Pro And Cons Of Security Measure Information Technology Essay
This work requires the student execute a limited research based assignment in Network security. This work should be a conference style paper. Suggested Topics are given below. However, the work should reflect real thought and effort. The grade will be based on the following factors: novelty, depth, correctness, clarity of presentation, and effort. Students can select any other topics relevant to network security other than listed below with the approval of the module leader.
In this paper student should explain the Security issues relevant to their topics and should analyze any two of the security tools/measures widely used to overcome those issues. More emphasize is given to the analysis of pros and cons of the security measures followed where a thorough knowledge/understanding of the problem and its countermeasures are gained.
Introduction
Voice over Internet Protocol also known as Voice over IP, IP Telephony or VoIP and it started by a small company called Vocaltec, Inc in February 1995 from Israel. [Joe Hallock, A Brief History of VoIP] By that time, it will be the first internet phone software. Vocaltec aims are to provide user to makes phone call from one computer to another computer using sound card, microphone and speaker. This VoIP software created by Vocaltec only works when both caller and the receiver have the same setup software installed.
VoIP is design for deliver the voice communication and multimedia session over the Internet Protocol and it is also categorized as one of the internet technology, communication protocol and transmission technology. In simpler terms, VoIP converts the voice signal from your telephone into a digital signal that travels over the Internet. There are three types of VoIP tools that are commonly used; IP Phones, Software VoIP and Mobile and Integrated VoIP. The IP Phones are the most institutionally established but still the least obvious of the VoIP tools. Of all the software VoIP tools that exist, Skype is probably the most easily identifiable.
The use of software VoIP has increased during the global recession as many persons, looking for ways to cut costs have turned to these tools for free or inexpensive calling or video conferencing applications. Software VoIP can be further broken down into three classes or subcategories; Web Calling, Voice and Video Instant Messaging and Web Conferencing. Mobile and Integrated VoIP is just another example of the adaptability of VoIP. VoIP is available on many smartphones and internet devices so even the users of portable devices that are not phones can still make calls or send SMS text messages over 3G or WIFI.[2]
One of the most significant advantages of VoIP (over a traditional public switched telephone network (PSTN – also known as a legacy networks) is that one can make a long distance phone call and bypass the toll charge. This integrated voice/data solution allows large organizations (with the funding to make the transfer from a legacy network to a VoIP network) to carry voice applications over their existing data networks.
VoIP telephone systems are susceptible to attacks as are any internet-connected devices. This means that hackers who know about these vulnerabilities (such as insecure passwords) can institute denial-of-service attacks, harvest customer data, record conversations and break into voice mailboxes.[26]
Another challenge is routing VoIP traffic through firewalls and network address translators. Private Session Border Controllers are used along with firewalls to enable VoIP calls to and from protected networks. For example, Skype uses a proprietary protocol to route calls through other Skype peers on the network, allowing it to traverse symmetric NATs and firewalls. Other methods to traverse NATs involve using protocols such as STUN or ICE.
Many consumer VoIP solutions do not support encryption, although having a secure phone is much easier to implement with VoIP than traditional phone lines. As a result, it is relatively easy to eavesdrop on VoIP calls and even change their content.[27] An attacker with a packet sniffer could intercept your VoIP calls if you are not on a secure VLAN. However, physical security of the switches within an enterprise and the facility security provided by ISPs make packet capture less of a problem than originally foreseen. Further research has shown that tapping into a fiber optic network without detection is difficult if not impossible. This means that once a voice packet is within the internet backbone it is relatively safe from interception.
There are open source solutions, such as Wireshark, that facilitate sniffing of VoIP conversations. A modicum of security is afforded by patented audio codecs in proprietary implementations that are not easily available for open source applications[citation needed]; however, such security through obscurity has not proven effective in other fields.[citation needed] Some vendors also use compression, which may make eavesdropping more difficult.[citation needed] However, real security requires encryption and cryptographic authentication which are not widely supported at a consumer level. The existing security standard Secure Real-time Transport Protocol (SRTP) and the new ZRTP protocol are available on Analog Telephone Adapters (ATAs) as well as various softphones. It is possible to use IPsec to secure P2P VoIP by using opportunistic encryption. Skype does not use SRTP, but uses encryption which is transparent to the Skype provider[citation needed]. In 2005, Skype invited a researcher, Dr Tom Berson, to assess the security of the Skype software, and his conclusions are available in a published report.[28]
The Voice VPN solution provides secure voice for enterprise VoIP networks by applying IPSec encryption to the digitized voice stream. The IAX2 protocol also supports end-to-end AES-256 encryption natively.
