From the course: CISSP Cert Prep (2021): 4 Communication and Network Security
Telephony
From the course: CISSP Cert Prep (2021): 4 Communication and Network Security
Telephony
- [Instructor] For many decades, voice communications and network traffic were completely separate entities. Analog networks carried voice traffic, while digital networks carried data. Times have changed, however, and today these networks have converged. Voice over Internet Protocol, or VoIP technology, now allows the use of a single data network for both voice and data communications. VoIP works by converting voice signals from analog to digital form and then transmitting them using the same IP protocol that carries other network communications. Users of VoIP technology may use a variety of different devices to communicate. These range from dedicated VoIP phones that look like regular telephones but connect directly to a data network, to soft phones that are simply software running on a computer or a mobile device, or hardware used to bridge an existing analog phone network to a digital network for communication over the internet. The use of VoIP technology does introduce some security issues that administrators must be aware of as they design voice networks: encryption and network segmentation. Both of these technologies are designed to prevent unauthorized use of VoIP networks and unauthorized eavesdropping on authorized communications. As in many eavesdropping attacks, encryption is one of the best ways that you can protect voice communication. Encryption scrambles the contents of communication and prevents eavesdroppers from hearing those contents. Unfortunately, encryption is not always viable on voice networks due to the cost and functionality loss that encryption adds. In some cases, the use of encryption noticeably distorts the voices of telephone users to an extent that they find unacceptable. When encryption isn't viable, VoIP administrators may achieve some protection against eavesdropping through the use of a separate VLAN for voice communications. They may use network access control technology to prevent any device other than a VoIP phone from connecting to the voice VLAN. This prevents attackers from connecting a traditional computer to that network and then using a protocol analyzer such as Wireshark to eavesdrop on voice communications. VoIP administrators must implement controls to protect the security of telephone communications carried over data networks.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.