By extending their IP PBXs and adding unified communications applications, enterprises can decrease costs, improve collaboration and ensure business continuity. However, they must also address several important security issues before they extend their VoIP network and UC applications over public and/or untrusted networks.

Data security is insufficient

Best practices for data security alone do not provide total protection for VoIP networks and UC infrastructures. To deploy secure IP PBX and VLANs safely, enterprises need real-time UC security solutions that offer comprehensive threat protection, strict policy enforcement, robust access control, and privacy of confidential data.

VoIP and UC are different

Despite using the same IP communications network and many of the same services as other data protocols, VoIP and UC contain a number of significant differences including:

Along with susceptibility to standard data attacks, these differences and others expose VoIP and UC applications to application layer attacks and blended attacks. Secure IP PBX and VLAN deployments demand fine-grained UC security policies, new access and authorization measures, and encryption for signaling and media traffic for assured privacy of real-time communications.

The Sipera VoIP/UC Security Solution

The Sipera UC-Sec family of security appliances offers real-time VoIP and UC security including comprehensive threat protection, strict policy enforcement, strong access control, and privacy protection to address the security issues involved in deploying IP PBXs and VLANs.

Backed by the top VoIP/UC security research team in the Sipera Viper™ lab, the Sipera VIPER Services organization tests applications, infrastructures, and devices using the most up-to-date vulnerability information databases to ensure these components are protected from all VoIP/UC‑related attacks.

This expertise is also the basis for all the VoIP security techniques found in the Sipera VIPER Engine that forms the foundation of all Sipera UC-Sec appliances.

Deploying and implementing

Based on results of the risk analysis, Sipera helps enterprises deploy the UC-Sec appliances at interconnection points in the network where high-risk networks gain access to the enterprise’s high-value VoIP and UC assets. Deployment scenarios for UC-Sec appliances might include the data centre in front of the UC-Sec or <!--[endif]-->between internal VLANs, public Internet DMZs, and/or private WAN DMZs.

Deploying the Sipera UC-Sec Element Management System (EMS) would also allow the enterprise to configure and manage all UC-Sec appliances from a central location.

Secure Results

There is no stopping the move by enterprises to extend their IP PBXs' to soft phones, WiFi/dual-mode phones, VoIP remote users, and SIP trunks to enable a whole host of unified communications applications. The business benefits enterprises can realize by making this move are too compelling to ignore.

Enterprises that follow the VoIP/UC best practices will deploy:

Together, these steps help to ensure VoIP/UC-security requirements are addressed and their unified communications infrastructure is protected and available at all times.

Enterprises that deploy Sipera UC-Sec security appliances for secure IP PBXs and VLANs capture the substantial business benefits of unified communications without compromising on security.

Learn more: download Securing IP PBX and VLAN Deployments to read about this complete secure IP PBX and VLAN deployment solution.