Traditional enterprise telecommunications networks used to be viewed as relatively secure because you practically needed to be within physical reach to gain access to them. Sure, things like toll fraud and war dialing were problematic, but those were easily remedied by longer or more complicated passwords and other access controls. The age of converged networks has changed that – with voice now traveling over IP networks (VoIP). These converged networks inherit all the security weaknesses of the IP protocol (spoofing, sniffing, denial of service, integrity attacks, and so on). In addition, voice quality and confidentiality are potentially affected by common data network problems such as worms and viruses. Converged networks also offer an array of new vectors for traditional exploits and malware, as each IP endpoint becomes a
potential point of network entry.
Internet telephony refers to communications services-voice, fax, SMS, and/or voice-messaging applications-that are transported via the Internet, rather than the public switched telephone network (PSTN). The steps involved in originating a VoIP telephone call are signaling and media channel setup, digitization of the analog voice signal, encoding, packetization, and transmission as Internet Protocol (IP) packets over a packet-switched network. On the receiving side, similar steps (usually in the reverse order) such as reception of the IP packets, decoding of the packets and digital-to-analog conversion reproduce the original voice stream.[1]
VoIP systems employ session control protocols to control the set-up and tear-down of calls as well as audio codecs which encode speech allowing transmission over an IP network as digital audio via an audio stream. The codec used is varied between different implementations of VoIP (and often a range of codecs are used); some implementations rely on narrowband and compressed speech, while others support high fidelity stereo codecs.
Technical review
In term of security issues, VoIP encounter numerous of issues reported and some of it can lead into big loss to a company. Below are some of the security issues that discuss in this research.
Service Theft
The most basic thing a hacker can do with your VoIP service is to steal it. In doing so, the perpetrator can make free calls and possibly start off a new VoIP telephony business of his/her own at “amazingly cheap rates”–just like the first criminal who was charged with hacking VoIP 1. Service theft is relatively easy with VoIP because the Session Initiation Protocol (SIP) that is used for authentication in VoIP calls does not use encryption by default.
Identity Theft
Close on the heels of service theft is the risk of identity theft. If someone can steal a service, they have everything else they need to steal the identity of the person(s) using the service. Accounts as basic as utilities and as critical as financial loans are often tied to a specific phone number. If all else fails, the hacker can, at a minimum, gather sig-nificant information about the target individual(s) to be able to take the next step towards stealing the person’s identity.
Eavesdropping
One might remember when tapping a phone required some serious instruments that needed to be installed at the right places while at the same time the person “bugging” the phone would have to make sure that nobody watches him/her in action. This procedure is a lot easier with VoIP. The instrument might still look like a phone and work like a phone, but “tapping” this phone is not at all difficult for someone with the right knowhow and tools and the wrong intentions.
Hackers today can take control over several VoIP features such as voicemail, call forwarding, caller ID, call forward-ing, calling plan selection, and billing details. Stealing the VoIP service to enable free calls is actually much less prof-itable and desirable for hackers. Instead, with businesses increasingly using VoIP, sensitive corporate information is now the target. VoIP packets flow over networks like packets of data that can be “sniffed” just like regular data pack-ets. These packets can then be merged together to play the voice conversation in a normal media player software. Mix VoIP hacking with corporate espionage and you end up with a very lucky and enabled hacker.
Vishing
Vishing is the criminal practice of using social engineering over the telephone system, most often using features facilitated by Voice over IP (VoIP), to gain access to private personal and financial information from the public for the purpose of financial reward.
What if you were to receive a call from your bank or your credit card company that had an automated voice at the other end asking you to enter your debit/credit card number, PIN, and other details? Chances are you might comply with the request. Better still, if you were the person making the call to your phone banking number then these chances are actually quite high considering the fact that you were the person making the call.
