As businesses begin to acknowledge the benefits of converged networks, they are looking toward full or partial upgrades, creating a single network environment for voice, data, video, building management systems and power.
This is according to Andre Maree, MD of KSS. He says, however, since all mission-critical systems must make use of a single infrastructure in a converged environment, questions arise: How safe is a converged network architecture and does it make the business more vulnerable to risk than traditionally disparate networks?
According to Maree, analysing the security risks posed by previously disparate networks enables a reasoned comparison. He cites an analogue phone call as an example: "Tapping into a landline call is a relatively simple exercise. Protecting businesses against this type of threat is complex and costly.
"Most of us have heard of the infamous 'Squidgygate' conversation between the late Princess of Wales and James Gilbey, a classic example of how easy it is to tap into an analogue conversation. The cost and inconvenience of using the 'scrambling' technology needed to prevent such unsolicited tapping into a conversation was a hindering factor and it was generally limited to military operations."
He adds there is a perception that converging voice and video onto a data network increases the overall security risk. This is due to the fact that much publicity is given to the many threats posed to the corporate or data network, including viruses, hackers and other malicious activities. In reality, it is easier and more cost effective to protect an organisation against these threats if all their information - data, voice and video - resides on the data network.
"The information transmitted on the data or Internet Protocol (IP) network is transmitted in IP packets - irrespective of whether it is voice, video or data - and it is all digital," he says. On an IP network, the same disciplines that apply and tools that are used to protect data can now be used to protect the voice and video communications as they all reside in the digital IP domain.
According to him, this represents a significant saving, since a single set of security tools and technologies can be used to protect the converged network, rather than having to deploy different technologies to protect the separate voice and video networks. It builds on the principle of convergence - doing more with less.
Maree says encryption is not new: "We use it in the data world all the time, in conjunction with VPN. We are so used to encrypting data, it can now be used to encrypt data that represents voice and data."
Encryption technology can also be used, largely unchanged, to protect voice and video communications, thus preventing breaches in confidentiality. In most IP telephony environments, encryption technology is available and can be applied transparently to a telephone call where sensitive issues or information are discussed.
He says the emergence of the mobile worker has further raised security concerns with regard to the possible loopholes created by enabling remote access to the corporate network. "Again, irrespective of whether the information transferred is voice, video or data, conventional security solutions can deliver the necessary protection. VPNs based on standard encryption techniques are often used to bolster security for remote access or the transfer of any form of information."
In addition, it is easier to create an audit trail within the digital domain than an analogue domain. IP-based systems keep track of who is accessing what information on the network, making it easier to identify any breaches, especially internal violations.
Finally, he says it is imperative to break the perception that a converged network creates security vulnerabilities for the additional mediums, voice and video, that now make use of the single network architecture.
"In fact, it is completely the opposite. A secure, converged network can only be built on a secure non-converged IP network. Ensure all your security bases are covered on the IP network and the rest will be taken care of."
Related stories:
Wireless e-mail to the masses
SOA drives IT spend
Share