As SIP trunking helps reduce communication costs for enterprises, by eliminating the need for PSTN gateways, unused ISDN cards and underutilised lines at remote offices, it’s use has become accepted and part of common voice technology. As this gradual uptake increases, SIP trunks are bridging the gap between PSTN and IP communications. The gap is becoming blurred and companies need to be educated to the security concerns and measures that can be used to ease these security concerns.
What are the main concerns?
Eavesdropping has always been an issue in voice networks and SIP is no different. Previously, voice networks have been closed reducing the possibilities for snooping. The use of the internet for voice has changed that. Unauthorised interception of the media stream can allow an attacker to listen to the call. Solution: Encrypt the media stream, like RTP or encrypt all traffic or use a closed IP network, such as VxDSL.
Availability. Loss of service through a Denial-of-Service (DoS) attacks can effect an any IP based services. These attacks send excessive amounts of traffic to parts of your or the service providers network to overwhelm routers and network equipment. Solution: Networks can be configured to reduce the effect of DoS attacks. Your ISP will normally be able to stop attacks when they occur. You could also use a closed network, such as VxDSL.
Authentication identifies a system or user to a particular account. It’s important that Digest authentication is used, rather than just clear text. Digest uses MD5 hashing function on a combination of username/password. This protects a user from their details being copied. Some providers only authenticate on IP address, which is a dangerous option and should be carefully monitored and controlled.
Theft covers both service theft, basically toll fraud, and data theft. Authentication helps to prevent toll fraud, which when combined with data security, such as firewalls drastically reduces the threat. One key element that users tend to forget, is securing their side of the network. Your service provider can have the best security, but that will not help if your system is wide open. Make sure your firewall is protecting your voice system, as well as data.
SPIT. Spam over Internet Telephony isn’t high on the radar for either service providers or users, at the moment. This will change as more and more SIP systems connect, with the major role of your SIP provider changing from providing connectivity to controlling who connects to you. Vishing (the VoIP version of phishing) is the spoofing of a caller id, making the person receiving the call think the caller is someone else. This technique has been used to harvest personal details from users.
If you're worried about voice security or haven't got the skill set then use a closed IP service such as Voiceflex's VxDSL. This will protect you from the majority of security issues.
About Voiceflex
Voiceflex, a division of Frontier Systems, was established to provide advanced IP telephony (VoIP) services for UK businesses. Bringing the reliability of the Internet to the telephone, VoiceFlex is an advocate of SIP (Session Initiation Protocol) - the latest technology allowing voice calls to be made over the Internet. Voiceflex uses its own SIP technology offering developed completely in-house, to provide low cost, ISDN replacement lines that provide the best possible call quality, inexpensively with the flexibility that comes from using the Internet. VoiceFlex can also port any telephone number regardless of geographic location. Products include SIP Trunks and SIP Centrex.
Voiceflex offices are based in Piccadilly(London) and Coventry. For further information, please visit: www.voiceflex.com or contact Paul Taylor on 0207 440 1811 or email ptaylor@voiceflex.com
If you require more information, please contact Paul Taylor on 020 3004 1990 or email ptaylor@voiceflex.com
www.voiceflex.com