Security on SIP Trunks and SIP Endpoints

From WIKI -
Jump to: navigation, search

SIP Trunks and SIP Endpoints, are devices or software interfaces that accept or send SIP calls to a telephone network.

In general sip services are described here:

Where ACD is responsible for Security to the endpoint

In some instances, ACD is responsible for the SIP endpoint. ACD is responsible for security when:

  • The endpoint solely controlled by ACD and no other party, and
  • The endpoint password has not been provided to the end-user, and
  • Where the endpoint is owned by ACD

Customer Responsibility for endpoint security

Where the SIP endpoint is not controlled or directly managed by ACD:

  • ACD is not responsible for performing security functions on endpoint devices.
  • ACD is not responsible for mis-configured or poor security on the account associated with the end-point device. ACD enters a password security that is requested by the end-user.
  • Securing equipment that is not under the direct control and ownership of ACD.
  • Any Expenses or fees associated with calls to and from ACD SIP Trunk accounts are the responsibility of the purchase of the service.
  • ACD is not responsible for ny fees or expenses to consultants, other service providers for securing non-ACD owned and controlled equipment.
  • The customer is responsible for paying any fees and expenses associated with calls originating from your accounts, even if fraudulent. ACD did not committ the fraud. You are responsible for any and all fraudlend calls made from your account.
  • ACD is not responsible for any call blocking functions.

Bottom line: the end-user accepts full responsibility for any mis-configured equipment or accounts, and any calls made from when they are in control of the end-point device.

ACD recommendations for security on endpoint devices

  • Always use a complex password.
  • Change the password occasionally.
  • Encrypt the passwords.
  • Ensure that there is adequate firewalling
  • Ensure keepalives are used to a static IP address.
  • Configure the endpoint to a static IP Address and relay that address to ACD.
  • Review your call logs on
  • Block uneccessary services in, such as international long distance, etc.
Personal tools