Showing results for 
Search instead for 
Did you mean: 





This document covers the configuration procedure to implement SIP Protection for securing devices and endpoints against various forms of attacks and vulnerabilities. Deploying a VoIP infrastructure introduces a new set of challenges and Securing Unified Communications allows the phones to communicate over the secure real time protocol and prevent access from allowing unsecured devices.


SIP Security Protection is a supplementary step that can provide greater protection from various forms of attacks.



SIP Security Protection Points



  • SIP Listening Port
  • SIP Digest Authentication
  • SIP Hostname Validation
  • SIP Registration
  • CDR



1. SIP Listening Port


Default SIP Listen ports are 5060 (UDP/TCP) and 5061 (TLS). These ports are well-known and can be the target of attacks. Change the SIP Listen port to a different setting that is not well-known



voice service voip

voice service voip
listen-port non-secure 2000 secure 2050


2. Host name Validation


Initial INVITEs with a hostname URI are compared to a configured list of up to 10 hostnames. If there is no a match to the INVITE, the Cisco Unified Border Element returns a "400 Bad Request—Invalid Host"


permit hostname
permit hostname
permit hostname
permit hostname


3. Digest Authentication


SIP Proxy challenges INVITEs from the Cisco Unified Border Element to check endpoint validity with 401 Unauthorized. The Cisco Unified Border Element responds with INVITE including credentials


authentication username xxx password yyy


4. Registration


The Cisco Unified Border Element can send SIP REGISTER messages with credentials to a proxy. Register statically on behalf of endpoints behind the Cisco Unified Border Element that do not register.


x(config-sip-ua)#credentials username 1001 password cisco realm

registrar ipv4: expires 3600
credentials username 1001 password
0822455D0A16 realm



Related Information


Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Quick Links