|
Home > Archive > CCNP > February 2004 > Voice and Data lines
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Voice and Data lines
|
|
| Lebanese_007 2004-02-04, 8:12 am |
| hi, i have a question... i have a network that has 2 lines of data and 2 lines of voice that aer coming in. the data lines are going through the firewall, but the voice lines are not.... could that be a security hole???
The data lines are coming from the cloud to a Cisco PIX firewall. | |
|
| What are you using the voice lines for? telephone? ISDN? DSL? If you are using the "voice" lines for data, then I would think that when you are "on", and your not going through a pix, then sure it could be. If you are just using them for an analog phone, well, I guess not. | |
| peterd 2004-02-10, 3:51 am |
| Hi Guys,
I get an email every few days from Webtorials, some of them I ignore as they're not related to my line of work but some are very interesting. Like this one...
--------------------------
Abstract: The Border Patrol: Firewalls For VOIP by Gary Audin
Firewalls provide security by blocking intrusions into an enterprise
network. By allowing certain traffic in while blocking other kinds, they
represent the physical implementation of an enterprise’s security
policies.
But firewalls also produce performance problems and cause delay. Most
firewalls are designed for data applications and are not application
specific, though some firewall vendors (such as Check Point, Jasomi,
Datapower, F5 and Sarvega) are moving toward packet content analysis
(called deep packet inspection). This is a move to more
application-specific security, though even it does not yet cover voice
over IP (VOIP) packet analysis.
VOIP traffic requires real-time delivery, short delay, low jitter and low
packet loss across networks. Data firewalls are not designed for real-time
applications. Among other issues, they have difficulty dealing with
Network Address Translation (NAT) and VOIP signaling.
Besides these challenges, other performance and control issues arise when
voice passes through a firewall. Next-generation firewalls will have to
understand the concept of a “call” in order to do voice traffic analysis.
These complexities point toward the central question: What is the best way
for enterprises to deploy firewall capabilities in converged voice/data
networks?
About the author:
Gary Audin is president of Delphi, Inc., an independent consulting and
training firm.
Registered users at Webtorials may access the white paper directly
at both:
http://www.webtorials.com/main/eduweb/voice/index.shtml and
http://www.webtorials.com/main/eduw...ial/index.shtml
Others may access the white papers after registering at
http://www.webtorials.com/register.html
-----------------------
This may be worth a look and certainly worth registering for a while to see if they come up with anything relevant to your job.
Regards
Peter |
|
|
|
|