VoIP Security

VoIP Security

3 Layers to Secure
Your VoIP Environment

Securing a network is never a trivial task and requires ongoing attention as threats evolve over time. The addition of Voice over IP (VoIP) within a network has different requirements. It must be addressed with a multi-layered approach. 

Each subsequent layer increases overall protection and continues to offer defense, even if another element or layer is breached. The one essential component for many VoIP phone systems is a session border controller (SBC).

Learn more about the place of VoIP firewalls in your network

Securing the Network – The Firewall

Every corporate network connected to the Internet has a firewall to protect itself from hackers. They monitor and control all the traffic coming in or going out to the Internet and should be configured to allow only specific services and IP addresses and block all other random ones. 

For VoIP functionality, the firewall must be configured to allow inbound and outbound SIP traffic, which is the underlying protocol used for VoIP.  

  • Firewalls inherently deny all traffic. You must open the firewall to allow SIP traffic through, which also includes VoIP threats initiated by hackers.
  • Firewalls will not translate the SIP messaging properly and cause call connection and audio issues. VoIP messages include a lot of nested information that needs attention, which gets overlooked.
Firewall

Layer 1:

Your Firewall

SBC - Shield

Layer 2:

Session Border Controller

The Missing Component – The VoIP Wall

An SBC is a network device designed to understand SIP traffic and apply various security and influence over the VoIP traffic. It protects against VoIP threats, which the firewall cannot process, and will also translate every part of the SIP message to ensure proper call control and audio for phone calls.

A Sangoma SBC protects you from VoIP attacks and also provides you with business continuity, interoperability, call limiting, and more.

The Last Layer of Defense

It is important to understand the protection features of a business phone system. Toll fraud is a very expensive lesson to learn and can cost businesses a lot of money over a short period of time.

A good business phone system should:

  • Limit the amount of call traffic a hacker can create
  • Lock down extensions from specific IP addresses or subnet ranges
  • Change the default port for SIP

These security features and many more can be found in Sangoma’s enterprise-grade VoIP solution: Switchvox.

PBX

Layer 3:

Secure PBX

Explore VoIP security best practices with our free white paper

Scroll to Top