Chapter 9. A Security Framework for Enterprise VoIP Networks

This chapter focuses on defining a security framework for enterprise VoIP networks to facilitate their design, deployment, and maintenance throughout the life of the implementation. The framework comprises the following:

• Security policy

• External parties

• Asset management

• Physical and environmental security

• Operations management

• Access control

• System acquisition, development, and maintenance

• Incident management

• Business continuity

• Compliance

These areas are similar to the ISO 17799/27001 standard. The standard offers an industry-acceptable approach to managing information security in an enterprise environment. In addition, some controls reflected in this framework ...

Get Securing VoIP Networks: Threats, Vulnerabilities, and Countermeasures now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.