Can you experts please share your opinions on if Security is an absolute must in Cisco VoIP solutions? Specifically i'm talking about authentication between phones and gateways, and running Secure RTP accross the wire. The types of solutions I will be working on will be 1-5 site solutions with 500 total users or less. Voice will always run over frame or mpls. Due to reduced budgets, their will be times that public DIA connections might terminate on the same router that a private wan connection terminates on.
I would imagine that authentication should always be used as it doesn't increase the price of the solution. But running Secure RTP drastically increases the overall bandwidth needed for voice calls, and reduces the attractiveness and savings that customers have heard about in comparison to the PSTN.
BTW, I have read the SRND. It provides some good guidance on security, but does not really state if it is always recommended/needed. Is their another Cisco guide or book that covers security from a VoIP perspetive in detail?
Thanks to all in advance. This forum is truly awesome and the level of responsiveness is impressive.