NETWORK WORLD NEWSLETTER: STEVE TAYLOR AND LARRY HETTICK ON
CONVERGENCE
07/27/05
Today's focus: In the office, LAN no less secure than
traditional telephony
Dear security.world@gmail.com,
In this issue:
* Readers respond to article on VoIP and encryption, Part 2
* Links related to Convergence
* Featured reader resource
_______________________________________________________________
This newsletter is sponsored by Ciena
NetworkWorld Special Report - The Adaptive WAN: The factors
driving WAN evolution
A combination of business and technology trends are changing the
demands on the enterprise WAN. This NetworkWorld Special Report
explores some of the key business and technology trends that are
driving and enabling the evolution of the enterprise WAN and how
the enterprise WAN can become adaptive to support these trends.
http://www.fattail.com/redir/redirect.asp?CID=108802
_______________________________________________________________
SERVER BLADE BUYER'S GUIDE
Updated constantly, NW Fusion's Buyer's Guides give you the
latest information on product capabilities, features,
requirements, pricing and more. Not sure which server blade to
buy? Our server blade buyer's guide gives you the latest product
specs and let's you compare with our compare-o-matic. Click
here:
http://www.fattail.com/redir/redirect.asp?CID=108723
_______________________________________________________________
Today's focus: In the office, LAN no less secure than
traditional telephony
By Steve Taylor and Larry Hettick
In continuing our discussion of VoIP and the degree to which
encryption is needed, we heard from several readers.
One reader wrote, admittedly with a smiley attached, "A layoff
in the IT department may lead disgruntled ex-employees with
access to the right resources to eavesdrop conversations from
the executive level about their planned merger. Of course I am
stretching it a bit to make my point."
Yes, such eavesdropping is a possibility, but the same is true
of traditional telephony.
This theme was repeated by other respondents as well. A reader
wrote:
"The article used the precedence of the lack of encryption of
analog PSTN with VoIP. My view is that VoIP is in fact
'inherently unsecure' because so many people have access to the
LAN infrastructure before it goes across the WAN. Most protocol
analyzers can render a VoIP capture into an audio file for
playback. Free protocol analyzers, like Ethereal, can playback
any G.711 codec call which is almost universally used in the
corporate LAN.
"Therefore, the security focus is in the LAN, not the WAN. It's
an apples-to-oranges comparison to ask PSTN service providers if
their customers express concern with WAN encryption."
A couple of clarifications are in order here. Indeed, perhaps we
did mix apples and oranges a bit with regard to access networks
vs. infrastructure networks. But just because VoIP traffic
traverses a LAN, that does not necessarily make it any less
secure than traditional voice traversing a twisted pair to a
wiring closet.
In both cases, the potential eavesdropper must have access to
the infrastructure. We're betting that there is virtually no
"thin-net" coaxial Ethernet still in place, and LAN switches
have replaced hubs in most cases. So long as the Ethernet is
switched, the data available "on the LAN" only passes between
the sender and the receiver. That's the whole point to moving
away from shared-media LANs. (This transition was made mostly
for performance reasons - as opposed to security - but the
result is the same.) To "tap" the LAN traffic, one must have
access to the LAN infrastructure.
Wireless LANs, of course, are a topic for yet another day. But
remember that our answer will probably be related to using
wireless encryption standards for all traffic.
Here's our original story on VoIP encryption:
<http://www.networkworld.com/nlconvergence3630>
The top 5: Today's most-read stories
1. 2005 Salary Survey
<http://www.networkworld.com/nlconvergence3861>
2. Cisco to acquire Sheer Networks for $97 million
<http://www.networkworld.com/nlconvergence3862>
3. Verizon joins managed security game
<http://www.networkworld.com/nlconvergence3863>
4. Schools battle personal data hacks
<http://www.networkworld.com/nlconvergence3864>
5. Help Desk: NAT firewall
<http://www.networkworld.com/nlconvergence3865>
Today's most forwarded story:
Verizon joins managed security game
<http://www.networkworld.com/nlconvergence3866>
_______________________________________________________________
To contact: Steve Taylor and Larry Hettick
Steve Taylor is president of Distributed Networking Associates
and publisher/editor-in-chief of Webtorials. For more detailed
information on most of the topics discussed in this newsletter,
connect to Webtorials <http://www.webtorials.com/>, the premier
site for Web-based educational presentations, white papers, and
market research. Taylor can be reached at
<mailto:taylor@webtorials.com>
Larry Hettick is an industry veteran with more than 20 years of
experience in voice and data. He is Vice President for Telecom
Services and Infrastructure at Current Analysis, the leading
competitive response solutions company. He can be reached at
<mailto:lhettick@currentanalysis.com>
_______________________________________________________________
This newsletter is sponsored by Ciena
NetworkWorld Special Report - The Adaptive WAN: The factors
driving WAN evolution
A combination of business and technology trends are changing the
demands on the enterprise WAN. This NetworkWorld Special Report
explores some of the key business and technology trends that are
driving and enabling the evolution of the enterprise WAN and how
the enterprise WAN can become adaptive to support these trends.
http://www.fattail.com/redir/redirect.asp?CID=108801
_______________________________________________________________
ARCHIVE LINKS
Archives of the Convergence newsletter:
http://www.networkworld.com/newsletters/converg/index.html
_______________________________________________________________
3 Trends that will have a major impact on the WAN- impact on
business?
Join a panel of experts during this on-demand webcast for a
discussion about three of the biggest tremors on the IT
landscape - web services, networked remote storage and grid
computing - and how they are triggering exponential growth in
inter-site traffic and complicating Quality of Service (QoS)
management.
http://www.fattail.com/redir/redirect.asp?CID=108757
_______________________________________________________________
FEATURED READER RESOURCE
SIX TIPS FOR GETTING WHAT YOU DESERVE
Before you go in for your next annual review or promotion
interview, you would be wise to consider these tips for ensuring
you've got the right stuff to move ahead. Network executives
offer advice to help you gun for that next promotion and fatten
up your paycheck. Click here:
<http://www.networkworld.com/you/2005/072505-salary-side2.html>
_______________________________________________________________
May We Send You a Free Print Subscription?
You've got the technology snapshot of your choice delivered
at your fingertips each day. Now, extend your knowledge by
receiving 51 FREE issues to our print publication. Apply
today at http://www.subscribenw.com/nl2
International subscribers click here:
http://nww1.com/go/circ_promo.html
_______________________________________________________________
SUBSCRIPTION SERVICES
To subscribe or unsubscribe to any Network World e-mail
newsletters, go to:
<http://www.nwwsubscribe.com/Changes.aspx>
To change your e-mail address, go to:
<http://www.nwwsubscribe.com/ChangeMail.aspx>
Subscription questions? Contact Customer Service by replying to
this message.
This message was sent to: security.world@gmail.com
Please use this address when modifying your subscription.
_______________________________________________________________
Have editorial comments? Write Jeff Caruso, Newsletter Editor,
at: <mailto:jcaruso@nww.com>
Inquiries to: NL Customer Service, Network World, Inc., 118
Turnpike Road, Southborough, MA 01772
For advertising information, write Kevin Normandeau, V.P. of
Online Development, at: <mailto:sponsorships@nwfusion.com>
Copyright Network World, Inc., 2005
No comments:
Post a Comment