to VoIP.
“In addition, there security concerns specific to VoIP, such as exposure of sensitive company information in call logs or voice mail,” Fodale said. Other risk areas noted by Fodale include eavesdropping or interception of voice communication, malicious attacks or malware that could impact the availability of voice service, and fraudulent use of voice service.
“Security appliance vendors are adding functions to their products that address voice signaling and call-control protocols,” Fodale explained. “It’s a daunting challenge considering the multitude of VoIP standards and protocol options.”
In terms of vendors and products that may potentially be poised to reap the rewards of VoIP security, Fodale noted that it varies by product and market segment.
Among traditional firewall vendors that have updated existing products to support VoIP protocols, Fodale mentioned SonicWall and Checkpoint. For Security appliance specialists that have point products that address VoIP protocols she called out TippingPoint (3Com), Borderware, and Ingate. And among large networking vendors that have upgraded their portfolios and made acquisitions to support converged networks, Cisco and Juniper.
In-Stat expects that by 2006, enterprises will start to show measurable rates of adoption in VoIP deployments and further forecasts that the overall security appliance market will be worth $7 billion by 2009.
“Ultimately, the convergence of voice and data on a single network will lead to a shift in the security appliance landscape,” Fodale said, “with less emphasis on traditional perimeter-blocking defenses and more focus on intelligent traffic management.”