The good news for the VoIP industry is that SIP trunking is finally finding widespread adoption. As the industry evolves, however, security now is the order of the day.
“SIP trunking is no longer a nicety, it is a necessity,” noted Steven J. Johnson, president of SIP trunking provider Ingate Systems, during a chat with TMCnet at ITEXPO Las Vegas earlier this month. “AT&T is planning to move most of their TDM customers to SIP trunking within the next six to seven years. So we know now that SIP trunking is real.”
Resellers are looking for partners to bring SIP trunking to businesses of all sizes, and everybody is gaining from the benefits of SIP trunking. These benefits include cost savings, disaster recovery improvements, the ability to have call processing control in one location and local numbers around the country.
As SIP trunking adoption grows, though, the issue of toll fraud becomes a pressing one for the industry.
“There are companies that have installed PBXs on public IP addresses, they don’t take the appropriate precautions to change passwords and the credentials to get into the device,” noted Johnson. “And as a result, people who are malicious on the Internet have found ways to exploit that and to actually use those services to their own benefit without actually paying for it.”
This makes the use of session border controllers (SBCs) all the more urgent.
“That toll-fraud piece is definitely something that the SBC prevents, and it is something that we truly encourage for all the people who are installing SIP trunking to consider as a critical element of their design and implementation,” he added.
“You have to consider it very analogous to a firewall in the data world,” he said, “but this is specific to SIP and frankly does far more than a typical firewall would do in terms of routing, security and fixing up protocols between service providers and PBXs.”
Right now far too many cybercriminals are hijacking IP calling, and some claim that the losses are greater than that caused by credit card fraud. SBCs can eliminate this problem, but many firms are still ignorant of the risks from not protecting against illegal SIP trunking use.
So the next step in the evolution of IP calling is beefed-up security.