Security on SIP Trunks and SIP Endpoints

From WIKI - ACD.net
(Difference between revisions)
Jump to: navigation, search
Line 1: Line 1:
SIP Trunks and SIP Endpoints, are devices or software interfaces that accept SIP calls from the ACD network.  
+
SIP Trunks and SIP Endpoints, are devices or software interfaces that accept or send SIP calls to a telephone network.  
 +
 
 +
In general sip services are described here: http://www.acd.net/sip.cfm
  
 
==Where ACD is responsible for Security to the endpoint==
 
==Where ACD is responsible for Security to the endpoint==

Revision as of 18:25, 13 February 2012

SIP Trunks and SIP Endpoints, are devices or software interfaces that accept or send SIP calls to a telephone network.

In general sip services are described here: http://www.acd.net/sip.cfm

Where ACD is responsible for Security to the endpoint

In some instances, ACD is responsible for the SIP endpoint. ACD is responsbile for security when:

  • The endpoint solely controled by ACD and no other party, and
  • The endpoint password has not been provided to the end-user, and
  • Where the endpoint is owned by ACD

Customer Responsibility for endpoint security

Where the SIP endpoint is not controlled or directly managed by ACD:

  • ACD is not responsible for performing security functions on endpoint devices.
  • ACD is not responsible for mis-configured or poor security on the account associated with the end-point device. ACD enters a password security that is requested by the end-user.
  • Securing equipment that is not under the direct control and ownership of ACD.
  • Any Expenses or fees associated with calls to and from ACD SIP Trunk accounts.
  • Any fees or expenses to consultants, other service providers for securing non-ACD owned and controlled equipment.
  • The customer is responsible for paying any fees and expenses associated with calls originating from your accounts.
  • ACD is not responsible for any call blocking functions.

Bottom line: the end-user accepts full responsibilty for any mis-configured equipment or accounts when they are in control of the end-point device.

ACD recommendations for security on endpoint devices

  • Always use a complex password.
  • Change the password occassionally.
  • Encrypt the passwords.
  • Ensure that there is adequate firewalling
  • Ensure keepalives are used to a static IP address.
  • Configure the endpoint to a static IP Address and relay that address to ACD.
  • Review your call logs on http://myaccount.acd.net
  • Block unneccessary services in http://myaccount.acd.net, such as international long distance, etc.
Personal tools
Namespaces

Variants
Actions
Navigation
Tools