The decision to move to SIP trunking appears straightforward: reduced costs, greater scalability, improved disaster recovery options and access to the productivity benefits enabled by Unified Communications (UC). But, as ever in the world of technology, the truth about SIP trunking is a little more complex than it may appear at first glance. Despite the headline ‘quick and simple’ message from both resellers and providers, moving to SIP is not as straightforward as just switching on the new service, there are costs and security risks to consider.
So what are the essential issues to understand?
- Making the Change: The first consideration has to be whether SIP trunking is even an option for the business, given the current communications infrastructure. Is the current voice system configured to support only ISDN, or does the PBX also have an IP network interface for SIP? If there is an IP interface, is it enabled?
- Determining Capacity: The physical configuration of ISDN – either the two channel Basic Rate or 30 channel Primary Rate – is hugely constraining for businesses. SIP trunking in contrast is essentially flexible, enabling a business to change the number of channels on the fly in response to demand. This bursting facility means there is no need to over scale up front – however it is important to check the provider’s timings on scaling up or down on the capacity required.
- Adding Hardware: If the existing PBX does not support SIP there are two options – invest in a new PBX or look for a vendor offering SIP to ISDN gateway. Either way, the minimum cost will be around £750. If there is an IP interface on the PBX, no additional hardware will be required. But just consider: with this approach the SIP trunk, essentially public source IP, is going straight into the business, and creating a significant security risk.
- Understanding VOIP Security: Right now many providers are fudging the issue of security by saying that if they are secure, their customers are secure. But look at the contract – does the provider offer full liability? In the event of a breach that results in toll fraud, denial of service or data loss, is the provider going to pay the cost? Sadly, it will not.
- Achieving Secure SIP: The good news is that once a company has recognised the need to secure its VoIP service, the solution is straightforward. The latest generation of cloud based, freemium voice firewall products can be downloaded and installed within minutes, providing the critical first step in securing the voice network without impacting the compelling SIP trunking cost benefits.
In the rush to gain the compelling cost benefits offered by SIP trunking, too many organisations are forgetting the basics of IT deployment. The value of VoIP is clear – reduced costs, improved portability, business agility and disaster recovery. But the risk of unsecured VoIP calls is huge. To gain the benefits and safeguard the business, security must be an integral component of any SIP trunking deployment.[su_box title=”Paul German, CTO & Founder, VoipSec” style=”noise” box_color=”#336588″]
VoIP is short for Voice over Internet Protocol.Voice over Internet Protocol is a category of hardware and software that enables people to use the Internet as the transmission medium for telephone calls by sending voice data in packets using IP rather than by traditional circuit transmissions of the PSTN. VoIP takes analog audio signals from your phone and turns them into digital data, and transfers them over the Internet. VoIP works just like a regular phone, but instead of using the high priced telephone company’s wiring, VoIP routes your phone calls directly to your telephone using your high speed internet connection.[/su_box]
Paul German, CEO at Certes Networks
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.