news / tech talk
VOIP Data Connections
by Lee LeClair03/10/2008
As seen in Inside Tucson Business
- Arizona Daily Star
- BizPlanIt
- Linux World Expo
- 40 under 40
- They're on the A-List
- Dotche system built by Ephibian
- AzBusiness
- Arizona Daily Star
- Arizona Daily Star
- Phoenix Business Journal
- Ranking Arizona
- The Arizona Republic
- Hostingtech.com
- American City Business Journals Inc.
- AZtechBiz
- Inside Tucson Business
- Arizona Business Gazette
- Inside Tucson Business
- Fiesta Mall
- Arizona Daily Star
- .com Success!
- Business Wire
- Buck's Woodside Menu
- CRN
- Arizona Daily Star
- LocalBusiness.com
- The Business Journal - Phoenix
- Phoenix Business Journal
- LocalBusiness.com
- Business Wire
- Inside Tucson Business
- internet.com
- AzBusiness
- AZtechBiz
- designshops.com
- AZtechBiz
- BizAZ
- Virtualized Cloud
- Collaboration and Communication
- Personally Identifiable Information
- Cyberwarfare
- iPad and E-Readers
- Trusted Platform Module
- Smartphone Data Security
- Cyber-Espionage
- DTNs
- Have a Plan
- Cloud Computing - Part 2
- Impact of Technology on Existing...
- Data Archiving
- Mobile Telephony - Part 2
- Cloud Computing
- Social Networks
- Password Management
- Netbooks
- Microtargeting
- Packet Analysis
- IP v6
- Surge Protection
- Traveling Safely
- Thin Client
- Uptime
- Mobile Telephony
- Know Thy Programs
- Voice Over IP - Part 3
- Google Apps
- Virtual Computing
- Securing Users
- Simple Desktop Management
- Service Oriented Architecture
- Light-based Communication
- Data Mining
- Small Business Architecture
- Voice Over IP - Part 2
- Business Automation
- Database Needs
- DMZs
- CPUs
- SPAM & Botnets
- Security Testing
- Customer Advocacy
- Laptop Security
- Windows Vista
- Large Scale Deployment
- Network Access Control
- Generator Use
- Uninterrupted Power Supplies
- Web Site Security
- Blu-ray vs. HD-DVD
- Dual-Core Processors
- Business Security
- AJAX
- 3G Mobile Internet
- Apple Intel Processors
- Entertainment Tech
- Cafe Wireless
- Commercial Hosting
- Gaming Consoles
- Voice Over IP
- Blogging
- Is WI-FI Secure?
- OpenDocument Format
- Allured Publishing Changes Name to...
- Computer Model Can Help Prevent War?
- Defense contractors run gamut from...
- ASU gears on-site construction...
- The Cleveland Foundation Selects...
- Global Partners Join Forces to Speed...
- Intuit Completes Acquisition of...
- Strategy unveiled on how tobacco tax...
- Gaiam's, Real Goods' revenues increase...
- LSST Awarded Time on TeraGrid
- Aldine Independent School District...
- Miraval featured in Natural Solutions...
- Ventana Medical Systems Joins TSIA to...
- UA $3 Million Bioterrorism Grant...
- Arizona Center for Integrative...
If your office is considering an update of its telephony structure, you may find yourself considering technologies like Voice Over IP (VOIP), Video Teleconference Over IP (VTCOIP), Skype, GoogleTalk, etc. As you consider the pros and cons of these technologies, do not forget to consider the aspects of security and performance.
The primary telephony structure is still switched virtual circuits provided by the telephone companies; these provide a virtual dedicated circuit from your phone to the one you are calling, typically with about a 64kKHz bandwidth circuit in the US. It provides high quality low latency performance through the use of circuits that are dedicated once they are established when you make the call. This technology has been with us for decades though like everything else it has improved with time (most circuits are digital now where they were once analog).
