Publisher: Cisco Press
With VoIP becoming practically a household name and present in organizations worldwide, we are witnessing a natural increase in attacks and other problems. With this title, Cisco Press aims to arm the reader with appropriate security knowledge to tackle many of the current challenges. Read on to find out what this book offers.
About the author
Patrick Park works for Cisco as a VoIP test engineer focusing on the security and interoperability testing of rich media collaboration gateways. Before Patrick joined Cisco, he worked for Covad Communications (a VoIP service provider) as a VoIP security engineer focusing on the design and deployment of secure network architecture and lawful interception with various tools and solutions.
Inside the book
When you browse through the book, you immediately realize the material is very technical and therefore not aimed at an inexperienced audience. You should seek elsewhere if you're looking for introductory material that explains what VoIP is in detail. The focus of this title is security only, and it's intended for system engineers, network administrators, security consultants and everyone else interested in specifics related to VoIP security.
Park illustrates an abundance of best practices while analyzing and simulating current threats such as Denial of Service (DoS), sniffing, spoofing and VoIP spam. The author also presents details about authentication, encryption, transport and network layer security.
There is no single device that can protect and entire VoIP network, the best you can do is stay informed on the current vulnerabilities and deploy a consolidated solution which includes every one of your devices and architectures. Park shows you how to protect the enterprise VoIP network and in his examples uses Cisco products which is natural since this is a Cisco Press title.
The last part of "Voice over IP Security" talks about Lawful Interception (LI) and its implementation. It's basically the interception of telecommunications by law enforcement agencies that we usually refer to as wiretapping. LI is based on a government law requiring service providers to provide interception of user information and material related to the subject is very relevant for anyone dealing with a VoIP network.
If you're deploying VoIP or you're just curious about the security issues, this book is a must-read. It's not a massive publication offering detailed insight, but it still provides a quality picture of the threat landscape along with first-rate recommendations.
When it comes to real-world advice, the author brings forth his expertise and shares details that could really help you down the road.