White Papers

Top Ten VoIP Security Issues

Voice over IP (VoIP), the use of the packet switched internet for telephony, has grown substantially in the past ten years. Securing VoIP has many challenges that do not exist in the public switched telephone network (PSTN), a circuit switched system. VoIP is an application running on the internet, and therefore inherits the internet’s security issues. It is important to realize that VoIP is a relatively young technology, and with any new technology, security typically improves with maturation. This paper identifies the top ten security issues commonly found in a corporate VoIP implementation, the methods to combat them, and security issues not fully addressed by the industry.

Download

Layer 7 Application Firewalls

The firewall, the first line of defense in many network security plans, has existed for decades. The purpose of the firewall is straightforward; permit authorized data to enter and exit the trusted network while preventing unauthorized traffic from doing so. Interestingly, the makeup and methodology of the firewall has not changed as rapidly as the systems and applications it intends to protect. Over the years, enhancements certainly have occurred within perimeter security; however, the overall methodology of the firewall has not radically changed.
Present-day threats in information security require a new firewall technology called application layer filtering, otherwise known deep packet inspection. The purpose of this paper is to describe why application firewalls are quickly becoming a requirement for all corporate computer networks.

Download

Everything But Contingency Planning

Anecdotal evidence strongly suggests that businesses today are not spending sufficient information technology money on risk management activities. This is especially true with small and medium sized organizations of fewer than five hundred employees. The purpose of this article is to identify technology projects that are not; strictly speaking, contingency planning projects, but that will create contingencies as a side benefit. We will bypass the subject of business process identification in favor of end-result improvements in remote connectivity, communications, network availability, and the paradigm change associated with telecommuting initiatives. These improvements are categorized into five projects that an organization might consider acting upon. Our hope is that smaller organizations, which might normally do little to plan for continuity of operations, consider these improvements not only for business continuity and recovery purposes, but also for the value of the project itself.

Download

Datacenter as a service

Should you build your own datacenter in house, or outsource the hosting and maintenance to a third party provider? Advances in telecommunications have paved the way for a hosted datacenter model. As a result, organizations large and small have alternatives to the traditional in house datacenter. The information technology industry has rapidly embraced the concept of Datacenter as a Service, or DaaS. DaaS is the use of a third-party to provide datacenter infrastructure, server resources, and server administration as part of a “pay as you consume” outsourced model. Such outsourcers eliminate the significant upfront expense of a datacenter build, replacing it with an ongoing service fee. The purpose of this whitepaper is to provide an executive summary on both the benefits and issues associated with a DaaS service offering.

Download