Even though VoIP Telephony is securer than existing PSTN telephony, VoIP Telephony is not absolutely safe from tapping. With packet capture devices like 'VoIP DNA (?)', VoIP calls can easily tapped and that's why we need to pay attention to the security of VoIP telephony.

VoIP security solution without degradation of voice quality

"Don't we only need additional VPN device for secure VoIP communication? You might say that, but it is not an ultimate solution. Because VPN is not a security solution mainly designed for VoIP communication, there are several shortcomings.
VPN based VoIP security encrypts the whole network traffic and it causes network delay causing degraded voice quality. On the other hand, VoiceFinder AP2520S only encrypts voice data with built-in encryption function that eliminates the possibility of voice degradation due to the network delay.
Moreover, VPN VoIP network requires a Gatekeeper only for VPN internal network and it leads to higher investment compare to VoiceFinder AP2520S. Adding to that, additional VPN device can be a burden for companies.
VoiceFinder AP2520S is an ideal solution eliminating these problems without asking additional VPN devices and can utilizes external public Gatekeeper realizing stability and low investment.

VoIP security function for a specific area

VoiceFinder AP2520S can offer secured VoIP service to limited areas. This can be a big merit for a site emphasizing lower investment. For VPN VoIP service, the VPN should be applied to the whole VPN VoIP calls even when only limited area requires secured VoIP service. That is, to establish a call with VoIP gateway connected to VPN device, the other side is required to have VPN device. Establishing VPN for the whole network, even only limited areas ask for secured VoIP service, means squandering of resources.
Then, is there a way to use secured VoIP with specific counter parts and use ordinary VoIP communication for other counter parts at the same time? VoiceFinder AP2520S can be the right solution. AP2520S secure VoIP gateway makes possible encrypted communication for specific areas and ordinary VoIP communication for other areas. That is, AP2520S offers real-time encrypted communication when the gateway on the opposite side supports encryption and otherwise, offers ordinary VoIP communication.

Figure 1: AP2520S Secure VoIP Gateway intelligent communication structure

High-speed encryption by built-in security processor

VoiceFinder AP2520S is a most realistic solution for the customers asking VoIP Telephony security solution.
VoiceFinder AP2520S secure VoIP gateway guarantees high quality voice service along with SRTP Protocol based superior VoIP security function. Companies and public offices emphasizing secured communication, AP2520S secure VoIP gateway can be a perfect solution without additional VoIP security devices. Cutting-edge voice compression algorithm and AddPac's enhanced QoS management function realize superior voice quality with limited investment on introduction and maintenance of the gateway. Especially, it offers VoIP encryption with built-in security process without any delay in processing.

Embedded encryption key management system

AP2520S is supplied with the encryption key by the embedded AP-KMS (Key Management System). It blocks the possibility of vulnerable encryption key management.

Various network service supported

AP2520S operates both on fixed and dynamic IP address of leased line, ADSL, and Cable Modem networking environment. Also, VoiceFinder AP2520S supports various network protocols such as IP-routing, bridging, PPP, NAT/PAT, and network management features such as SNMP MIB v2, Cisco-style CLI, web and etc. This secure VoIP gateway is designed using high-performance 32bit RISC microprocessor and H/W security processor architecture with fixed network interfaces of; 1-Port 10/100Mbps Fast Ethernet, 1-Port 10Mbps Ethernet, asynchronous serial port for console, key management Port.

Table 1: VPN based VoIP security vs. AP2520S Secure VoIP

Items	VPN based VoIP Gateway	AddPac Secure VoIP Gateway
Encrypted data	Whole network data (possible delay)	Only VoIP voice data
Secured area	All areas	Only selected areas. (Ordinary VoIP calls are possible for other areas)
Gatekeeper	Internal GK is mandatory	Not essential. Able to utilize external public GK
Origin of the encryption process	VPN device	Secure VoIP Gateway
Error on center line	Failure on the whole network	Failure on calls connected to main office
Simplified network formation	Low (In a large-scale VoIP network, it cannot emerged into mesh structure.)	High (Can be easily formed as mesh type and be expanded easily)
Investment	High (VPN devices and additional GK required)	Low

Network Diagram

	Powerful 32bit RISC Microprocessor Architectures
	H/W based Security Processor
	Two 10/100Mpbs Fast Ethernet for LAN & WAN with Two(2) Voice Interface Modules
	FXS, FXO, and E&M Voice Modules for Octal(8) Voice Channels
	ITU-T H.323 v3 VoIP Protocol with ITU-T H.235 Security Feature
	Standard SRTP for Secure VoIP Applications
	H.323, SIP, and MGCP triple stack support
	Multi-protocol Routing Solutions between WAN and LAN Access with H.323 based VoIP Protocol
	ITU-T H.323 v3 VoIP Protocol with ITU-T H.235 Security Feature
	SIP protocol support compliant with IETF RFC3261 (or RFC2543)
	Support Voice Processing Features - VAD, DTMF,CNG,G.168, and T.38 G3 Fax Relay - G.723.1,G.729A,G.711 Voice Compressions
	AddPac APOS Internetworking Software to provide Scalability, Functionality, Stability, and QoS Control for AddPac VoIP Gateway
	High-performance IP-Routing Capability with Reliability
	Static, RIP v1/2, OSPF v2 and IEEE 802.1Q VLAN Routing Protocols
	Traffic Queuing, and SNMP MIB v2 for Network Management Features
	Standard & Extended Access List for Security Functions
	Essential Scalability Features such as DHCP Server & Relay, NAT/PAT, IEEE Transparent Bridging,
	IP Accounting, and Debugging/Diagnostics, etc.

AddPac Technology