The security concept was created step-by-step in parallel to the solution design and considers both technical and organisational provisions. Thus security was incorporated in the process early and a security concept with the respective detail depth was available at any given time.

The concept creation took place based on renowned Best Practices, among others the BSI IT-Security Guidelines, the BSI VoIPSEC-Study as well as NIST checklists. At first, the protection goals, the breadth and depth of the implementation as well as the object itself were outlined. On this foundation took place the development of security requirements on the infrastructure, the VoIP solution and the secure operation.

Part of the project were further guidelines on the secure configuration of basic components and an analysis of the technical vulnerabilities by means of black-box tests in a testing environment.

Future enlargements and developments (e.g. enlargement to include the internal head office communication) were also included in the security concept at customer request.

Further topics
Advanced Wireless