Abstract
This chapter summarizes the methods used to segregate voice and data into logically isolated networks that run over the same physical infrastructure. One of the principal advantages of converging voice and data is to save money and to simplify administration and management by running both types of traffic over the same physical infrastructure. Traffic shaping normally is associated with ensuring performance, but it also plays a role in security. Voice and data on separate logical VLANs share the same physical bandwidth. Access control lists find new utility at layer 3 of the internal networks, acting to fine-tune and control traffic. Network Address Translation (NAT) continues to be a major obstacle in VoIP migrations until Ipv6 becomes commonly adopted. Encryption across a NAT device is particularly problematic as both H.323 and SIP embed layer-3 routing and signaling information inside the IP datagram payload. Deep Packet Inspection (DPI) enhance firewall capabilities by adding the ability to dynamically open and close ports for Voice over Internet Protocol (VolP) application traffic essentially collapsing Intrusion Detection (IDS) functionality into the firewall appliance so that both a firewall and an in-line IDS are implemented on the same device.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
