Read without ads and support Scribd by becoming a Scribd Premium Reader.

See Premium Plans

Language:

Download

Go BackAdd Note

Link

Embed

Save

You're Reading a Free Preview
Page 4 is not shown in this preview.

Buy the Full Version

You're Reading a Free Preview
Pages 8 to 38 are not shown in this preview.

Buy the Full Version

You're Reading a Free Preview
Pages 42 to 99 are not shown in this preview.

Buy the Full Version

Searching...

Result 00 of 00

00 results for result for

Security Considerations for Voice Over IP Systems

Download or Print

Add To Collection

8.0K

Reads

Readcasts

Embed Views

TIP Press Ctrl-F⌘F to search anywhere in the document.

Read without ads and support Scribd by becoming a Scribd Premium Reader.

See Premium Plans

Get Scribd Mobile

To get Scribd mobile enter your number and we'll send you a link to the Scribd app for iPhone & Android.We've sent a link to the Scribd app. If you didn't receive it, try again.

Text me

We'll never share your phone number.

Sections

EXECUTIVE SUMMARY AND RECOMMENDATIONS
1 Introduction
1.1 Authority
1.2 Document Scope and Purpose
1.3 Audience and Assumptions
1.4 Document Organization
2 Overview of VOIP
2.1 VOIP Equipment
2.2 Overview of VOIP Data Handling
2.3 Cost
2.4 Speed and Quality
2.5 Privacy and Legal Issues with VOIP
2.6 VOIP Security Issues
3 Quality of Service Issues
3.1 Latency
Figure 2. Sample Latency Budget
3.2 Jitter
3.3 Packet Loss
3.4 Bandwidth & Effective Bandwidth
3.5 The Need for Speed
3.6 Power Failure and Backup Systems
3.7 Quality of Service Implications for Security
4 H.323
4.1 H.323 Architecture
Figure 4. H.323 Call Setup Process
4.2 H.235 Security Profiles
4.2.1 H.235v2
4.2.1.2 H.235v2 Annex E – Signature Security Profile
Table 2: H235v2 Annex E – Signature Security Profile
Table 3: H235v2 - Voice Encryption Option
Table 4: H235v2 Annex F – Hybrid Security Profile
4.2.2 H.235v3
Table 5: H235v3 Annex D - Baseline Security Profile
4.2.3 H.323 Annex J
4.2.4 H.323 Security Issues
4.3 Encryption Issues and Performance
5 SIP
5.1 SIP Architecture
Figure 5. SIP Network Architecture
5.2 Existing Security Features within the SIP Protocol
5.2.1 Authentication of Signaling Data using HTTP Digest Authentication
5.2.2 S/MIME Usage within SIP
5.2.3 Confidentiality of Media Data
5.2.4 TLS usage within SIP
5.2.5 IPsec usage within SIP
5.2.6 Security Enhancements for SIP
5.2.7 SIP Security Issues
Figure 6. SIP Protocol
6 Gateway Decomposition
6.1 MGCP
6.1.1 Overview
6.1.2 System Architecture
IP
Figure 7: General Scenario for MGCP Usage
6.1.3 Security Considerations
6.2 Megaco/H.248
6.2.1 Overview
6.2.2 System Architecture
Figure 8: General Scenario for MEGACO/H.248 Usage
6.2.3 Security Considerations
7 Firewalls, Address Translation, and Call Establishment
7.1 Firewalls
7.1.1 Stateful Firewalls
7.1.2 VOIP specific Firewall Needs
7.2 Network Address Translation
Figure 9. IP Telephones Behind NAT and Firewall
7.3 Firewalls, NATs, and VOIP Issues
7.3.1 Incoming Calls
7.3.2 Effects on QoS
7.3.3 Firewalls and NATs
7.4 Call Setup Considerations with NATs and Firewalls
7.4.1 Application Level Gateways
7.4.2 Middlebox Solutions
Figure 10. Middlebox Communications Scenario
7.4.3 Session Border Controllers
7.5 Mechanisms to solve the NAT problem
7.6 Virtual Private Networks and Firewalls
8 Encryption & IPsec
8.1 IPsec
8.2 The Role of IPsec in VOIP
8.3 Local VPN Tunnels
8.4 Difficulties Arising from VOIPsec
8.5 Encryption / Decryption Latency
8.6 Scheduling and the Lack of QoS in the Crypto-Engine
8.7 Expanded Packet Size
8.8 IPsec and NAT Incompatibility
9 Solutions to the VOIPsec Issues
9.1 Encryption at the End Points
9.2 Secure Real Time Protocol (SRTP)
9.3 Key Management for SRTP – MIKEY
9.4 Better Scheduling Schemes
9.5 Compression of Packet Size
9.6 Resolving NAT/IPsec Incompatibilities
10 Planning for VOIP Deployment
REFERENCES
A Appendix: VOIP Risks, Threats, and Vulnerabilities
A.3 Availability and Denial of Service
B Appendix: VOIP Frequently Asked Questions
C Appendix: VOIP Terms

Info and Rating

Category:	Uncategorized.
Rating:
Upload Date:	04/06/2011
Copyright:	Attribution Non-commercial
Tags:	No tags

Download as Text file (.txt), PDF File (.pdf) or read online.

Flag for inappropriate content

Download and print this document

Read offline in your PDF viewer
Edit this document in Adobe Acrobat, Notepad
Keep a copy in case this version is deleted from Scribd
Read and print without ads
Email the file

Choose a format to download in

Download

Read without ads and support Scribd by becoming a Scribd Premium Reader.

See Premium Plans

Security Considerations for Voice Over IP Systems

Get Scribd Mobile

Sections

Info and Rating

Download and print this document

Choose a format to download in

Choose a format to download in

Recommended

Recommended

Security Considerations for Voice Over IP Systems

Get Scribd Mobile

Sections

Info and Rating

Download and print this document

Choose a format to download in

Choose a format to download in

Recommended

Recommended

Other login options

Why Sign Up?

Login Successful

Sign Up Successful