While forming a security framework for your Cisco IP Telephony network, it is vital to have a handle on the various components that form the security framework. The Cisco security life cycle must be followed meticulously to implement the four phases and fit them to your IP Telephony network. This should be followed by the planning and designing of security into your IP Telephony network. Then is the rigorous exercise of risk assessment, countermeasures, and a contingency plan for every recognized asset for your IP Telephony system and underlying network equipment the organization or business owns or operates. IP Telephony Security policy is an imperative component of your IP Telephony Security Framework, without which you simply cannot position proper security controls even if you have them penned down.
A security policy is not a fixed document because it needs to be updated on a regular basis to counter any new security challenge or to address a new requirement. When designing a secure IP Telephony network, some goals (for example, objectives an organization; intent to ensure IP Telephony system availability, confidentiality, and integrity; readiness for lawful interception; alignment with overall organization security objectives; and so on) need to be taken into consideration. This chapter also discussed how much it costs when threats are realized and the IP Telephony system is out of service, that is, the cost of security. Also, you can work out the right level of security for your IP Telephony network based on the covered case studies presented in this chapter.
Part II, “Cisco IP Telephony Network Security”, shows you how to protect your IP Telephony network by securing Layer 1 (physical layer), Layer 2 (switching infrastructure), Layer 3 (routing infrastructure), and network perimeter. You will learn about the importance of network security pertinent to IP Telephony, and the ways in which you can secure your IP Telephony network against internal and external threats.