From this article on Bruce Schneier’s weblog, he states:

VOIP calls are vulnerable to a variety of threats that traditional telephone calls are not. Encryption is one of the essential security technologies for computer data, and it will go a long way toward securing VOIP.

And as he also points out, encryption can protectagainst almost all common security threats to VoIP. However, for end-users using softphones on their computers encryption cannot protect you against some malicious software or a hacker who has gotten into your system from monitoring your phone calls.

On a business side, implimenting VoIP telephony for a company should not be seen as simply adding ip telephony. In my opinion, it should be completely seperate from your existing network. Voice traffic should be encrypted from the end points to the softswitch (or software pbx such as asterisk) and should be run on a completely seperate network or VLAN. I would personally run completely seperate cabling connected to seperate network switches for all voice traffic. Devices would be restricted by MAC address, and routing to/from your existing LAN would be restricted based on an as-needed basis. (Some ip phones can link to an LDAP directory or pull other data via the network to display on the phone before/during a phone call)

By seperating the traffic you minimize the chance of network eavesdropping, limit the possibility of DDOS or other network traffic issues hindering voice quality and/or network/internet connectivity.

Imagine 1000 employees in a single building, on a single LAN shared with VoIP traffic. Some IT engineer decides to re-run a backup that failed the night before from a server on one end of the building over the LAN to the storage server on the other end of the building, eating massive amounts of bandwidth… but hey, they’re on a gigiabit backbone right? Lunchtime hits and everyone starts browsing their favorite websites, and clicking on email links to online videos. Some people are listening to streaming radio, and a good majority of people are calling their spouse, friends, the repair shop or whatever… Suddenly the internet is slowing to a crawl and voice quality drops. Networks apps become sluggish, and the big boss man isn’t happy!

Why wouldn’t this be something taken into consideration when the technology was being deployed? VoIP isn’t just another simple add-on to your network if you are serious about deploying it system-wide. It’s potential use and impact need to be taken into consideration. Yes it can save money, but as with anything it takes money to save money. Spend a little to set it up right, and you see the savings (without the headaches) down the line.

Who sez I didn’t post anything in April?

...happy april fools?