WavebreakmediaMicro - Fotolia
Securing a unified communications network is a broad and multifaceted challenge. Whether you host your own UC or use a cloud provider -- or a combination of both -- you need to be aware of the specific security capabilities of your UC network to avoid security incursions and hacker-triggered outages. Organizations should consider five areas to support UC network security.
1. Perimeter security. The first place to check UC network security is the perimeter guarding your UC servers and session border controller (SBC). Know what firewall is in place and what capabilities it has. Is it an older firewall with just basic port filtering or is it a next-generation firewall (NGFW) that has advanced capabilities, such as intrusion detection and prevention? Many NGFWs boast application-level capabilities, but they may not extend to UC apps. Even some that claim support for UC apps may provide relatively limited UC security.
2. Admin protection. Vendors go a long way to make UC management easy, but it can also be easy for a hacker to break into the admin login and wreak havoc. Configure your system to require strong passwords. Better yet, seek out systems that allow multifactor authentication to make sure the UC network doesn't become compromised at its management core.
3. Upgrade and maintenance cycles. Some security problems happen because of vulnerabilities in UC apps or the devices protecting these apps. Most vendors will fix holes as soon as they become aware of them and provide updated software for your system. These updates and fixes will not likely be deployed automatically, however. Thus, you need to be sure that the upgrade maintenance cycles of your on-premises or cloud provider will address any security exposure in a timely fashion.
4. Encryption. Everything should be encrypted. Secure Sockets Layer and Transport Layer Security, also referred to as media encryption, can and should be used to encrypt user sessions. For office-to-office connections, some organizations will prefer to provision static VPN tunnels. Don't forget that management traffic should also be encrypted to protect your admin functions.
5. SBCs. Your SBC is the heart of your UC network, so it's no surprise the most sophisticated UC security features are found there. Security features that are not standards-based are becoming significant differentiators among SBC vendors to protect against threats such as denial-of-service attacks, SQL injection or other code injection attacks, and fraud. Ask your SBC provider if they offer these protections as part of their SBC package.
Security is not just something to be done and checked off the list. Plan periodic reviews of your security strategy if UC is core to your business. Run periodic vulnerability scans, as a clean scan will give you peace of mind that your UC network security is where it needs to be.
Dig Deeper on Unified Communications Security
Related Q&A from Kevin Tolly
5G VoIP will have some noticeable benefits over its earlier 4G iteration. Learn how 5G rollouts could improve the VoIP experience with high capacity ... Continue Reading
Organizations have much to consider when evaluating Cisco vs. HPE Aruba switches, such as device architecture, Opex, Capex and analytics capabilities. Continue Reading
UC analytics can be the first warning that your UC system's security has been breached. Comparing statistics month to month can help identify ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.