After the VPNs are considered, the next step is to make sure that the Voice over Internet Protocol (VoIP) is encrypted in the secure tunnel. Eavesdropping and manipulation of the voice is relatively easy if the voice can be captured in the clear. Replay attacks are also a possible risk unless the voice is encrypted. Although encryption involved a cipher code that will add overhead (and overhead equates to latency), one should not neglect this area. Encryption is used to ensure confidentiality, assure the integrity of the VoIP, provide that the person is authenticated and is who he/she says he/she is, and finally guarantee nonrepudiation of the VoIP. Vendors are now including certificates that can ...