A focus on security is essential to convergence
Like any other communications initiative, security is paramount
One of the issues that has held up broader application of voice over IP by government agencies has been a concern over the security of voice traffic running over IP networks. In the current security environment, where the threats are even more diverse, that concern also figures to be a potential brake on the development of converged communications.
Misapplied security can also badly affect VOIP performance because quality of service is fundamental to its operation. If not configured correctly, firewalls can delay or block call setups, for example, and encryption can introduce latency and garble-producing jitter.
The National Institute of Standards and Technology lays out the pros and cons of VOIP in its Special Publication 800-58, the document that forms the baseline security requirements for VOIP for all federal agencies.
“VOIP has a very different architecture than traditional circuit-based telephony, and these differences result in significant security issues,” the NIST document states. “Administrators may mistakenly assume that since digitized voice travels in packets, they can simply plug VOIP components into their already-secured networks and remain secure. However, the process is not that simple.”
One of the biggest barriers in any early discussion with agencies about VOIP and converged communications is the use of IP, said Bill Long, vice president of enterprise voice services at Level 3 Communications. They see it as voice running over the public Internet, and they have to be convinced that it is voice actually running over a private IP connection. Only after that can you talk about the tools you can use with VOIP and tricks that were never possible with time-division multiplexing.
That fear, mistaken or not, led to policies at many agencies that forbade IP voice communications. Even today, said Ron Hayes, solutions architect at Avaya Government Solutions, he runs into roadblocks because agencies still have a physical separation between voice networks and their data networks, which makes it difficult to have any meaningful discussion about such things as unified communications.
The answer is for voice and other data networks to be logically separated on the converged IP network, but convincing agencies of that solution is still an uphill battle in many cases, though there are some early glimmers of hope. Security-conscious intelligence agencies have begun to converge their networks using logically separated virtual local-area networks, said Scott Anderson, vice president of cloud strategy at Avaya Government Solutions.
“However, they’re doing that on the classified side first because that is already physically separated from the [public switched telephone network],” he said. “They are only now getting to the point where they are evaluating doing the same for the unclassified network.”
The latest version of NIST’s SP 800-58 holds out hope for broader adoption of VOIP in government because it now includes the security requirements of the Defense Department and intelligence agencies, which it previously didn’t.