BT has announced a partnership with Nortel to provide managed IP services to the Ministry of Defence (MoD) that could, they say, result in improved security around emerging VoIP technology.
The partnership is part of the £1.5bn Defence Fixed Telecommunications Service (DFTS) between BT and the MoD to build and manage a coordinated communicated infrastructure for the Army, Royal Navy and RAF.
The infrastructure, which includes Nortel's switching and VoIP technology valued at around $42m (£23m), will provide WAN services in over 2000 locations including voice services to over 200,000 subscribers and Ethernet connectivity to around 150,000 terminals.
Successful migration to the new IP based services is ensured, say the companies, by the construction of a £3m dedicated testing facility in Harlow, Essex. The Network Development Lab (NDL), officially opened on Wednesday, is a replica of the MoD's telecommunications network and includes all the existing equipment currently deployed in the real network plus any new equipment to be rolled out in the future.
BT and the Defence Communications Services Administration (DCSA), the operator of the wider DFTS project, plan to use the lab as a showcase for any work to emerge from the project that could have benefits for the private sector.
John Anderson, director of BT Government, said that any innovation in security of IP communications — particularly voice traffic — could be passed on. "The fact that the lab has been set up for the DFTS means there will be benefits from security and reliability for VoIP. The MoD requirements for security could cross over into the commercial world and have benefits for the financial sector for the instance," he said.
But the use of VoIP for military purposes may be met with scepticism by some security experts who have warned that the emerging technology has some potential fundamental security issues.
Nick Jones, a research vice-president for Gartner warned recently that VoIP services pose a threat to corporate security because they require some ports on the firewall to be left open, which can give hackers opportunities to penetrate a network. "There are lots of concerns about security on VoIP," said Jones. "Your security people may not realise they are opening their network. You can't use deep packet inspection. You just have to open up ports and hope everything is okay."
The head of information security for the Royal Mail, David Lacey, has also warned that VoIP applications will expose companies to hackers and malicious code if not implemented correctly. He claims that a widespread IT security incident will occur in the next two years, possibly as a result of companies hastily moving to VoIP.
Responding to the security fears, BT's Anderson said that both his company and the MoD tested the technology thoroughly before deciding to implement the IP system. "The fact that the MoD has gone through a thorough investigation of its own of the technology and then BT has carried out its own testing indicate that those investigations have been made," he said.
Anderson added that Nortel was selected as a partner because of its "excellent reputation" and its extensive work with the US Department of Defense. "When we looked at the level of security they have achieved with these emerging technologies we decided they were absolutely the correct partner for this project. You can rest assured this was not gone into lightly given the importance of this project," he said.
But the announcement of the MoD contract comes as security company NTA Monitor issued a warning to its customers of a serious vulnerability in Nortel's VPN routers.
Responding to the NTA warning, a Nortel spokesman claimed that the company was aware of the issue and had already issued a patch. "As a company working with networking software there are sometimes issues that come up like this and you will have seen plenty of these bulletins for different companies over the years. The reason this one probably came to your attention is that it is very rare for Nortel," he said.
The aim of the original DFTS project was to unite the disparate communications networks of the various armed forces which previously had distinct systems that did not interoperate effectively. "The aim was to join-up the separate fragmented networks that the armed forces had to; the RAF had a network, the Army had a network, the Navy had a network and we upgraded them onto a single network platform," said Anderson.