Offical Blog

VOIP and Security

VOIP is now entrenched in the world for voice communications. That places VOIP clearly on the radar for Cyber Criminals. Unfortunately VOIP was not designed with security in mind. In fact the vary nature and standards set make VOIP even more vulnerable to Security Breaches.

In order for VOIP to be accepted it must be as good as or better than the PSTN. Therefore, security can not change the specs. For H.323, SIP, RTP, and others but must performs its role without compromise. In addition, a voice call may travel through 15- 20 different systems.

The major issues are

Latency- G.114 requires 150 ms. For 1 way traffic, 100 ms across N.America, and 400 ms for international traffic. The entire  end      to  end VOIP call includes Call Set up, Encryption, Encoding, Sample Capture, Parkerizing, to the final Move to Output will take up to 121 ms.
Jitter     – Out of Sequence Packets
RTP        - Special Header fields that reassemble packets into a voice signal are carried
                   as payload by UDP.

Several Immediate Security Vulnerabilities

1. VOIP  – protocols are based on a very well accepted set of Stds.
2. RTP    – through conversions from voice signals to data signals in the payload sector to voice again RTP would be vulnerable.
                 – Voice Packets are carried as Payload and most security appliance do not
                  inspect payload.
                – Packets are carried Out of Band and accessible by Cyber Criminals.

These aspects of VOIP bring vulnerabilities and opportunity for Cyber Criminals to launch a DDOS, Flood on SIP Messages, Capturing Customer Records, and others.

Barrier1 introduces only 12.4 microsecs. Delay, SIP aware, and H.323 compatible. Barrier1 has been providing Network Security for VOIP for over 4 years without modifications.