Securing VOIP?

Date: 10/15/01

Message-ID: <>
Subject: Securing VOIP?
Date: Mon, 15 Oct 2001 17:12:30 +0200


I have to review our concept for implementing VOIP. I have to make sure, that all security issues are covered. If anybody could give me some help on this question:

Our provider says, that we need no firewall for VOIP because our Voice Gateway receives only PRI requests/transfers. He says that it is possible to restrict the Voice Gateway for only PRI-Traffic and that it is impossible to bring data along with PRI. The PRI is always converted to voice. Now I have seen, that you can send Voice, Video and Data on PRI. Is it really necessary to have an Firewall between our CallManager and Voice Gateway or can I trust the provider and be sure, that nothing else (IP-Transfers) is coming over this line?

Many thanks in advance!

Claudia Reber
IT-Security Officer

Die Schweizerische Post
Information Technology Services
IT5 IT-Security
Webergutstrasse 12
CH-3030 Bern (Zollikofen)

Tel: ++41 (0)31 338 16 44
Handy: ++41 (0)79 211 01 48
Fax: ++41 (0)31 338 74 92
> e-Mail
> visit our homepage:
> (intern)
> (extern)
There was a belief that it was going to be easy. They were wrong!

This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see: