Securing SIP Trunks
SIP trunking provides organizations with a cost-effective, reliable method of connecting the internal network and telephony systems with exernal VoIP and traditional phone systems over the IP network. SIP tunking is quickly replacing traditional PRI and analog circuits for enterprise communications. Typically, SIP trunking involves an IP PBX, however Microsoft Office Communications Server 2007 R2 introduced the ability to do direct SIP trunking to the OCS 2007 environment and eliminate the IP PBX. Microsoft only provides direct SIP trunking with two VoIP providers, but Evangelyze Communications developed SmartSIP which lets organizations leverage their existing telephony hardware and employ direct SIP trunking with virtually any VoIP provider.
SIP trunking has many business benefits, but also introduces some additional security concerns. Internal security policies and controls will most likely differ from the security policies and controls of the SIP trunk provider. Connecting with the SIP trunk provider may involve opening ports though the firewall or NAT device, modifying the IP PBX (if present), changing private IP addressing or numbering plans, or other changes to the unified communications infrastructure. The organization must also maintain control over signaling and media secuity as well as call-routing policies.
Organizations have to understand the risks and implement appropriate security measures to ensure the availability of their unified communications network, the integrity and confidentiality of voice and data communications, and the overall compliance with regulatory requirements the organization might be subject to. Read Securing SIP Trunks to learn more about the security issues and how Evangelyze Communications, by partnering with Sipera Systems, can work with organizations to implement SIP trunking securely.