BACKGROUND IMAGE: stock.adobe.com
From a technology standpoint, session initiation protocol, or SIP, is both well-known and stable.
SIP has long been embraced across organizations, leading to a plethora of vendor offerings. While not much has changed with SIP and SIP trunking technology, the landscape of SIP trunking vendors has changed significantly.
The field of SIP trunking vendors includes a wide range of vendors, from specialized vendors, such as Flowroute, Twilio and Nextiva, to vendors associated with traditional telephony services, such as AT&T and Sprint. Traditional cable providers, like Comcast, and voice over IP (VoIP) vendors, such as Vonage and 8x8, also offer SIP services.
For buyers, the growing competition is good news. In an overcrowded market where core SIP functionality is the same, vendors need to differentiate their offerings based on price and services that go above and beyond basic SIP trunking.
For example, while $25 per trunk for unlimited U.S. calling is the norm for basic services, some SIP trunking vendors will differentiate themselves with no contract and free trial offers.
SIP trunking is a potential target for network hackers due to its IP-based nature, so it's no surprise SIP trunking security capabilities are highly sought after.
Vendors use a mix of three security measures to protect their SIP services:
- Trunk encryption uses transport layer security to protect SIP trunks by encrypting traffic that flows from PBX to SIP trunking vendor
- IP Authentication provides additional protection for SIP trunks by requiring credentials for access.
- Fraud protection services monitor SIP trunks to make sure users are staying within an organization's target spending limits. The last thing you want is someone hacking your SIP trunk and calling the world on your dime.
While it is not addressed directly by many vendors, SIP users should be aware that denial-of-service and other IP attacks are no longer limited to data apps. Some hackers have been exploiting VoIP protocols to barrage systems with VoIP- and SIP-specific attacks.
Session border controller vendors have only recently recognized and addressed this security threat. Be sure to ask any prospective SIP trunking vendors how they handle such situations.
Do you have a question for Kevin Tolly or any other experts? Ask your enterprise-specific questions today! (All questions are treated anonymously.)
Compare the pros and cons of SIP trunking and PRI