VoIP and data traffic merging

Posted on 2012-09-17
Last Modified: 2012-09-21
I've been told by one of our guys in IT that our VoIP network is separated from the data network using a VLAN.  From what I understand for security these two networks should never interact with each other (unless through firewalls etc perhaps?).

Last week one of the guys who administrates the VoIP setup told me that certain services like DHCP are shared services so they are used by the data network and the VoIP network.  Is this acceptable or can this pose a significant security risk?
Question by:jdc1944
    LVL 17

    Assisted Solution

    If properly implemented, a VLAN is a perfectly acceptable way to securely separate voice an data traffic.  Things like DHCP must be shared, but pose no additional security risk.  Both the VoIP phones and the computers on the network need to get an IP address via DHCP.  You do not need to separate them with a firewall.

    The VoIP and data vendors really do have this figured out now - after about 14 years of learning the best ways to accomplish it.
    LVL 20

    Accepted Solution

    Depends what you think a significant security risk is.

    I don't have any firewalls between my voice and data network, I pretty much only split them for Quality of Service and to make sure my voice vlan is not affected by any data.

    Sure, the IP phones are just any other endpoint and should be secured, but the same thing can be said about printers and any other network devices. Do you have your printers behind a firewall from the rest of your network?

    Most likely, and as I've seen it 100% of the time, your only firewall is the one between the internet and your internal network.

    Featured Post

    Maximize Your Threat Intelligence Reporting

    Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

    Join & Write a Comment

    There are some basic methods for preventing attacks on, hacking of and unauthorized access to a network -- maybe not completely, but up to a certain level. Start with a well-reputed firewall and unified threat management (UTM) system -- a gateway…
    Skype is a P2P (Peer to Peer) instant messaging and VOIP (Voice over IP) service – as well as a whole lot more.
    It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
    To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

    729 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    18 Experts available now in Live!

    Get 1:1 Help Now