Firewall Wizards mailing list archives
Re: VOIP versus PBX
From: Scott Stursa <stursa () mailer fsu edu>
Date: Thu, 21 Jul 2005 14:47:09 -0400 (EDT)
On Fri, 15 Jul 2005, Yehuda Goldenberg wrote:
Our company is looking to replace an antiquated phone system.
So far, so good.
I was leaning towards using a traditional PBX, because I figured that it would be more reliable and it wouldn't be subject to the problems of IP networks.
That's a good direction to be leaning.
One vendor is trying to get me to change my mind about that. He claims that we can keep the voice and data networks completely separate by running vlans. The IP phones have vlan switches on them and one wire can be run to each desk and the pc and the phone can be on separate vlans.
Let's hope the phones' "vlan switches" are 802.1Q compliant...
I was concerned that problems on the data network such as viruses would still bring down the whole thing, and in addition to the pcs not working, the phones wouldn't work either and it would be total mayhem. He says that QOS would make sure that the phone calls always go through even if the data network is completely dead.
Then he has a very narrow definition of "completely dead". If a network switch is Dos'd-to-99%-CPU or just plain crashed, then packets won't be getting through regardless of the value of the QOS field.
I was also concerned that the VOIP system would mean every call - even desk-to-desk would go through the internet
Probably true if the VOIP PBX is not on your premises.
and if the T1 to the internet goes down, the phones don't work. His answer to that was redundant T1 links,
Which probably will run over the same strand of fiber.
and since they are the ISP and the VOIP provider, they will give us a reliable network that won't go down. Also all the VOIP equipment on their end is redundant.
You need more than redundant equipment to guarantee reliability. They should also have redundant gateways to different POTS (Plain Old Telephone Service) carriers (after all, 99% of the calls you'll be making will be to phones on POTS). I've been doing a little research on this subject because last week I applied for a position at a university which is planning a wholesale migration to VOIP (the position is with their TeleCom dept, which apparently is recruiting in order to have some in-house IP expertise). The position posting had some supplemental questions, one of which was "What do you feel is the biggest challenge facing such a migration?" I replied that their biggest challenge would be achieving comparable reliability, and the biggest challenge to that is security. Traditional telephony systems are pretty well isolated from those seeking to disrupt them, and with VOIP you lose that inherent isolation. "It is a sad fact that too many IT systems and networks are deployed without regard for security considerations. Security is usually adressed after-the-fact, and as a result is usually inadequate. Regardless of whether you select me for your position, I hope you recognize the need to engineer-in security from the start..." Which pretty much guarantees I won't get the position, 'cause we all know that most folks outside our profession regard ITsec as an inconvenient obstacle to doing their job. So I don't feel I'm risking much, by stating in this public forum: Don't do it. Stick with a traditional (non-VOIP) PBX. Regards, - SLS p.s. ran across this while looking into VOIP: http://www.boingboing.net/2005/06/28/voipinacan_sysco_ip_.html ------------------------------------------------------------------------ Scott L. Stursa 850/644-2591 Network Security Analyst stursa () mailer fsu edu OTI Enterprise Security Group Florida State University - No good deed goes unpunished - _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- VOIP versus PBX Yehuda Goldenberg (Jul 21)
- Message not available
- Re: VOIP versus PBX Marcus J. Ranum (Jul 21)
- Re: VOIP versus PBX Mark Teicher (Jul 21)
- Re: VOIP versus PBX Marcus J. Ranum (Jul 21)
- Message not available
- Re: VOIP versus PBX Scott Stursa (Jul 21)
- Re: VOIP versus PBX Patrick M. Hausen (Jul 21)
- <Possible follow-ups>
- FW: VOIP versus PBX Yehuda Goldenberg (Jul 21)
- Re: FW: VOIP versus PBX Paul D. Robertson (Jul 21)
- Re: FW: VOIP versus PBX Michael H (Jul 21)
- Re: FW: VOIP versus PBX Paul D. Robertson (Jul 21)
- Re: FW: VOIP versus PBX Michael H (Jul 21)
- Re: VOIP versus PBX Elizabeth Zwicky (Jul 21)
- Re: VOIP versus PBX Paul D. Robertson (Jul 21)
- Re: FW: VOIP versus PBX Paul D. Robertson (Jul 21)
- Re: FW: VOIP versus PBX Devdas Bhagat (Jul 22)