Sunday, March 23, 2008

Practical VoIP Security 2006

What Is VoIP?


Although VoIP, IP Telephony, and Converged Networks all have slightly different definitions, they often are used interchangeably. In this book, we will do the same. When using any of these terms, we are talking about the structures and processes that result from design and implementation of a common networking infrastructure that accommodates data, voice, and multimedia communications. Today, it is all about voice. There are plenty of examples of streaming video, but the enthusiasm today is to replace circuit-switched voice with packet-switched voice within the enterprise and at home across broadband connections.

Why is this happening now? IP telephony adoption is ramping up dramatically for a number of reasons: traditional PBXs and related telco equipment that was upgraded as organizations prepared for Y2K is beginning to reach end-of-life; IP switches are cheaper and potentially offer more features than traditional PBXs; data system administrators and their networks have become more mature, and thus, can support the quality of service that VoIP services require; and VoIP technology (par­ticularly the products) have gotten better. VoIP is attractive to organizations and to broadband end-users as they attempt to derive more value from an infrastructure that is already paid for.

VoIP Benefits

What does converging voice and data on the same physical infrastructure promise? First, we may actually lower costs after all, due to the economies of supporting one network instead of two. Organizations also will save money on toll bypass, intralata regional toll (also known as local toll) charges, and all the “extra” services that POTS providers currently bill for.

VoIP, from a management and maintenance point of view, is less expensive than two separate telecommunications infrastructures. Implementation can be expensive and painful, but is repaid in the form of lower operating costs and easier administra­tion. The pace and quality of IP application development is increasing in step with VoIP adoption. Features that were unavailable on traditional systems, such as “click-to-talk” with presence awareness, can rapidly be modified and deployed. Even voice encryption, which in the past was limited to select organizations, can now be used by anyone in a VoIP environment.

An often overlooked benefit of converging data and voice is that organizational directories often are updated and consolidated as part of the VoIP deployment pro­cess. This not only enables economies in and of itself but also makes features such as Push Directories possible. Push is the capability of an application using the WML protocol to send content to the telephone. IP transforms the everyday telephone into an applications-enabled appliance. The addition of push enables phone displays and/or audio to support a variety of applications (Web browsing, time reporting, emergency alerts, travel reservations, account code entry, announcements, branding via screensaver, inventory lookups, scheduling, etc.).

Convergence should simplify telecommunications management. For example, a single management station or cluster can be used to monitor both data and voice components and performance via SNMP. As mentioned earlier in this chapter, direc­tory management will be simplified as well.

VoIP Protocols

Two major VoIP and multimedia suites dominate today: SIP and H.323. Others (like H.248) exist, and we will discuss some of them in this book, but these are the two major players. For simplicity, I will define SIP and H.323 as signaling protocols. However, whereas H.323 explicitly defines lower level signaling protocols, SIP is really more of an application-layer control framework. The SIP Request line and header field define the character of the call in terms of services, addresses, and pro­tocol features.

Voice media transport is almost always handled by RTP and RTCP, although SCTP (Stream Control Transmission Protocol) has also been proposed and ratified by the IETF (and is used for the IP version of SS7, known as SIGTRAN).The transport of voice over IP also requires a large number of supporting protocols that are used to ensure quality of service, provide name resolution, allow firmware and software upgrades, synchronize network clocks, efficiently route calls, monitor performance, and allow firewall traversal. We talk about these and others in more detail in Chapter 8.

SIP is a signaling protocol for Internet conferencing, telephony, presence, events notification, and instant messaging. SIP is an IETF-ratified response-request protocol whose message flow closely resembles that of HTTP. SIP is a framework in that its sole purpose is to establish sessions. It doesn’t focus on other call details. SIP mes­sages are ASCII encoded. A number of open source SIP stacks exist.

H.323, on the other hand, is an ITU protocol suite similar in philosophy to SS7. The H.323 standard provides a foundation for audio, video, and data communica­tions across IP-based networks, including the Internet. The H.323 protocols are compiled using ASN.1 PER. PER (Packed Encoding Rules)—a subset of BER—is a compact binary encoding that is used on limited-bandwidth networks. Also, unlike SIP, H.323 explicitly defines almost every aspect of call flow. The only open source H.323 stack I am aware of is the OpenH323 suite.

Both protocol suites rely upon supplementary protocols in order to provide ancillary services. Both protocols utilize TCP and UDP, and both open a minimum of five ports per VoIP session (Call signaling, two RTP, and two RTCP.) Both proto­cols offer comparable features, but they are not directly interoperable. Carriers tend to prefer H323 because the methods defined by H.323 make translation from ISDN or SS7 signaling to VoIP more straightforward than for SIP. SIP, on the other hand, is text-based, works better with IM, and typically is implemented on less expensive hardware. H.323 has been the market leader, but SIP rapidly is displacing H.323.
To Be Continued - Read Comment to Download This Book

1 comments:

Anonymous said...

http://rapidshare.com/files/101661503/1._Practical_VoIP_Security.rar

or

http://tinyurl.com/2tjy8k

Would you like to get my updates directly to your mailbox? Click below to Enter your mail address

Subscribe to Books Tube


AddThis Feed Button 
Page copy protected against web site content infringement by Copyscape