I was talking to one of my friends today they said that they think the phones at the company have malware E.G Trojan. suggested I look into it incase run into somewhere since voip is getting popular. after some research I found that the brand of their phones has a security issue in firmware. the company patched it, but many places recommended an IDS that would run on each phone and monitor firmware for possible compromise.
I was thinking be nice if could put them behind a NAT router so they weren't so easily attacked. think be fine for outgoing VoIP traffic, but incoming would have issues. I was thinking would think be some way that might be possible. using a few public I.P addresses. then somehow linking certain ports on the public addresses to a certain phone number and internal I.P addresses.
I was later discussing this idea with another friend and he thought they would be behind NAT already, but I don't see how that would work. did some research into it and most seem to say not possible unless use some special server, then it sounded like takes many public I.P and matches each to a private which seems about pointless.

this kind of made me curious about the security of VoIP, and whether could be behind NAT router

 

Which type of phone? Android, iPhone, Blackberry, something else?

 

these are office style network phones. I believe cisco not sure model. they have running on same network as computers. and has some sort of message function that they can listen on computer too.
enterprise phone system.