Location: Home » Web Browsers » General AAS » Voice over IP Security (Networking Technology: IP Communications)

Voice over IP Security (Networking Technology: IP Communications)

Author: Patrick Park
Publisher: Cisco Press
Category: Book

List Price: ~~$55.00~~
Buy New: $15.98
You Save: $39.02 (71%)

New (38) Used (10) from $15.50

Avg. Customer Rating: 4.5 out of 5 stars

3 reviews
Sales Rank: 327558

Media: Paperback
Edition: 1
Number Of Items: 1
Pages: 384
Shipping Weight (lbs): 1.5
Dimensions (in): 8.9 x 7.3 x 1

ISBN: 1587054698
Dewey Decimal Number: 004.695
EAN: 9781587054693
ASIN: 1587054698

Publication Date: September 19, 2008
Availability: Usually ships in 1-2 business days

Also Available In:

•	Kindle Edition - Voice over IP Security

Similar Items:

•	Fax, Modem, and Text for IP Telephony
•	Cisco Voice over IP (CVOICE) (Authorized Self-Study Guide) (3rd Edition) (Self-Study Guide)
•	Telecommunications Technologies Reference (Networking Technology)
•	SSL Remote Access VPNs (Network Security) (Networking Technology: Security)
•	Network Security Technologies and Solutions (CCIE Professional Development Series) (CCIE Professional Development)

Editorial Reviews:

Product Description

Voice over IP Security

Security best practices derived from deep analysis of the latest VoIP network threats

Patrick Park

VoIP security issues are becoming increasingly serious because voice networks and services cannot be protected from recent intelligent attacks and fraud by traditional systems such as firewalls and NAT alone. After analyzing threats and recent patterns of attacks and fraud, consideration needs to be given to the redesign of secure VoIP architectures with advanced protocols and intelligent products, such as Session Border Controller (SBC). Another type of security issue is how to implement lawful interception within complicated service architectures according to government requirements.

Voice over IP Security focuses on the analysis of current and future threats, the evaluation of security products, the methodologies of protection, and best practices for architecture design and service deployment. This book not only covers technology concepts and issues, but also provides detailed design solutions featuring current products and protocols so that you can deploy a secure VoIP service in the real world with confidence.

Voice over IP Security gives you everything you need to understand the latest security threats and design solutions to protect your VoIP network from fraud and security incidents.

Patrick Park has been working on product design, network architecture design, testing, and consulting for more than 10 years. Currently Patrick works for Cisco as a VoIP test engineer focusing on security and interoperability testing of rich media collaboration gateways. Before Patrick joined Cisco, he worked for Covad Communications as a VoIP security engineer focusing on the design and deployment of secure network architectures and lawful interception (CALEA). Patrick graduated from the Pusan National University in South Korea, where he majored in computer engineering.

Understand the current and emerging threats to VoIP networks

Learn about the security profiles of VoIP protocols, including SIP, H.323, and MGCP

Evaluate well-known cryptographic algorithms such as DES, 3DES, AES, RAS, digital signature (DSA), and hash function (MD5, SHA, HMAC)

Analyze and simulate threats with negative testing tools

Secure VoIP services with SIP and other supplementary protocols

Eliminate security issues on the VoIP network border by deploying an SBC

Configure enterprise devices, including firewalls, Cisco Unified Communications Manager, Cisco Unified Communications Manager Express, IP phones, and multilayer switches to secure VoIP network traffic

Implement lawful interception into VoIP service environments

This IP communications book is part of the Cisco Press Networking Technology Series. IP communications titles from Cisco Press help networking professionals understand voice and IP telephony technologies, plan and design converged

networks, and implement network

solutions for increased productivity.

Category: Networking?IP Communication

Covers: VoIP Security

Customer Reviews:

5 out of 5 stars

This provides all the analysis and tools necessary for understanding VoIP threats and system protection November 10, 2008
VoIP security issues are becoming more and more serious as voice networks grow and intelligence attacks and fraud become more sophisticated, so any library strong in programmer's references including extensive VoIP networking needs VOICE OVER IP SECURITY, an analysis of cryptographic algorithms, threats, and survey of how security issues on networks can be addressed. From configuring firewalls to implementing lawful interception into VoIP services, this provides all the analysis and tools necessary for understanding VoIP threats and system protection.

4 out of 5 stars

Best VoIP Threat Discussion I have seen September 29, 2008
5 out of 5 found this review helpful

I have been carrying this book around with me for a couple weeks now and had a couple long plane flights as well. This is a difficult book to review. The author clearly knows his stuff and the threat treatment is great. However, the material is all over the map. The subtitle talks about good security practices and the book is short on that to be candid. Bottom line, if you are considering a VoIP deployment or wondering how secure/robust your existing deployment is, this is a must read.

My favorite "I never thought of that" scenario in the book was a simple power outage. What if you have twenty thousand IP phones and the power drops . . . then when it is restored all 20k phones start banging the server causing an outage.

4 out of 5 stars

explains security weaknesses in VoIP September 13, 2008
4 out of 4 found this review helpful

Voice over Internet Protocol has emerged as a very popular way to do cheap (often free) long distance phone calls. But there is a huge amount of complexity beneath VoIP, that most users and even sysadmins are blissfully unaware of. The authors of this book perform a valuable service by educating the reader about current and, perhaps more importantly, possible future attacks.

A major source of weakness in VoIP is shown to be due to interoperability issues between different underlying protocols or applications. In turn, a major reason for this is that when the protocols were defined, the authors of the defining documents unwittingly left ambiguities in the specifications. Then when vendors implemented VoIP products based on those protocols, different vendors might reasonably have interpreted the documents differently.

Another source of weakness in security, as compared to traditional phone calls, is that tapping the latter often requires physical access to a phone line or a switching exchange. But VoIP at a low enough level is just like anything else that uses the Internet. Packets are routed through arbitrary third parties on the Internet. Those might have been subverted via remote attacks, so the VoIP cracker could be anywhere in the world.

The book then spends most of its time suggesting protective measures. Including, most interestingly, how to simulate current and possibly future threats. This gives you practical hands on experience in role playing the adversary. Something necessary to fully devise technical solutions.

But even if you do not do the latter, the book is useful simply in making you aware of the danger. So that for "sensitive" conversations, you might advise users to minimise the use of VoIP, perhaps by using standard land lines.