With the security of IP-based networks increasingly coming under the microscope--because converged networks face the same hacking threats as data networks--Enterasys is aiming to match the security offered by traditional PBX (private branch exchange) platforms.
Enterasys' Secure Open Convergence platform allows companies to spot and automatically respond to security threats against their IP telephony infrastructure, enforce network access control policies, and comply with regulatory demands for monitoring data security.
While the major VoIP infrastructure providers already offer their own VoIP security solutions, most are designed for individual suppliers' products. Enterasys says its VoIP security offering is particularly useful for those companies using a mixed VoIP infrastructure environment.
"The Enterasys integrated open architecture approach to understand and manage the priority and security of unified communications doesn't lock you into a particular voice, video or data vendor," said Mike Fabiaschi, chief executive of Enterasys. "Whether you have invested in VoIP solutions from the likes of 3Com, Alcatel, Avaya, Cisco, Mitel, NEC, Nortel, Panasonic, Polycom, Siemens or anyone else, we can protect the confidentiality, integrity and availability of voice services while ensuring compliance with internal policies and government regulations."
"Security is among the top concerns of enterprises deploying voice over IP systems," said Brian Riggs, an analyst at Current Analysis. "Software that detects unauthorized use of VoIP systems, prevents service disruption and eavesdropping, and monitors voice networks for new threats will be absolutely vital for businesses considering IP telephony as an alternative to more traditional forms of communication."
With VoIP security often addressed "in a haphazard fashion," Riggs said, a comprehensive solution for securing voice over both wireline and wireless IP networks will be a vital asset to enterprises of all sizes.
While Enterasys' offering will help companies secure their own VoIP architectures, firms that allow their staff to communicate over shared public VoIP networks should still be concerned about increasing threats.
Enterasys has a peer-to-peer traffic management solution to control applications such as Skype.
The technology can control whether Skype traffic is allowed into the network based on its Layer 4 socket signature range. It can then control where it is allowed to propagate through the network, to ensure that only authenticated/authorized users are allowed to connect to Skype services.
With Enterasys' latest VoIP security offering, protection is provided by Enterasys' NAC and Dragon security applications and Enterasys' security-enabled infrastructure for switching, routing and wireless connectivity.
The Dragon Intrusion Detection/Prevention System (IDS/IPS) offers specific signatures and protocol behavioral analysis for H.323 and SIP, which are used in IP telephony environments.
Enterasys' NAC solution assesses, authenticates and authorizes VoIP users and telephony devices before allowing them onto the network, while enforcing policies after they are connected.
Enterasys said its switches, routers and wireless equipment embed policy-based security features on every interface, and each device is protected from denial-of-service and spoofing attacks. VoIP mobility, manageability and reliability are specifically addressed by other separate Enterasys products from the same suite.
Antony Savvas of ZDNet UK reported from London.