In both these cases, a Vishing attack could have been launched using VoIP that could lead you to believe that you’re calling an entity that you trust. Specifically in the second case, redirecting your call to a “Visher” would actually be much easier if you use a VoIP based phone.
Denial of Service
One VoIP hacking method that can cause significant frustration and losses to businesses is the Denial of Service. As the name suggests, the main aim of the hacker is to ensure that your organization is denied the usage of your VoIP telephony service.
Voice calls made by an organization can be manipulated, tampered, and even dropped. Hackers can even flood the target VoIP infrastructure with several call-signaling SIP messages. Many times, these DoS attacks are actually a smokescreen for hackers to plant malware or even take control of systems in the background.
Spyware and Malware
VoIP infrastructure rests on the same architecture as a normal computer system. Essentially, the issues that a normal computer system can face are quite applicable to VoIP infrastructures as well. Top of the list is spyware and malware. Consider the example of a software application that is used to enable VoIP telephony.
A user would have to run this software over a computer, a PDA, an iPhone, or such. This introduces the vulnerabil-ity of falling prey to viruses, spyware, malware, worms, and just about all forms of malicious code.
SPAM
Spam exists with VoIP, although it is known as SPIT or Spam over Internet Telephony. While more typically just an annoyance, SPIT does at times carry viruses and malware, just like spam. While the occurrence of SPIT is not very common today, trends definitely dictate that SPIT is heading in the direction of SPAM.
VoIP telephone systems are susceptible to attacks as are any internet-connected devices. This means that hackers who know about these vulnerabilities (such as insecure passwords) can institute denial-of-service attacks, harvest customer data, record conversations and break into voice mailboxes.[26]
Another challenge is routing VoIP traffic through firewalls and network address translators. Private Session Border Controllers are used along with firewalls to enable VoIP calls to and from protected networks. For example, Skype uses a proprietary protocol to route calls through other Skype peers on the network, allowing it to traverse symmetric NATs and firewalls. Other methods to traverse NATs involve using protocols such as STUN or ICE.
Many consumer VoIP solutions do not support encryption, although having a secure phone is much easier to implement with VoIP than traditional phone lines. As a result, it is relatively easy to eavesdrop on VoIP calls and even change their content.[27] An attacker with a packet sniffer could intercept your VoIP calls if you are not on a secure VLAN. However, physical security of the switches within an enterprise and the facility security provided by ISPs make packet capture less of a problem than originally foreseen. Further research has shown that tapping into a fiber optic network without detection is difficult if not impossible. This means that once a voice packet is within the internet backbone it is relatively safe from interception.
There are open source solutions, such as Wireshark, that facilitate sniffing of VoIP conversations. A modicum of security is afforded by patented audio codecs in proprietary implementations that are not easily available for open source applications[citation needed]; however, such security through obscurity has not proven effective in other fields.[citation needed] Some vendors also use compression, which may make eavesdropping more difficult.[citation needed] However, real security requires encryption and cryptographic authentication which are not widely supported at a consumer level. The existing security standard Secure Real-time Transport Protocol (SRTP) and the new ZRTP protocol are available on Analog Telephone Adapters (ATAs) as well as various softphones. It is possible to use IPsec to secure P2P VoIP by using opportunistic encryption. Skype does not use SRTP, but uses encryption which is transparent to the Skype provider[citation needed]. In 2005, Skype invited a researcher, Dr Tom Berson, to assess the security of the Skype software, and his conclusions are available in a published report.[28]
The Voice VPN solution provides secure voice for enterprise VoIP networks by applying IPSec encryption to the digitized voice stream. The IAX2 protocol also supports end-to-end AES-256 encryption natively.
Securing VoIP
To prevent the above security concerns government and military organizations are using Voice over Secure IP (VoSIP), Secure Voice over IP (SVoIP), and Secure Voice over Secure IP (SVoSIP) to protect confidential and classified VoIP communications.[29] Secure Voice over IP is accomplished by encrypting VoIP with Type 1 encryption. Secure Voice over Secure IP is accomplished by using Type 1 encryption on a classified network, like SIPRNet.[30][31][32][33][34] Public Secure VoIP is also available with free GNU programs.[35]
[edit]Caller ID
Caller ID support among VoIP providers varies, although the majority of VoIP providers now offer full Caller ID with name on outgoing calls.
