Security on SIP Trunks and SIP Endpoints
SIP Trunks and SIP Endpoints, are devices or software interfaces that accept or send SIP calls to a telephone network.
In general sip services are described here: http://www.acd.net/sip.cfm
Where ACD is responsible for Security to the endpoint
In some instances, ACD is responsible for the SIP endpoint. ACD is responsbile for security when:
- The endpoint solely controled by ACD and no other party, and
- The endpoint password has not been provided to the end-user, and
- Where the endpoint is owned by ACD
Customer Responsibility for endpoint security
Where the SIP endpoint is not controlled or directly managed by ACD:
- ACD is not responsible for performing security functions on endpoint devices.
- ACD is not responsible for mis-configured or poor security on the account associated with the end-point device. ACD enters a password security that is requested by the end-user.
- Securing equipment that is not under the direct control and ownership of ACD.
- Any Expenses or fees associated with calls to and from ACD SIP Trunk accounts.
- Any fees or expenses to consultants, other service providers for securing non-ACD owned and controlled equipment.
- The customer is responsible for paying any fees and expenses associated with calls originating from your accounts.
- ACD is not responsible for any call blocking functions.
Bottom line: the end-user accepts full responsibilty for any mis-configured equipment or accounts when they are in control of the end-point device.
ACD recommendations for security on endpoint devices
- Always use a complex password.
- Change the password occassionally.
- Encrypt the passwords.
- Ensure that there is adequate firewalling
- Ensure keepalives are used to a static IP address.
- Configure the endpoint to a static IP Address and relay that address to ACD.
- Review your call logs on http://phone.acd.net
- Block unneccessary services in http://phone.acd.net, such as international long distance, etc.