VoIP Security

Home > VoIP Security

3 Layers to Secure
Your VoIP Environment
Securing a network is never a trivial task and requires ongoing attention as threats evolve over time. The addition of Voice over IP (VoIP) within a network has different requirements. It must be addressed with a multi-layered approach.
Each subsequent layer increases overall protection and continues to offer defense, even if another element or layer is breached. The one essential component for many VoIP phone systems is a session border controller (SBC).
Securing the Network – The Firewall
Every corporate network connected to the Internet has a firewall to protect itself from hackers. They monitor and control all the traffic coming in or going out to the Internet and should be configured to allow only specific services and IP addresses and block all other random ones.
For VoIP functionality, the firewall must be configured to allow inbound and outbound SIP traffic, which is the underlying protocol used for VoIP.
- Firewalls inherently deny all traffic. You must open the firewall to allow SIP traffic through, which also includes VoIP threats initiated by hackers.
- Firewalls will not translate the SIP messaging properly and cause call connection and audio issues. VoIP messages include a lot of nested information that needs attention, which gets overlooked.

Layer 1:
Your Firewall

Layer 2:
Session Border Controller
The Missing Component – The VoIP Wall
An SBC is a network device designed to understand SIP traffic and apply various security and influence over the VoIP traffic. It protects against VoIP threats, which the firewall cannot process, and will also translate every part of the SIP message to ensure proper call control and audio for phone calls.
A Sangoma SBC protects you from VoIP attacks and also provides you with business continuity, interoperability, call limiting, and more.
The Last Layer of Defense
It is important to understand the protection features of a business phone system. Toll fraud is a very expensive lesson to learn and can cost businesses a lot of money over a short period of time.
A good business phone system should:
- Limit the amount of call traffic a hacker can create
- Lock down extensions from specific IP addresses or subnet ranges
- Change the default port for SIP
These security features and many more can be found in Sangoma’s enterprise-grade VoIP solution: Switchvox.