In a few cases, VoIP providers may allow a caller to spoof the Caller ID information, potentially making calls appear as though they are from a number that does not belong to the caller[36] Business grade VoIP equipment and software often makes it easy to modify caller ID information. Although this can provide many businesses great flexibility, it is also open to abuse.
The “Truth in Caller ID Act” has been in preparation in the US Congress since 2006, but as of January 2009 still has not been enacted. This bill proposes to make it a crime in the United States to “knowingly transmit misleading or inaccurate caller identification information with the intent to defraud, cause harm, or wrongfully obtain anything of value …”[37]
[edit]Compatibility with traditional analog telephone sets
Some analog telephone adapters do not decode pulse dialing from older phones. They may only work with push-button telephones using the touch-tone system. The VoIP user may use a pulse-to-tone converter, if needed.[38]
[edit]Fax handling
Support for sending faxes over VoIP implementations is still limited. The existing voice codecs are not designed for fax transmission; they are designed to digitize an analog representation of a human voice efficiently. However, the inefficiency of digitizing an analog representation (modem signal) of a digital representation (a document image) of analog data (an original document) more than negates any bandwidth advantage of VoIP. In other words, the fax “sounds” simply do not fit in the VoIP channel. An alternative IP-based solution for delivering fax-over-IP called T.38 is available.
The T.38 protocol is designed to compensate for the differences between traditional packet-less communications over analog lines and packet based transmissions which are the basis for IP communications. The fax machine could be a traditional fax machine connected to the PSTN, or an ATA box (or similar). It could be a fax machine with an RJ-45 connector plugged straight into an IP network, or it could be a computer pretending to be a fax machine.[39] Originally, T.38 was designed to use UDP and TCP transmission methods across an IP network. TCP is better suited for use between two IP devices. However, older fax machines, connected to an analog system, benefit from UDP near real-time characteristics due to the “no recovery rule” when a UDP packet is lost or an error occurs during transmission.[40] UDP transmissions are preferred as they do not require testing for dropped packets and as such since each T.38 packet transmission includes a majority of the data sent in the prior packet, a T.38 termination point has a higher degree of success in re-assembling the fax transmission back into its original form for interpretation by the end device. This in an attempt to overcome the obstacles of simulating real time transmissions using packet based protocol.[41]
There have been updated versions of T.30 to resolve the fax over IP issues, which is the core fax protocol. Some newer high end fax machines have T.38 built-in capabilities which allow the user to plug right into the network and transmit/receive faxes in native T.38 like the Ricoh 4410NF Fax Machine.[42] A unique feature of T.38 is that each packet contains a portion of the main data sent in the previous packet. With T.38, two successive lost packets are needed to actually lose any data. The data you lose will only be a small piece, but with the right settings and error correction mode, there is an increased likelihood that you will receive enough of the transmission to satisfy the requirements of the fax machine for output of the sent document.
[edit]Support for other telephony devices
Another challenge for VoIP implementations is the proper handling of outgoing calls from other telephony devices such as Digital Video RecordersDVR boxes, satellite television receivers, alarm systems, conventional modems and other similar devices that depend on access to a PSTN telephone line for some or all of their functionality.
These types of calls sometimes complete without any problems, but in other cases they fail. If VoIP and cellular substitution becomes very popular, some ancillary equipment makers may be forced to redesign equipment, because it would no longer be possible to assume a conventional PSTN telephone line would be available in consumer’s homes.
Improving Your VoIP
The key to securing a VoIP infrastructure is to remember that it involves sending voice over the Internet Protocol (IP). So, the way to secure it is quite similar to the way you deal with an IP data network. Here are the key aspects to keep in mind when securing a VoIP infrastructure –
Encryption
VoIP packets, by default, are transmitted in clear-text and so encryption is vital to ensure confidentiality. VoIP in-frastructures based on Secure Real-time Transport Protocol (SRTP) take a step ahead of the unencrypted SIP and en-sure that VoIP traffic privacy and confidentiality is maintained. Alternatively, encryption in the form of Transport Layer Security (TLS) or Internet Protocol Security (IPSec) can also make a great difference.
