[cisco-voip] Some Noob questions about a new VoIP deployment

Lelio Fulgenzi lelio at uoguelph.ca
Tue Mar 4 12:44:30 EST 2008 

There are some new features coming out which help (help, not eliminate) security concerns like this. I got this from an online webinar and have not tested this, but apparrently with the latest IOS you can check for CDP, inline power and full duplex all being present before you will allow a device on the voice VLAN.

http://cisco.com/en/US/docs/switches/lan/catalyst3750e_3560e/software/release/12.2_40_se/configuration/guide/swvoip.html#wp1030836


Lelio
--------------------------------------------------------------------------------
Lelio Fulgenzi, B.A.
Senior Analyst (CCS) * University of Guelph * Guelph, Ontario N1G 2W1
(519) 824-4120 x56354 (519) 767-1060 FAX (JNHN)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ 
"Buffalo buffalo Buffalo buffalo buffalo buffalo Buffalo buffalo."      WJR

  ----- Original Message ----- 
  From: Robert Holtz 
  To: 'cisco-voip at puck.nether.net' 
  Sent: Tuesday, March 04, 2008 11:28 AM
  Subject: [cisco-voip] Some Noob questions about a new VoIP deployment


  We are in the process of rolling out a Cisco VoIP network and there have been quite a few concerns expressed in regards to security.

   

  We're using VACL's on our code 6509 switches to stop IP data VLAN ranges from entering the VoIP VLAN but it would appear that the program named "VoIP Hopper" would allow us to bypass and VACL.  I have yet to use VoIP Hopper but will attempt it some time soon.  Has anyone used this product to jump through a VACL?

   

  Our next concern is QoS and what are some good open source tools to generate traffic to trigger the QoS queuing mechanisms.  All of our gear is gigabit Ethernet so I'm thinking that I won't be able to generate the level of traffic I need without multiple machines.  Promising tools so far look like "BitTwist" and "D-ITG".  Does anyone have any recommendations for these types of tools?

   

  Thanks,

  -R-



------------------------------------------------------------------------------


  _______________________________________________
  cisco-voip mailing list
  cisco-voip at puck.nether.net
  https://puck.nether.net/mailman/listinfo/cisco-voip
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://puck.nether.net/pipermail/cisco-voip/attachments/20080304/04186561/attachment.html

More information about the cisco-voip mailing list