Securing a SIP-based VoIP network

TechRepublic has a great writeup on various measures you can take to secure a SIP-based VoIP network. Security, or the lack thereof, really seems to have come to the fore recently. Only a few weeks ago one research group reported that as many as 70% of all calls made using Voice over IP are insecure and prone to attack.

Security was not an initial concern in the design of the major VoIP protocols, including SIP. This is similar to the state of early computer operating systems—it was necessary for those deploying them to add security mechanisms because they weren’t built-in.

Organizations deploying VoIP must likewise take measures to secure the VoIP protocols. Some of the ways that you can make a SIP network more secure include using Secure SIP with TLS to encrypt the channel over which VoIP messages travel and by using session controllers and SIP-aware firewalls.

If you are operating a SIP-based VoIP network then this article would be well worth taking the time to read. I have a feeling that we’ll be hearing much, much more about how to implement security measures this year.