ABSTRACT
The introduction Voice over Internet Protocol (VoIP) provides the ability for companies to have both
data and voice packets on the same network. Voice is digitized (coded) into packets, and sent as data
through the network, then converted back to analog voice at the receiving Internet Protocol (IP) phone
or headset. The VoIP packets are then susceptible to the same security risks as data networks, such as
denial-of-service (DoS) attacks, network sniffing, man-in-the-middle attacks, and IP spoofing. The VoIP
infrastructure must be hardened to prevent such attacks. This chapter reviews the security measures that
the security manager must take to protect VoIP devices.
