VOIP Advantages, Disadvantages and Security Term Paper

12). Each would require however separate DHCP servers so that firewall protection could be easily integrated within the system (Kuhn, Walsh & Fries, 2005; Flatland, 2005). H.323 SIP and other VOIP protocols can be disconnected at the voice gateway that interfaces with the PSTN to allow for stronger authentication and access control on the gateway system (Kuhn, Walsh & Fries, 2005). However this can make key management problematic. Other ways to secure the data and voice network include implementing "packet filters" to track malicious connections (although this doesn't always work and is not always sensible) or IPsec and Secure Shell to manage remote voice and data access so hijackers can't utilize the remote system (Kuhn, Walsh & Fries, 2005).

If performance declines because of security measures then the organization can take advantage of encryption at a gateway like the router rather than "individual endpoints" which would allow "IPsec tunneling" however this burden should be placed at a central point in the system so that all VOIP traffic is safe and encrypted rather than traffic only at specific gateways, like at the router (Flatland 26). A central location is universally protective whereas endpoint protection is time consuming and less efficient. Either way each requires a bit of work and training to set up correctly (Flatland, 2005).

Organizations have to determine whether they are capable of managing the risk involved with using VOIP before they invest and take advantage of the benefits VOIP has to offer. It is important that "continuity of operations" is not interrupted while deploying VOIP systems (Kuhn, Walsh, and Fries, p. 11). Competent trainers will use voice samples and insert them into data packets to test their transmission on the Internet, using Real-time Transport Protocol or RTP packets, which are able to hold larger volumes of data that can assemble information from one point to another.There are also many versions of VOIP that an organization must look at before they decide what is right for them. For example, a company might select a key management scheme capable of addressing SIP calls, RTSP sessions, multicast and more; an example of a key system capable of doing this is the MIKEY (RFC 3830; Kuhn, Walsh and Fries 33), which can support multiple "crypto" sessions that are secure and trustworthy in nature. MIKEY allows for what researchers call "crypto session bundles" which Kuhn, Walsh & Fries (2005) describe as "a collection of crypto sessions that may have a common traffic encryption key or TEK, generation key or TGK and "session security parameters" (p. 34). Many different versions of SRTP exist, which all provide greater confidentiality and message authentication as well as "replay protection to the RTP/RTCP traffic" allowing companies the flexibility to adapt application requirements with their own profiles (Kuhn, Walsh & Fries 33).

Conclusions

There are multiple benefits of VOIP which include greater flexibility, lower long-term costs and integration of services. Just as there are benefits there are also disadvantages including the cost to start a system and security costs associated with creating VOIP specific security changes. Flatland (2005) sums it up best noting key to successful integration of VOIP is "selecting a VOIP gateway, wireless access points and phones" that are compatible with a company's existing system (p. 26). Large and small companies alike will find if given enough time, training and patience, that VOIP is superior to other telephone data transmission services and utilities.

References

Flatland, Jeanne. Integrating Voice into the School Network: Benefits of Wireless VOIP,

E Journal (Technological Horizons in Education) vol. 32.8: 2005. p. 26

Kuhn, Richard, Walsh, Thomas and Fries, Steffen. Security Considerations for Voice

Over.....