A system and method of telephony resource management and security for monitoring and/or controlling incoming and outgoing calls between an enterprise's end-user stations and a public circuit-switched network and/or a public packet-switched network. A security policy is made up of one or more rules designating at least one action to be performed based on at least one attribute of the incoming or outgoing call. Calls are detected and sensed on the line, trunk and/or cabling, and analyzed to determine attributes associated with each call. Actions are performed based upon the determined attributes, in accordance with the security policy rules.