Network Design
A basic rule of thumb to remember is to logically separate voice and data networks. The best case scenario would be to let the VoIP infrastructure have its own isolated network with only the minimum necessary interactions with other sub-networks via secure firewalls. Having dedicated VoIP servers with audited and hardened operating systems and all unnecessary services disabled is the next step to fortifying your VoIP infrastructure.
Soft Phones
Soft phones add to an administrator’s misery by offering another end point that needs to be secured. The ideal solu-tion is to avoid using Soft phones altogether.
If they must be used, ensure that they are fully hardened and patched at all times. While it adds an additional bur-den, it is absolutely paramount to the security of the VoIP infrastructure.
Hard Phones
Hard phones offer a great alternative to soft phones, especially when coupled with private branch exchange (PBX) systems running on a hardened and, preferably, dedicated server. Periodic checks and updates are essential to ensure that the IP-PBX and IP Phone firmware is fully patched.
Physical Security
This is an often understated aspect of VoIP security. While an organization can spend countless hours and resources securing the medium of transmission, it is critical to also ensure the physical security of the enabling infrastructure components like the hard phones, the VoIP servers, and any other device that directly or indirectly supports the VoIP infrastructure. Physical security can become the Achilles heel of your VoIP infrastructure if it is not respected.
Defaults and Passwords
More often than not, default passwords and settings are not secure. These defaults are created with a generic scenario in mind and will most likely not fit the requirements and customization that your organization demands. It is impor-tant to replace all default passwords with strong passwords that are at least eight characters long, and employ a com-bination of uppercase letters, lowercase letters, numbers, and special characters. This should be further bolstered by good password policies and robust identity management.
Voice Messaging Systems and Storage
One typical area that is easy to miss is the security of calls that are stored on voice messaging systems. Ensure that the voice message boxes of all users require that the password be changed each time the service is used. It might cause a bit of inconvenience, but it will also offer a mile of improved security. It is also important to secure the storage of voice messages by performing periodic checks and audits to look for exploitable holes.
Vulnerability Assessments
Last, but most important, a periodic vulnerability assessment of the VoIP infrastructure can ensure that no holes have emerged due to the ever-changing nature of business requirements and the networks that support them. Inde-pendent audits can often provide useful insights into the state of the VoIP infrastructure and serve as an additional piece of “evidence of due diligence” in the regulatory compliance armory.
Make VoIP Work For You
VoIP has truly been a genuine money saver for businesses all over the world and the world is a smaller place, in part thanks to VoIP technology. The security issues around VoIP are serious and very real. However, taking the right steps and countermeasures can truly help your organization make the most of VoIP.
The Internet is like alcohol in some sense. It accentuates what you would do anyway. If you want to be a loner, you can be more alone. If you want to connect, it makes it easier to connect.
Research Methodology
Secondary resources such as journal, white paper and thesis are being use in this research to analyze and further study in order to produce this research.
Evaluation
VoIP Sniffing Tools
VoIP Scanning and Enumeration Tools
VoIP Fuzzing Tools
VoIP Sniffing Tools
AuthTool – Tool that attempts to determine the password of a user by analyzing SIP traffic.
Cain & Abel – Multi-purpose tool with the capability to reconstruct RTP media calls.
CommView VoIP Analyzer – VoIP analysis module for CommView that is suited for real-time capturing and analyzing Internet telephony (VoIP) events, such as call flow, signaling sessions, registrations, media streams, errors, etc.
Etherpeek – general purpose VoIP and general ethernet sniffer.
ILTY (“I’m Listening To You”) – Open-source, multi-channel SKINNY sniffer.
NetDude – A framework for inspection, analysis and manipulation of tcpdump trace files.
Oreka – Oreka is a modular and cross-platform system for recording and retrieval of audio streams.
PSIPDump – psipdump is a tool for dumping SIP sessions (+RTP traffic, if available) from pcap to disk in a fashion similar to “tcpdump -w”.
rtpBreak – rtpBreak detects, reconstructs and analyzes any RTP session through heuristics over the UDP network traffic. It works well with SIP, H.323, SCCP and any other signaling protocol. In particular, it doesn’t require the presence of RTCP packets.
