Maybe.
Network security is a slippery thing. Securing voice on a network just adds to the complication. No one can answer your question with a "yes" or a "no" because the answer is: "it depends". It depends on how well you have handled your layered security model. Such as physical access to the network switches, routers, servers, etc. Do you have appropriate facility restrictions in place? If not, then your security model is suspect. Have you logically separated voice and data? Sounds like you have, which is good. Have you taken measures to avoid mac address spoofing? Have you avoided VLAN sprawl by either limiting VLANs to individual access switches/stacks/closets or, even better, running layer 3 to the access layer. Trunking vlans and RSPAN can be an annoying fact of life.
So, you logically separated voice and data. Have you employed network based ACLs or firewall filters to protect voice from data? Are you running soft phones? If so, have you looked at UC proxy and/or Trusted Relay Point?
Does your Call Manager (or CME or whatever) have one administrator password that more than one person knows? Do you have password policies on your admin IDs? Do you leverage authorization controls? Do you apply authentication/authorization policies to routers, switches, and voice gateways (using something like tacacs or radius)?
Do you have accounting policies and audit policies in place so that all of the authentication, authorization, configuration best practices remain relevant?
Security needs to be done at all layers of your network. If you have control over all aspects of the network, configurations, policies, enforcement, etc. then you are probably A-OK. If not, then there could be a hole somewhere. Remember, you aren't just watching for a guy in a black over coat.
HTH.
Regards,
Bill
