SIP Security


#1

Hello All,

SIP Security is a booming side of IT that I feel a lot of IT lack knowledge in or just simply didn’t realize or understand. I myself am constantly finding ways to catch black hat hackers from getting what they need in the hosted VoIP environment. Issues such as Toll Fraud are an issue and constant threat for anyone but specifically SMBs. A lot goes into this obviously and this is coming from someone that truly undsterstands appropriate traffic shaping, especially in a converged Voice and Data environment.

Ever since making the switch from Edgewater Networks ESBC’s (Edgemarc 4550 Series) I have been nothing but pleased. Peplink/Pepwave I truly believe are the way to go for myself and customers personally. Here is what I think the Peplink Team should look into:

  1. The ability for true analytic s for VoIP for IT Pro’s to gather info on what a session and call should look like from a malicious one.
  2. The ability for the Peplink Balance to have dynamic policy control and to detect a source UA attacking and then to drop that session. (Detect maybe via seeing a pattern)
  3. Understanding that Qos issues occur in Layers 5,6, and 7.
  4. ESBCs coordinate security policy management at layers 2 and 4 and application resource allocation at layer 7 with message handling at layer 5.

I understand that you may be releasing MOS Scoring in firmware 6.3.x but just wanted to throw this out there because I feel to give a true quality and secure VoIP solution to customers IT guys like myself that deal with tons of VoIP networks on a daily basis and the monitoring of thee networks, need as much insight as humanly possible.

Thanks


#2

I am very much in agreement. Also I must complement peplink on a product so far built. it would be nice to have the system configure a guaranteed traffic for voip, and not allow for congestion to interfere with the voip.
but security is the one downfall of a peplink when it comes to firewalls. Their extent of firewall stops at level 4. I would love to see them implement their own level 5-7 firewall, and then we will have a solid product.