Solutions>Operators>Hosted VoIP

Wireline operators offer hosted IP PBX services for enterprises that do not have the resources or desire to build and maintain their own VoIP network. Recently, there has been a proliferation of these types of services from smaller to larger carriers.

Today, most of these services are SIP based or the carrier has plans to migrate to SIP. The vulnerabilities associated with SIP are clearly an issue for the operator since they need to protect this critical revenue stream and their customer, the enterprise, has high expectations in terms of availability and security of the service.

Operators will deploy UC-Sec Appliances to protect their core VoIP infrastructure from misconfiguration, misuse or malicious attacks that could take high-value assets down and result in loss service. The operator may also want to deploy the Sipera UC-Sec at the customer premise.

 

Security Concerns

 

The significant security concerns for this type of deployment are mainly SIP/SCCP/H.323 call control and application level attacks along with:

• Attacks originating from a peering network

• End user Spam attacks

• Border control and traversal issues

• Handling of domain policies

Sipera Protection

 

The Sipera UC-Sec product sits at either the edge of the enterprise network or the edge of the operator network to protect against signaling and media vulnerabilities as well as handling demarcation and peering issues. Specific Sipera UC-Sec features that protect the network and end-users include:

 

• Comprehensive SIP and media protection techniques including rogue media blocking and modem call blocking

• Encrypted signaling and media proxy (TLS and SRTP)

• Firewall/NAT traversal (near-end and far-end)

• SIP-based routing policies