SIPomatic – SIP listener that’s part of LinPhone
SIPv6 Analyzer – An Analyzer for SIP and IPv6.
UCSniff – UCSniff is an assessment tool that allows users to rapidly test for the threat of unauthorized VoIP eavesdropping. UCSniff supports SIP and Skinny signaling, G.711-ulaw and G.722 codecs, and a MITM ARP Poisoning mode.
VoiPong – VoIPong is a utility which detects all Voice Over IP calls on a pipeline, and for those which are G711 encoded, dumps actual conversation to separate wave files. It supports SIP, H323, Cisco’s Skinny Client Protocol, RTP and RTCP.
VoIPong ISO Bootable – Bootable “Live-CD” disc version of VoIPong.
VOMIT – The vomit utility converts a Cisco IP phone conversation into a wave file that can be played with ordinary sound players.
Wireshark – Formerly Ethereal, the premier multi-platform network traffic analyzer.
WIST – Web Interface for SIP Trace – a PHP Web Interface that permits you to connect on a remote host/port and capture/filter a SIP dialog.
VoIP Scanning and Enumeration Tools
EnableSecurity VoIPPack for CANVAS – VoIPPack is a set of tools that are designed to work with Immunity CANVAS. The tools perform scans, enumeration, and password attacks.
enumIAX – An IAX2 (Asterisk) login enumerator using REGREQ messages.
iaxscan – iaxscan is a Python based scanner for detecting live IAX/2 hosts and then enumerating (by bruteforce) users on those hosts.
iWar – IAX2 protocol Wardialer
Nessus – The premier free network vulnerability scanner.
nmap – the premier open source network port scanner.
Passive Vulnerability Scanner – The Tenable Passive Vulnerability Scanner (PVS) can find out what is happening on your network without actively scanning it. PVS detects the actual protocol, various administrative interfaces, and VoIP scanner(s). Currently includes over 40 VoIP checks.
SCTPScan – This tool enumerates open SCTP ports without establishing a full SCTP association with the remote host. You can also scan whole networks to find SCTP-speaking machines.
SIP Forum Test Framework (SFTF) – The SIP Forum Test Framework (SFTF) was created to allow SIP device vendors to test their devices for common errors.
SIP-Scan – A fast SIP network scanner
SIPcrack – SIPcrack is a SIP protocol login cracker. It contains 2 programs, SIPdump to sniff SIP logins over the network and SIPcrack to bruteforce the passwords of the sniffed login.
Sipflanker – Sipflanker will help you find SIP devices with potentially vulnerable Web GUIs in your network.
SIPSCAN – SIPSCAN is a SIP username enumerator that uses INVITE, REGISTER, and OPTIONS methods.
SIPVicious Tool Suite – svmap, svwar, svcrack – svmap is a sip scanner. It lists SIP devices found on an IP range. svwar identifies active extensions on a PBX. svcrack is an online password cracker for SIP PBX
SiVuS – A SIP Vulnerability Scanner.
SMAP – SIP Stack Fingerprinting Scanner
VLANping – VLANPing is a network pinging utility that can work with a VLAN tag.
VoIPAudit – VoIP specific scanning and vulnerability scanner.
VoIP Fuzzing Tools
Asteroid – this is a set of malformed SIP methods (INVITE, CANCEL, BYE, etc.) that can be crafted to send to any phone or proxy.
Codenomicon VoIP Fuzzers – Commercial versions of the free PROTOS toolset
Fuzzy Packet – Fuzzy packet is a tool to manipulate messages through the injection, capturing, receiving or sending of packets generated over a network. Can fuzz RTP and includes built-in ARP poisoner.
Interstate Fuzzer – VoIP Fuzzer
Mu Dynamics VoIP, IPTV, IMS Fuzzing Platform – Fuzzing appliance for SIP, Diameter, H.323 and MGCP protocols.
ohrwurm – ohrwurm is a small and simple RTP fuzzer.
PROTOS H.323 Fuzzer – a java tool that sends a set of malformed H.323 messages designed by the University of OULU in Finland.
PROTOS SIP Fuzzer – a java tool that sends a set of malformed SIP messages designed by the University of OULU in Finland.
