VARs Find Market In Securing VoIP

VoIP implementations have attracted few specific attacks so far, but industry observers say it&'s only a matter of time. Security researchers have already found vulnerabilities in various protocols used to enable the technology. Last month, for instance, experts at the CERT Coordination Center issued alerts regarding multiple weaknesses with Session Initiation Protocol (SIP) and H.323.

VoIP deployments are also vulnerable because they ride over the same data networks that daily fend off viruses, worms, denial-of-service attacks and more.

Solution providers say a layered approach is the key to securing their customers&' converged networks.

James Masog, VoIP specialist at solution provider TLIC Worldwide, Wakefield, R.I., relies on secure routers from Cisco Systems and packet sniffers from McAfee to meet his customers&' growing VoIP security needs.

“VoIP requires a new [way of] thinking on security because there are so many different aspects that need to be secured,” said Masog, adding TLIC also started selling new VoIP security tools from a Russian vendor named RealEast Networks. “There is a huge market for this.”

Solution provider Network Vigilance installs a double whammy of Check Point Software Technologies tools both inside and at the network edge, including the vendor&'s Interspect gateway appliances internally and the VPN-1 Pro appliance and Smart Defense intrusion-prevention service at the perimeter, said Peter Bybee, president and CEO of the San Diego-based company.

“The internal appliance can isolate worms and viruses that can propagate through the network and isolate them at the port level, since the stakes are higher on the internal LAN if a service disruption occurs,” he said.

Bybee added the external appliance and Smart Defense subscription work together to stop other VoIP threats, including call hijacking, general denial-of-service attacks and fooled billing, which is when a hacker bills users for calls they did not make.

Vendors are also taking steps to tackle VoIP security threats before they become a major concern. The VoIP Security Alliance (VoIPSA), spearheaded by 3Com's recently acquired TippingPoint division, was launched earlier this month with more than 20 charter members, including Avaya, Qwest Communications International, Siemens, Symantec and the SANS Institute.

“Now most of the security threats to VoIP are the same that face data networks. Attackers haven&'t taken the time to develop VoIP-specific hacker tools yet, but that will change,” said David Endler, chairman of VoIPSA and director of Digital Vaccine at TippingPoint, Austin, Texas.

VoIPSA plans to outline and identify threats to VoIP security, craft best practices and develop and test free security tools, Endler said.

Down the road, VoIPSA is backing research into special security tools, including a “fuzzer” for SIP, which can test for weaknesses and vulnerabilities, Endler said. It also will promote best practices for deploying VoIP, such as configuring gear and separating voice traffic from other data on converged networks, he said.

Still, not all solution providers say VoIP security is a legitimate moneymaker—yet. Pete Busam, vice president and COO of Decisive Business Systems, Pennsauken, N.J., said that, for now, most of his customers are more focused on VoIP technologies rather than the security concerns that could accompany them.

“VoIP security is a real issue, but it may not be a real problem at this point,” Busam said, adding many customers believe some of the built-in security features of IOS-based routers from Cisco protect them from VoIP attacks. “I&'d say it&'s just a matter of time [until hackers] start attacking VoIP, but you never know.”

JENNIFER HAGENDORF FOLLETT contributed to this story.