This document covers the configuration procedure to implement SIP Protection for securing devices and endpoints against various forms of attacks and vulnerabilities. Deploying a VoIP infrastructure introduces a new set of challenges and Securing Unified Communications allows the phones to communicate over the secure real time protocol and prevent access from allowing unsecured devices.
SIP Security Protection is a supplementary step that can provide greater protection from various forms of attacks.
SIP Security Protection Points
SIP Listening Port
SIP Digest Authentication
SIP Hostname Validation
1. SIP Listening Port
Default SIP Listen ports are 5060 (UDP/TCP) and 5061 (TLS). These ports are well-known and can be the target of attacks. Change the SIP Listen port to a different setting that is not well-known
voice service voip sip shutdown
voice service voip sip listen-port non-secure 2000 secure 2050
2. Host name Validation
Initial INVITEs with a hostname URI are compared to a configured list of up to 10 hostnames. If there is no a match to the INVITE, the Cisco Unified Border Element returns a "400 Bad Request—Invalid Host"
Hello I have configured some SIP TRUNKs and works well. My question is if there is a way where if my wan failure the calls could re route through PSTN? I was reading AAR but it says that this options is used only when Location CAC isn't sufficen...
Hello everyone, I know the obvious answer involves CSS and partitions BUT on a VG if I have several lines that have to stay in the same CSS and partition is there a way to block calls between these extensions but still allowing inbound/ou...
I am experiencing a trouble when I set a campaign up and I try to enable it. Indeed, it simply does not start any call.tl;dr: after the campaign definition, I enable it. Pending contacts number goes immediately to 0 but any call is performed.Context detai...