Introduction to Business VoIP Solution

In recent years, VoIP begins to attract businesses, especially those services such as call centers. The migration of companies to such technology is not for nothing. The purpose is primarily is: minimize the cost of communications; use the same network to deliver data, voice, and images; costs and simplify configuration and support. Many providers offer some solutions that enable companies to migrate to the IP world. PBX manufacturers such as Nortel, Siemens, and Alcatel prefer the gradual integration of VoIP solution by adding IP extension cards.

This approach facilitates the adoption of IP phone especially in large companies with a classic platform and wanting to take advantage of VoIP. But it does not enjoy all the services and the successful integration into the world of data. The development of PABXs software is the solution offered by vendors such Cisco and Asterisk. This approach allows to benefit from a flexible, very good integration in the world of data and voice, and especially a price much interesting.

 This solution, which is completely based on IP technology, is thus affected by the vulnerabilities that threaten the security of this protocol and network infrastructure on which it is deployed. The latter is the major problem for companies and a great challenge for developers. Some attacks on VoIP networks, such as denial of service attacks, identity theft can cause catastrophic losses and enormous for businesses. For this VoIP network security is not only a necessity but a obligation, which can be reduced with up, the risk of attacks on VoIP networks.

The security of a VoIP solution should cover the entire network infrastructure, including tools and communication management equipment and users, the system operating upon which these tools are installed, and the signaling protocols and data transport. It must even protect against attackers. Better one secures, there is less risk. This work aims to: the study of VoIP protocols and available architectures; the study of security vulnerabilities and sisters attacks the various components of a VoIP infrastructure in LANs; and setting up a secure VoIP solution based on open source tools, specifically the Asterisk and client X-Lite server. Companies benefiting from our solution, will be able to set up a VoIP platform quite flexible, inexpensive, and protected against security attacks within the network and outside too.

This report consists of four chapters.

1. The first chapter introduces VoIP and these elements, describes and explains the architecture and protocols, and lists the major points strengths of this technology and its weaknesses. 
2. The second chapter focuses on the security of VoIP infrastructure. It details the different types of security vulnerabilities divided into three classes: vulnerabilities in protocols, infrastructure-related vulnerabilities and vulnerabilities systems. Good practices and security solutions to places to remedy these vulnerabilities are also defined. 
3. The third chapter is interested in setting up a VoIP solution for businesses based on the Asterisk server and client X-Lite. The different prerequisites and necessary libraries are installed, and the essential parameters are defined and configured. 
4. The final chapter of the report focuses on testing and achievement of some attacks VoIP infrastructure deployed in the third chapter. 

An implementation of the various solutions and measures needed to protect against these attacks, is realized.