Home > Articles > Cisco Network Technology > IP Communications/VoIP > Cisco IP Telephony Security Framework

Cisco IP Telephony Security Framework

Chapter Description

This chapter examines the Cisco IP Telephony Security life cycle. It also shows how to develop an IP telephony security policy, evaluate cost versus risk, determine the level of security required for your IP Telephony network, and develop Cisco IP Telephony Security Framework.

Putting Together All the Pieces

It is finally time to put together all the pieces to outline a security framework for your Cisco IP Telephony network:

  • Security strategy
  • Risk assessment
  • Security controls
  • Identified threats, attacks and vulnerabilities, and mitigations
  • Organization objectives

The driving force is that an IP Telephony Security Framework should help in the enrichment of IP Telephony services, enabling the users to feel confident in the privacy and integrity of their communication. In other words, a security framework should enhance and not form an obstruction to the IP-based communications.

IP Telephony Security Framework

The main ideologies that drive an IP Telephony Security Framework are as following:

  • Supports simplification of design and configuration for security for IP Telephony network
  • Ascertains confidentiality, integrity, and availability of IP Telephony network
  • Provides defense in opposition to internal and external threats and diverse attacks
  • Provides for scalable IP Telephony architecture by integrating multiple layers for security
  • Based on corporate security policies and strategy
  • Should function in a mixed environment of secured and unsecured IP Telephony components

To describe the security framework for your IP Telephony network, a useful approach would be to divide the tangible IP Telephony solution into logical domains and to pin down threats and vulnerabilities within each domain. The logical domains in which an IP Telephony solution can be broken down into following categories:

  • IP Telephony Call Control servers (CUCM)
  • IP Telephony media servers (Unity and Unity Connection)
  • IP Telephony application servers (Attendant console and UCCX)
  • IP Telephony billing, user data servers (CDR and LDAP)
  • IP Telephony end-user devices (IP Phone, soft phone, and CUPC)
  • IP Telephony operational and management access
  • Peripheral servers (voice gateways)
  • Communication transit in internal networks (Intranet or Extranet)
  • Communication transit in a public network (Internet)

Figure 4-7 outlines the logical domains pertinent to an IP Telephony Security Framework.

Figure 4-7

Figure 4-7. IP Telephony Security Framework: Logical Security Domains

In essence, at a high level, the IP Telephony Security Framework can be envisioned as a blend of the following elements:

  • Technology involved
  • Management support
  • Regulatory aspects
  • Organization processes
  • Training requirements

It is around these elements that a security framework revolves. Let’s comprehend what each element contributes to the IP Telephony Security Framework:

  • Technology involved: The most critical element for maintaining confidentiality, integrity, and availability of IP Telephony services. Technology goes from evading passive intrusion attempts to sophisticated attack mitigation techniques (as discussed in Chapter 1, “What Is IP Telephony Security and Why Do You Need It?”). It is the core of an IP Telephony network and plays the most significant role in defining the security controls and processes to be followed. The technology aspect involves (but is not limited to) the following:
    • Attack mitigation
    • Pre- and Post-deployment risk, vulnerability, and security assessment
    • Define standards for encryption, key management, and authentication within the organization
  • Management support: As a well-known fact, no (IP Telephony) project will commence devoid of apt funding and support by higher management. The decision makers, stakeholders, and executives should be supportive to have a secure and robust IP Telephony network in place. In other words, they should be better informed about the cost of security breaches and the ROI so they not only support the financial cause, but also support from a leadership and involvement perspective. (Remember risk assessment and security strategy requires participation from stakeholders.)
  • Regulatory aspects: The U.S. Communications Assistance for Law Enforcement Act (CALEA) may require access at various security levels. A service provider is obliged to provide the necessary session keys to law enforcement personnel. Despite that private companies may be exempt, a 2007 U.S. government regulation, CALEA, requires public VoIP carriers to comply with federal wiretapping standards. There are other regulatory acts that come into action pertinent to VoIP systems, for example, the Fighting Internet and Wireless Spam (FISA) Act and USA Patriotic (also known as Patriot) Act. Moreover, some organizations (for example, financial institutions) are required to meet global certifications. See the following URL for more information on how Cisco products cater to these requirements:


  • Organization processes: The organization processes have a strong influence on the security framework because they drive the organization’s objective to which the security framework should be aligned with. Furthermore, a security strategy must be aligned with organization’s mission and vision, objectives, and goals. IP Telephony Security requires continuous vigilance and should be integrated into existing processes rather than viewed at as a one-time task. In essence, the processes elements include the following:
    • Security strategy
    • Organization objectives and goals
  • Training requirements: The Cisco IP Telephony system provides users with an extensive range of security features. These features are however useless if users of IP Telephony do not understand how to use them. Thus, it is important that end users are involved early in the implementation phase and IP Telephony administrators are involved during planning phase. Furthermore, cross-training should also be provided by the organization to the IT and telecom staff who may not have worked together prior to an IP Telephony implementation. Because IP Telephony systems are more complex than traditional telephone systems and use the underlying network, getting IT, telecom, and network teams aligned and training collectively is crucial to build and maintain a secure IP Telephony system.

Therefore, it is the accumulation of all the elements discussed (in Chapters 1 through 4), that derive the security framework for an IP Telephony network, as illustrated in Figure 4-8.

Figure 4-8

Figure 4-8. IP Telephony Security Framework

The IP Telephony Security Framework (refer to Figure 4-8) should serve as the baseline to protect your IP Telephony network and its services. The implementation of this framework is detailed in the subsequent chapters via security construct in design, configuration, and implementation.