A security benefit of this technology is that it is largely purpose-built and has been traditionally separate from data networks. Your telephone instrument is not a very smart device and you don’t store data on it so there is not much point in trying to crack into it. Phone phreaking is a time-honored tradition but the intent of it was usually to be able to make free phone calls. Tapping telephone lines typically required getting physical access at the telephone or to the lines nearby; a risky business.
In contrast, data networks were designed for data packets and “bursty” traffic profiles that could operate with delays and latency. Most data traffic does not require near-zero latency; if your email takes a few seconds or minutes to get to its destination, it’s no big deal. However, the need for separate sets of cables, wall outlets, and equipment dedicated to your computers and telephones became a target for cost savings and consolidation when voice capabilities were demonstrated on data networks. Higher bandwidth networks and the ability to use Quality of Service for data prioritization in networks alleviated some pressure on latency and voice quality while the ability to use a single set of cables and switching equipment for both voice and data was attractive. However, there are some serious security issues to consider.
A converged network means that there must be a path for voice traffic on your data network and that means that path could be subverted for data compromise. Recording voice conversations is simpler if you can capture the data packets on the network just like any other data packet can be captured. Finally, the popularity of softphones (telephones in software that reside on PCs) along make for significantly more tempting targets since they operate on the PC that your data resides on. From a reliability view, softphones are dependent on PCs and operating systems – items that are inherently less stable than dedicated hardware telephone instruments. Also, some software “telephones” like Skype are really software applications that use creative methods to get around firewalls between calling parties. It’s a new world out there and only time will tell how well these technologies will work and how secure they are.
If you can, logically separate your voice network from your data network with VLANs so you have both a performance boost and greater security. Be careful, plan well, makes changes in increments, and monitor your progress and you should be alright.
Lee Le Clair is the CTO at Ephibian. His Tech Talk column appears the third week of each month in Inside Tucson Business
The primary telephony structure is still switched virtual circuits provided by the telephone companies; these provide a virtual dedicated circuit from your phone to the one you are calling, typically with about a 64kKHz bandwidth circuit in the US. It provides high quality low latency performance through the use of circuits that are dedicated once they are established when you make the call. This technology has been with us for decades though like everything else it has improved with time (most circuits are digital now where they were once analog).
A security benefit of this technology is that it is largely purpose-built and has been traditionally separate from data networks. Your telephone instrument is not a very smart device and you don’t store data on it so there is not much point in trying to crack into it. Phone phreaking is a time-honored tradition but the intent of it was usually to be able to make free phone calls. Tapping telephone lines typically required getting physical access at the telephone or to the lines nearby; a risky business.
In contrast, data networks were designed for data packets and “bursty” traffic profiles that could operate with delays and latency. Most data traffic does not require near-zero latency; if your email takes a few seconds or minutes to get to its destination, it’s no big deal. However, the need for separate sets of cables, wall outlets, and equipment dedicated to your computers and telephones became a target for cost savings and consolidation when voice capabilities were demonstrated on data networks. Higher bandwidth networks and the ability to use Quality of Service for data prioritization in networks alleviated some pressure on latency and voice quality while the ability to use a single set of cables and switching equipment for both voice and data was attractive. However, there are some serious security issues to consider.
A converged network means that there must be a path for voice traffic on your data network and that means that path could be subverted for data compromise. Recording voice conversations is simpler if you can capture the data packets on the network just like any other data packet can be captured. Finally, the popularity of softphones (telephones in software that reside on PCs) along make for significantly more tempting targets since they operate on the PC that your data resides on. From a reliability view, softphones are dependent on PCs and operating systems – items that are inherently less stable than dedicated hardware telephone instruments. Also, some software “telephones” like Skype are really software applications that use creative methods to get around firewalls between calling parties. It’s a new world out there and only time will tell how well these technologies will work and how secure they are.
If you can, logically separate your voice network from your data network with VLANs so you have both a performance boost and greater security. Be careful, plan well, makes changes in increments, and monitor your progress and you should be alright.
Lee Le Clair is the CTO at Ephibian. His Tech Talk column appears the third week of each month in Inside Tucson Business