|
Do a search on the Internet for VoIP Security and your search will come back with thousands, if not millions of hits. Voice over Internet Protocol (VoIP) security is fast becoming a number one concern for those deploying this relatively new technology. Hackers are taking notice of this expanding, previously untargeted area as millions of users begin sending conversations over IP networks.
VoIP security presents risks that organizations must address as they move to IP Telephony environments. VoIP can bring organizations tremendous benefits cost savings and increased productivity to name just two; but VoIP will also undoubtedly bring security risks. While you will need to add features to your environment to secure VoIP, youll want to add these features without hindering Quality of Service (QoS). Voice has real-time characteristics, which have very strict requirements for network performance. Delay (latency), lost packets, and jitter are the key network impairments that can cause degradations in VoIP call quality. As you address VoIP security, be aware of the potential performance impacts.
VoIP Performance Factors
A telephone conversation depends on interaction between the caller and the called party. The higher the level of interaction between the two parties, the less they can tolerate delays in the conversation. Most industry experts agree that 150 milliseconds is a good target for the end-to-end delay in a VoIP call. A total end-to-end delay of less than 150 ms is required for toll-quality calls. Delays greater than 400 ms can effectively render the service unusable.
Firewalls and other security applications that work well in data network environments are often not as effective in VoIP environments because they can exacerbate delay. In a data environment, a delay in transmitting information via e-mail likely wont be noticed by the sender or receiver of that data. However, if packets in a phone conversation are delayed even a fraction of a second, it can significantly reduce the quality of a call.
IP phones send VoIP packets at consistent intervals, typically every 20 or 30 milliseconds. When the packets arrive at varying time intervals, the resulting problem is called jitter. Jitter buffers smooth out the variations but add delay, and if the variation is too great, the jitter buffer can drop packets. As new security features are implemented, be careful to check their impact on jitter.
Security features that cause potential bottlenecks can lead to congestion and lost packets. When packets are lost, portions of the conversation, such as a word or a syllable, can be lost. Sophisticated packet-concealment algorithms can minimize some of the impact of randomly lost packets. However, when the packet loss occurs in bursts, or when multiple consecutive packets are lost at a single time, the loss can have a dramatic impact on the quality of the VoIP conversation.
Security mechanisms that are implemented on VoIP servers can also potentially cause performance issues. For example, everyone knows the value of anti-virus software to scan your computer and protect from viruses. It is important to run anti-virus programs on your key VoIP servers. However, real-time scans of frequently updated trace or log files can cause CPU usage and disk access times to increase. You may need to exclude certain directories or files from the virus scan to prevent a VoIP performance hit.
Other security agents on VoIP servers can intercept the kinds of harmful functions that can be accessed at the API level. These security agents can prevent some attacks by controlling what the malicious applications can do. But if you implement such agents, you need to consider the performance overhead for detecting intrusions at this level. Testing is essential. If you turn on all of the protection features, what is the impact on CPU and memory usage? These are some of the tradeoffs you may have to consider.
Encrypting VoIP traffic is a good way to stop hackers from eavesdropping on your conversations. One caveat, though, is the possible impact on network performance as you encrypt traffic. Encrypted traffic requires more device processing and can increase delay, so you may have to deal with declining quality as you secure your calls. Monitoring your call quality as you implement new security features is important so that you dont get caught off guard by user complaints.
A layered security approach is recommended to protect a VoIP deployment. Different network layers have different security features. At the networking Layer 2 (switches), a good recommendation is to protect against ARP poisoning and other spoofing attacks. At Layer 3 (routers), firewalls are a must to harden the perimeter and protect against external attacks. Firewalls often offer different levels of protection, such as deep packet inspection, a method that can decode the VoIP protocols. But the performance implications of layering security features must be considered. Does the feature increase delay, increase the likelihood of congestion, or add variability to packet delivery?
Security and performance management are closely inter-related, creating a delicate balance between security and VoIP quality. You may have to consider tradeoffs between a security feature and the quality of your phone calls. Having good tools to help you assess and monitor the security risk, while monitoring your performance on a 24x7 basis, is critical.
As you closely monitor VoIP quality and security, keep evaluating VoIP from a service perspective. Each element has its own security features, but what you really want to know is how well the overall telephone service youre offering is performing, and how well its protected.
Managing Security Of An IP Telephony Service
Managing security needs to follow the same approach as managing the performance and availability of the IP telephony service itself. Just as you cant manage VoIP availability by monitoring a single element of the service, you cant ensure security by securing just a single element of the system.
Performance, availability, and security are closely interrelated. Providing trusted services relies upon continuously managing and balancing performance and security with the cost required to provide each. As weve seen in the previous section, these three factors are often competing: optimizing one factor generally comes at the expense of the other two. IT providers must work with business customers, legal advisers, compliance teams, auditors, and others to determine the proper balance. Creating effective, efficient, and repeatable IT management processes is critical to achieving the proper, agreed-upon balance.
Some organizations are beginning to utilize best-practice service management frameworks such as ITIL, the IT Infrastructure Library, to help define and implement service and security management processes. In ITIL, these processes are divided between service support the day-to-day operation of IT services and service delivery the long-term optimization of IT services. Unfortunately, while ITIL is starting to gain popularity, most IT providers still employ a very fragmented approach, even to individual service-management processes like incident management. The result is that no one quickly understands incidents, their causes, the business impact, or the appropriate response. Instead, the incident management personnel scramble to gather all of the necessary information, often involving distinct groups that do not have operational responsibilities. This consumes valuable time and effort needed for the response and often leads to other issues.
While a close focus on all the specific security incidents that could occur in a VoIP environment is important, managing services from an integrated performance and security perspective is even more important for ensuring the overall and ongoing health and availability of those services. And as weve stated in the previous section, VoIP is fundamentally a service, a set of linked and interdependent components. Its a highly critical service thats practically useless if its not performing well.
Summary
VoIP security presents challenges, but these challenges are manageable with careful planning, security awareness. Just like any other area of security, you can make things totally secure, but at what cost? For VoIP, the tradeoff could be an incredibly secure phone system that no one uses (they uses cell phones instead) because the call quality is always poor.
Because VoIP is more sensitive than most applications to small fluctuations in the performance of its key components, its a good idea to view VoIP as a service, rather than a system of small components to micromanage. Instead of separating your VoIP deployment into different elements and trying to secure each one separately, you need to manage the performance, availability, and security of your VoIP deployment as an integrated service, wherein performance and availability linked as they are to the health of the entire data network must be balanced with security concerns. IT
Jeff Hicks is Principal Software Architect at NetIQ. For more information, please visit the company online at www.netiq.com.
If you are interested in purchasing reprints of this article (in either print or PDF format), please visit Reprint Management Services online at www.reprintbuyer.com or contact a representative via e-mail at [email protected] or by phone at 800-290-5460.
|
SUBSCRIPTIONS
TMCnet LOGIN
WEBINARS