SIP Forum Test Framework (SFTF) – SFTF was created to allow SIP device vendors to test their devices for common errors. And as a result of these tests improve the interoperability of the devices on the market in general.
Sip-Proxy – Acts as a proxy between a VoIP UserAgent and a VoIP PBX. Exchanged SIP messages pass through the application and can be recorded, manipulated, or fuzzed.
Spirent ThreatEx – a commercial protocol fuzzer and ribustness tester.
VoIPER – VoIPER is a security toolkit that aims to allow developers and security researchers to easily, extensively and automatically test VoIP devices for security vulnerabilties.
Differences in how security countermeasures are applied
Discussion
The Advantages and Disadvantages of VoIP
VoIP has many advantages over a regular phone service. However, like any emerging technology, there are still a few kinks in the system. However, as standards are developed it becomes more reliable and achieves greater acceptance. It is inevitable that VoIP will eventually replace traditional phone service – in fact, phone companies are already taking advantage of the technology to offer cheaper long distance rates.
Advantages
One of the main advantages of VoIP is the low cost. If you have a fast Internet connection (DSL or cable) you can make PC-to-PC (computer to computer) phone calls anywhere in the world for free. If you wish to make a PC-to-phone (computer to phone) connection, however, there’s usually a charge for this but probably much cheaper than your regular phone service.
You can also sign up with a VoIP service provider which charges a monthly fee in return for unlimited calls within a certain geographic area. For example, some VoIP services in the United States allow you to call anywhere in North America at no extra charge. Overseas calls are charged at a relatively small rate.
Another advantage of VoIP is portability. You can make and receive phone calls wherever there is a broadband connection simply by signing in to your VoIP account. This makes VoIP as convenient as e-mail – if you are travelling, simply pack a headset or Internet phone and you can talk to your family or business associates for almost nothing.
Phone-to-phone VoIP is also portable. When you sign up with a VoIP service provider the Internet phone or adaptor that is used with that service is assigned a unique number. This ‘phone number’ remains valid even if your VoIP service is in Cleveland and you are connected to the Internet in Bangkok. An Internet phone is small and light enough to take with you anywhere. Simply plug it into a broadband connection anywhere in the world and you can make and receive calls just as though you were in your own home or office.
There are many other features that make VoIP attractive. Call forwarding, call waiting, voicemail, caller ID and three-way calling are some of the many services included with Internet telephone at no extra charge. You can also send data such as pictures and documents at the same time you are talking on the phone.
Learn more about what’s possible at this VoIP Voice over Internet Protocol page.
Disadvantages
With all this going for it, it’s a wonder that anybody still uses regular phone services. However, there are a few disadvantages to VoIP. Continuous service during a power outage and emergency calls are two of the biggest problems.
During a blackout a regular phone is kept in service by the current supplied through the phone line. This is not possible with Internet phones, so when the power goes out, there is no VoIP phone service. One solution to this problem is to use battery backups or power generators to provide electricity.
Another major concern involves emergency 911 calls. Traditional phone equipment can trace your location. Emergency calls are diverted to the nearest call center where the operator can see your location in case you can’t talk. With VoIP, however, their is currently no way to determine where your Internet phone call is originating from, so most VoIP services cannot be used for emergency calls. There is an emerging standard called e911, however, which attempts to address this issue.
VoIP also has problems with sound quality and reliability. Data sent across the Internet usually arrives at its destination in a scrambled order. This is not a problem for e-mail or documents because the data can be reassembled in the correct order once it has all arrived.
Voice data can also arrive in a scrambled order but this is more of a problem because of the real-time nature of VoIP. In order to make voice connections with the least amount of delay, some packets may have to be dropped if they don’t arrive in time. This can cause short periods of silence in the audio stream.
The amount of data that is lost depends on the distance and speed of the connection. Some networks receive a lot of traffic and are more likely to cause dropouts in the audio stream. Creating dedicated data paths is one way to provide high quality audio connections.
All these disadvantages will be overcome in time. There is a tremendous amount of work being done to increase the reliability and usefulness of VoIP. By 2007 most of the kinks will be worked out and VoIP will receive widespread consumer acceptance.
Conclusion
Order Now