« Building a reseller channel with VARS - give them what they want | Main | The new Yogi Berra - Jorge Posada »

July 12, 2007

NAC and VOIP

Tim Greene's NAC column makes I think a lame point about how "NAC protection extends to VoIP".  The gist of Tim's article is that by stopping devices which could launch bot driven DOS attacks against VOIP equipment, NAC is helping to protect VoIP. Tim also mentions that by scanning (Tim scanning is something vulnerability management products do, NAC tests devices) servers necessary for VoIP, they again help provide protection for VoIP.

Until NAC products can actually recognize and test VOIP gear, the protection they provide for VoIP is ancillary at best.  To say anything more than that is to just rev up the hype around NAC and give people the false impression that NAC is a magic bullet, which in turn only leads to frustration and disappointment.

Now that is not to say that NAC will not test VoIP equipment.  In fact our own Safe Access NAC product has had tests for Avaya soft phones for some time.  We are also working on tests for several other VoIP phone brands.  I think in 2008 we will see other NAC vendors follow our lead, jump on the bandwagon and offer testing and perhaps even remediation for VoIP gear.  BTW, I am not talking about Nessus type scans for VoIP gear which anyone can do today without the need for NAC.

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a00d83451e4d369e200e008d6cdfc8834

Listed below are links to weblogs that reference NAC and VOIP:

» NAC's Role in Protecting VoIP from En Garde!
Tim Greene's column on the relationship between NAC and VoIP and Alan Shimel's blog response both took a fairly narrow view of how NAC can help protect VoIP systems. The perspective in both cases is limited to a more admission-focused [Read More]

Comments

My Photo

Subscribe to my blog

Enter your email address:

Delivered by FeedBurner

Lijit Search

Blog Networks

Creative Commons License
This work is licensed under a Creative Commons Attribution-Share Alike 2.5 License.

Search

Lijit Search

Attend a Computer Forensics Boot Camp to better your skills and become a better worker
Blog powered by TypePad
Member since 10/2005