Growing interest in VoIP technology has created a booming service industry. Because it uses existing network and Internet infrastructure to route telephone calls more efficiently than conventional telephony, VoIP offers business and home users several advantages, such as:

• Lower costs for telephone and Internet services
• More features
• Productivity gains
• Improved collaboration
• Simplified administration

How Secure is VoIP?
The growing popularity of VoIP has also resulted in increased concerns about security. Since VoIP routes calls through the same paths used by network and Internet traffic, it is subject to the same Internet threats. There are also concerns that VoIP traffic may be intercepted, captured or modified.

These concerns are well-founded. Most infrastructure or security vendors who provide VoIP protection do so by using various forms of bandwidth protection, including traffic shaping, rate limiting or quality of service (QoS) techniques -- all techniques that network devices use to ensure VoIP traffic does not get congested on the network.

While ensuring that VoIP traffic has a clear path to its destination is a portion of VoIP security, bandwidth protection alone is not a robust solution.

What VoIP Security Technology Should Do
The ideal VoIP security solution provides preemptive protection from all types of Internet threats, protecting not only the underlying critical infrastructure that supports VoIP devices but also the VoIP protocols themselves. Such protection offers:

• VoIP auditing and protection with robust parsing of key VoIP protocols
• Protection from remote attacks, such as buffer overflows, and vulnerabilities in the underlying operating systems, such as Windows, UNIX and Linux
• Network-layer protection from distributed denial of service (DDoS) attacks, worm propagation and other attacks which exhaust network bandwidth
• VoIP bandwidth protection

IBM Internet Security Systems: Preemptive VoIP Security
Voice over IP protection from IBM Internet Security Systems (ISS) is differentiated by our method of analyzing VoIP traffic. IBM Proventia product line parses and analyzes the underlying VoIP family of protocols, including:

• H.323
• H.225
• Session Initiation Protocol (SIP)
• Simple Traversal of User Datagram Protocol (UDP) through Network Address Translators (NATs)–(STUN)
• Q.931
• H.245
• T.120

Because Proventia recognizes and parses these VoIP protocols, it is able to identify traffic that does not fit or follow the rules of the protocol and can alert administrators to anomalous traffic or block it outright. The use of protocol analysis techniques also means that when variant attacks are released, Proventia will still block them without needing a pattern matching signature update.

By parsing and analyzing VoIP protocols, Proventia security products identify and protect your VoIP services against known and unknown threats -- before they impact your network.

A History of VoIP Security
IBM ISS is one of the first security companies to provide security coverage for VoIP protocols and has been augmenting its protection coverage as VoIP technology continues to mature.

IBM X-Force security intelligence group is responsible for the discovery of many of the vulnerabilities present in VoIP technology. The X-Force works closely with the largest providers of VoIP technology to discover and resolve VoIP vulnerabilities, improving the overall reliability of VoIP implementations and allowing ISS to offer the most comprehensive VoIP security solutions.