Categories

Editor's Choice
Tech Jobs Network
News & Events
Access Control & Identity Management
AI & Data Analytics
Asset Management
Associations
Conferences & Events
Facilities & Building Management
Fire & Safety
Information Security
Infrastructure
Integrated Solutions
IoT & Automation
Perimeter Security, Alarms & Intruder Detection
Power Management
Products & Solutions
Security Services & Risk Management
Smart Home Automation 
Surveillance
Training & Education
Videos
Security by Industry Sector ▾








Print this page printer friendly version

Securing VoIP

October 2013 Information Security

Voice over IP (VoIP) is seen as a reliable, cost effective medium for voice communications the world over. However, since it’s based on IP (the Internet protocol), it is also vulnerable to the dangers facing other uses of IP, such as data transactions over the Internet. Hi-Tech Security Solutions spoke to Chris Sutherland, brand manager for Miro to find out more about VoIP as well as the security implications of using this technology.

Hi-Tech Security Solutions: VoIP is being marketed as a good communications medium, but it still depends on network performance and prioritising voice over other data. What kind of bandwidth does a company need to ensure good voice communications over VoIP?

Chris Sutherland: The network speed actually isn’t too much of a concern as VoIP takes up a very minimal amount of bandwidth. On a straightforward 100 Mbps network, you would be able to have thousands of VoIP calls with no issues. The problem is network architecture and how reliable your network is. Many companies have built networks and upgraded networks by simply bolting on extra switches and devices with no concern for network architecture or reliability. This means that the more networking hardware you have in a company, the more latency, lost packets and variability in latency you will have, especially when using low cost network equipment such as cheap switches. These latency issues and lost packets are absolute killers for VoIP traffic and will have a large effect on your voice quality.

The next thing you have to worry about is what type of traffic is the VoIP data going to have to share the infrastructure with. If the company is simply going to be browsing the Internet and sending e-mails through their network, then VoIP will happily run alongside this traffic as there will be plenty of spare network speed/throughput available. If the company is going to be maxing out their network lines by transferring large files such as AutoCAD drawings and the like, this can affect the performance of VoIP considerably and a separate, dedicated cable network should rather be considered for the VoIP infrastructure. If a separate cabled infrastructure is not an option, then you should segment your network and separate the VoIP traffic from the other standard network traffic by means of QoS. This allows you to give priority to the VoIP traffic, and ensure top quality voice calls. This type of setup can be achieved with network routers such as MikroTik, and by making use of managed network switches such as Edgecore, which will understand and operate with advanced network protocols such as VLAN.

Hi-Tech Security Solutions: What about when you break out into the Internet? We’ve all had Skype calls that are patchy even on supposedly good lines, how do you ensure quality when using infrastructure that does not belong to you and is not controlled by you?

Chris Sutherland: With Internet connectivity, there is unfortunately no guarantee of line quality. If you are going to be using standard Internet lines, QoS (Quality of Service) is key here. Being the owner of your network, you should know the types of traffic that are coming in and leaving your network, and you should put top priority to your VoIP traffic over any other type of Internet traffic. This doesn’t have to be an expensive exercise either.

The best option for VoIP connectivity is a closed system. Most top end VoIP providers are able to provide you with a breakout connection such as a wireless link, Diginet line, Fibre line etc., which communicates on a closed network, meaning the breakout link is only capable of carrying VoIP traffic, and no Internet connectivity is available. The VoIP providers are in direct control of these lines and can assure a much better voice quality and service. This closed system will of course also add a great deal of security to your system, as no outside Internet attacks are possible. I would not recommend ADSL lines for VoIP, regardless of whether or not they are dedicated to the VoIP provider, as ADSL is a heavily oversubscribed service and cannot offer the quality that VoIP requires.

Hi-Tech Security Solutions: We’ve also all heard about hackers and vulnerabilities involved when transmitting data over the Internet or even a corporate WAN, how does one secure VoIP traffic to prevent people listening?

Chris Sutherland: The only way to truly secure your VoIP traffic, is to secure your network. Firewalls, appropriate wireless security methods (WPA2) and managed Internet lines are top priority here and not just for VoIP traffic, but all traffic. VoIP trunks themselves can have an encryption method turned on, but the VoIP provider will need to support this feature. Of course, one of the best things to do is make use of a closed breakout connection which your VoIP provider will supply. This is an outbound line, but with no Internet traffic. It is purely dedicated to carrying voice traffic to and from your VoIP provider, and nowhere else, meaning there is no chance of outside tampering.

