[c-nsp] VOIP and security
Colin McNamara
colin at 2cups.com
Fri Feb 22 14:30:29 EST 2008
I would break it into securing the "corporate" network and then securing
the voice stream. You might want to check out this doc for securing
signaling and transport -
http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/security/4_0_1/secuview.html
--
Colin McNamara
(858)208-8105
CCIE #18233,RHCE,GCIH
http://www.colinmcnamara.com
http://www.linkedin.com/in/colinmcnamara
"The difficult we do immediately, the impossible just takes a little longer"
On Thu, 2008-02-21 at 13:46 -0500, Steve Postma wrote:
> I have been asked to provide a secure solution for VOIP at a client
> site. I would like the hardware to perform mac-address filtering so
> that only the voip phones would have access to the media. Then
> access-lists for ip and port level control, and router to router ipsec
> capabilities. What is the minimum level of hardware to accomplish this
> task? It looks like pix can filter by mac-address (I don't have a pix)
> while I believe IOS cannot. Or should I put a switch in front of a
> router for mac-address filtering?
>
>
>
> Voip phone----switch----router-----vpn through corporate firewall-----
> firewall-----router-----VOIP card
>
>
>
> Thanks for your time,
>
>
>
> Steve Postma
> Systems Administrator
>
> 781-994-1200
> spostma at travizon.com <mailto:spostma at travizon.com>
>
> Travizon, Inc. | Working to Bring People Together
> http://www.travizon.com <http://www.travizon.com/>
>
>
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list