Tuesday, November 01, 2005

Industry group plans secure VOIP practices

An industry group is working toward a best-practices document that will spell out for businesses how to build secure VoIP networks using specific makes and models of equipment. While the report won't be available until next year, it will be a practical implementation guide to securely set up VoIP, says Andrew Graydon, a director of the VOIP Security Alliance (VOIPSA ), the group writing the papers.

The document will present sample deployments that have been tested by VOIPSA and found to be interoperable and secure, he says. He said it won't be ready until after another VOIPSA report that will be released by year-end. The project is third on a list of tasks the group is addressing, and VOIPSA is still soliciting members of a committee to work on it.

Vulnerability is a major concern for businesses implementing VoIP and for governments that want to guarantee reliable phone service to sustain their economies. A German government agency last week released its own list of VoIP threats. The German report finds the risk of IP-voice service interruption so great that it recommends keeping voice and data networks separate - undermining convergence.

Earlier this year in the United States, the National Institute of Standards and Technology (NIST) issued its own report on the subject, including recommendations for avoiding security pitfalls. Unlike VOIPSA's work, which is being done mainly by vendors with an eye toward the nuts and bolts of implementing networks, NIST's document was made by government researchers setting principles to follow when doing so.

VOIPSA last week cataloged 36 pages of potential VoIP vulnerabilities and plans to issue a separate document by year-end that describes how technologies, without mentioning vendors, can protect networks.

CATEGORIES: 1VOIP, 1standards, 1best practices, 1industry group
Rate this post: (Provided by NewsGator)


Post a Comment

Links to this post:

Create a Link

<< Home