Hi-Tech Security Solutions: How can one secure against people, for example, hacking into the company WiFi network and then using the VoIP infrastructure to make calls or inject malware into the organisation? Is this something that can happen?

Chris Sutherland: This is a very large possibility, and again, it all comes down to security. Many people do port forwarding to their VoIP server so that they can access it remotely and perform remote configurations and remote VoIP calls. This is a great feature of VoIP, but is a massive security risk as this opens the door for others to remotely see your server and start their hacking attempts. This often results in VoIP servers being compromised, and thousands of Rands in phone calls being placed within a few hours, resulting in a large, unexpected phone bill.

The best way to avoid this scenario, but keep the remote functionality, is to make use of VPNs. VPNs are secure, robust and provide you with all of the remote access you need. You can now remotely configure the PBX from anywhere in the world, make phone calls from anywhere in the world, but not before you dial up to your network with an encrypted username and password.

For more information contact Miro Distribution, 086 123 MIRO, riandi@miro.co.za, www.miro.co.za



Credit(s)

Tel: +27 12 657 0960
Email: sales@miro.co.za
www: www.miro.co.za
Articles: More information and articles about MiRO



Share this article:
Share via emailShare via LinkedInPrint this page


Further reading:

Kaspersky finds security flaws that threaten vehicle safety.
News & Events Information Security Transport (Industry)
At its Security Analyst Summit 2025, Kaspersky presented the results of a security audit that exposed a significant security flaw enabling unauthorised access to all connected vehicles of one automotive manufacturer.

Read more...
The overlooked risks of everyday connectivity
Information Security
That free Wi-Fi you are using could end up costing you a lot more money than your hotspot data if it has been compromised, says Richard Frost, head of technology solutions and consulting at Armata Cyber Security.

Read more...
Syndicates exploit insider vulnerabilities in SA
Information Security Security Services & Risk Management
Today’s cyber criminals do not just exploit vulnerabilities in your systems; they exploit your people, turning trusted team members into unwitting accomplices or deliberate collaborators in their schemes.

Read more...
GenAI fraud forcing banks to shift from identity to intent
AI & Data Analytics Information Security Financial (Industry)
The complexity and velocity of modern fraud schemes, from deepfakes to fraud and scams involving social engineering, demand more than just investment in new tools; they need adaptability and expanding the security net.

Read more...
Global Threat Intelligence Report for October 2025
Information Security News & Events
Africa was pipped to the post as the most attacked region by Latin America, which averaged 2966 attacks per organisation per week (+16% YoY). Africa followed with (2782, – 15%) and APAC (2703, – 8%).

Read more...
Business logic vulnerabilities: the silent cyberthreat
Information Security
New Magix R&D Lab white paper helps local businesses identify hidden cybersecurity weaknesses that do not stem from the usual coding errors or configuration flaws that security tools are designed to detect.

Read more...
Cyber attack surface expanding
Asset Management Information Security Logistics (Industry)
Despite the increasing number of attacks, analysis of Allianz Commercial cyber claims shows that severity is down by 50% and large-claim frequency by 30% in H1 2025, driven by larger companies’ enhanced detection and response capabilities.

Read more...
The impact of AI on security
Technews Publishing Information Security AI & Data Analytics
Today’s threat actors have moved away from signature-based attacks that legacy antivirus software can detect, to ‘living-off-the-land’ using legitimate system tools to move laterally through networks. This is where AI has a critical role to play.

Read more...
Managed security solutions for organisations of all sizes
Information Security
Cyberattackers have become significantly more sophisticated and determined, targeting businesses of all sizes. PwC’s Global Digital Trust Insights Survey 2025 Africa and South Africa highlights the urgent need for organisations to implement robust cyber risk mitigation strategies.

Read more...
Multiple IoT devices targeted
Information Security Residential Estate (Industry)
Mirai remains one of the top threats to IoT in 2025 due to widespread exploitation of weak login credentials and unpatched vulnerabilities, enabling large-scale botnets for DDoS attacks, data theft and other malicious activities.

Read more...











SMART Security Business Directory


While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.

Published by Technews

»  Dataweek Electronics & Communications Technology
»  Electronics Buyers' Guide (EBG)

»  SMART Security Solutions
»  SMART Security Business Directory

»  Motion Control in Southern Africa
»  Motion Control Buyers' Guide (MCBG)

»  South African Instrumentation & Control
»  South African Instrumentation & Control Buyers' Guide (IBG)



© Technews Publishing (Pty) Ltd. | All Rights Reserved.