Security on SIP Trunks and SIP Endpoints
From WIKI - ACD.net
(Difference between revisions)
Schoen.kevin (Talk | contribs) (→ACD recommendations for security on endpoint devices) |
Schoen.kevin (Talk | contribs) (→Where ACD is responsible for Security to the endpoint) |
||
Line 4: | Line 4: | ||
==Where ACD is responsible for Security to the endpoint== | ==Where ACD is responsible for Security to the endpoint== | ||
− | In some instances, ACD is responsible for the SIP endpoint. ACD is | + | In some instances, ACD is responsible for the SIP endpoint. ACD is responsible for security when: |
− | * The endpoint solely | + | * The endpoint solely controlled by ACD and no other party, and |
* The endpoint password has not been provided to the end-user, and | * The endpoint password has not been provided to the end-user, and | ||
* Where the endpoint is owned by ACD | * Where the endpoint is owned by ACD |
Revision as of 18:27, 13 February 2012
SIP Trunks and SIP Endpoints, are devices or software interfaces that accept or send SIP calls to a telephone network.
In general sip services are described here: http://www.acd.net/sip.cfm
Where ACD is responsible for Security to the endpoint
In some instances, ACD is responsible for the SIP endpoint. ACD is responsible for security when:
- The endpoint solely controlled by ACD and no other party, and
- The endpoint password has not been provided to the end-user, and
- Where the endpoint is owned by ACD
Customer Responsibility for endpoint security
Where the SIP endpoint is not controlled or directly managed by ACD:
- ACD is not responsible for performing security functions on endpoint devices.
- ACD is not responsible for mis-configured or poor security on the account associated with the end-point device. ACD enters a password security that is requested by the end-user.
- Securing equipment that is not under the direct control and ownership of ACD.
- Any Expenses or fees associated with calls to and from ACD SIP Trunk accounts.
- Any fees or expenses to consultants, other service providers for securing non-ACD owned and controlled equipment.
- The customer is responsible for paying any fees and expenses associated with calls originating from your accounts.
- ACD is not responsible for any call blocking functions.
Bottom line: the end-user accepts full responsibilty for any mis-configured equipment or accounts when they are in control of the end-point device.
ACD recommendations for security on endpoint devices
- Always use a complex password.
- Change the password occassionally.
- Encrypt the passwords.
- Ensure that there is adequate firewalling
- Ensure keepalives are used to a static IP address.
- Configure the endpoint to a static IP Address and relay that address to ACD.
- Review your call logs on http://phone.acd.net
- Block unneccessary services in http://phone.acd.net, such as international long distance, etc.