Tag: cisco cube

SIP Trunking Demystified: Security

SIP Trunking Demystified: Security

I’m not old enough to remember the old school party line phones that my mom talks about. Heck, the idea of sharing one phone per house seems far enough in the past at this point, let alone sharing a phone with neighbors.

If you’re not familiar with the concept of party line phones, you basically shared a single line from the telephone company with a handful of your neighbors. When the phone would ring, you would listen to the number of rings to determine if the call was for your house. There was no second call on the line allowed either. You could pick up the phone at any time and listen to your neighbors phone calls as well. No guarantee of privacy!

SIP trunks can be sort of the same thing. Standard SIP providers hand off their SIP trunks on the default TCP port of 5060. This port is typically used for unencrypted SIP communications. That means that anyone who can get a packet capture of your calls gets to replay the whole conversation. If the handoff for the SIP trunk is through a private connection to the carrier, this may not be much of an issue. However, most SIP carriers hand off their trunks across the internet. This means that all of your calls are then unencrypted across the internet and are subject to interception!

Enter SIP-TLS and SRTP. SIP-TLS puts a TLS wrapper around your SIP signaling to ensure that all call setup and teardown messages are encrypted. SRTP does the same, but for the actual call audio. Setup for SIP-TLS and SRTP is pretty simple. All it takes is the exchange of a digital certificate between the provider and the customer to verify and encrypt traffic on both sides. However, the majority of providers don’t offer this as a service and non-enterprise grade PBXs don’t support it either.

No so with a Cisco based SIP solution. Cisco’s Unified Border Element (CUBE) has supported call encryption for quite some time now. Starting with the ISR 2900/3900 line, and now extended in to the 4300/4400 series. On the provider side, I’ve had great luck with Intelepeer and their secure SIP options. Easy to work with and rock solid one set up.

SIP Trunking Demystified: Transport

SIP Trunking Demystified: Transport

Traditional phone service has been delivered via PRI or POTS connections.  These connections are maintained by your local phone company and are their responsibility to maintain.  In the case of a PRI, 23 phone calls can be delivered over a single line.  POTS lines are similar to the phone lines that used to be common in residential settings which only allow one call at a time.  The advent of networking and the Internet has brought alternatives to these traditional phone services; with the most popular standard being SIP.  SIP was developed in the late 1990s as a way of digitizing voice communications to be sent over networks that would have been traditionally reserved for data communications.  By treating this communication more like data traffic, phone providers are able to quickly provision service, scale it up and down as necessary, and provide for disaster recovery functions.  SIP has slowly gained adoption over the last 20 years to the point where we see it as the primary choice for phone connectivity today.  This post will be part of a three part series making the business case for moving to SIP and bringing awareness to the common pitfalls of making the transition. 

One of the great things about SIP phone service is its transport independence.  It can be installed over a common internet connection or though dedicated lines from a provider.  The internet transport method tends to be the cheapest because it uses what is already there.  However, this approach can bring about issues since there‚Äôs no guarantee of call quality across the internet.  Do video streaming services ever freeze up when you are binge watching your favorite show? Sure!  How then would it impact your business if your phone service did the same?  On the other hand, dedicated connections for SIP can require build out costs and high monthly fees.  Is it worth it? Well, that depends how critical phone service is your business.

I generally prefer to handle this conversation differently than most providers.  Rather than putting in a solution and hoping it all works out, my preference is to use the business needs to recommend a solution that works for you. Maybe it’s SIP over the public internet, or it is private transport. Or it’s sticking to POTS lines! This is never a one size fits all conversation!

Theme: Overlay by Kaira