SIP connection
Encyclopedia
A Session Initiation Protocol
(SIP) connection is a Voice over Internet Protocol (VoIP) service offered by many Internet telephony service provider
s (ITSPs) that connects a company's private branch exchange (PBX) telephone system to the public switched telephone network
(PSTN) via the Internet
.
Using a SIP connection may simplify administration for the organization as the SIP connection typically uses the same Internet access that is used for data. This often removes the need to install Basic Rate Interface
(BRI) or Primary Rate Interface
(PRI) telephone circuits.
To mitigate this, many companies split voice and data between two separate internet connections. Other options include incorporating multiple VLANs (virtual local area networks), traffic shaping
to avoid this resource conflict, but the efficacy of this solution is dependent on the number of packets dropped between the Internet and the PBX.
Registration is required if the end user has a dynamic IP address, if the provider does not support static hostnames, or if NAT
is used. In order to share several DID numbers on the same registration, the IETF has defined additional headers (for example "P-Preferred-Identity", see RFC 3325). This avoids multiple registrations from one PBX to the same provider. Using this method the PBX can indicate what identity should be presented to the Called party
and what identity should be used for authenticating the call. This feature is also useful when the PBX redirects an incoming call to a PSTN number, for example a cell phone, to preserve the original Caller ID
.
Users should also be aware that a SIP connection can be used as a channel for attacking the company's internal networks, similar to Web and Email attacks. Users should consider installing appropriate security mechanisms to prevent malicious attacks.
is not an option for most service providers, most service providers that offer secure SIP connections use TLS
and SRTP
for encrypting the traffic. The keys for SRTP are exchanged using RFC 4568 (SDES
).
Session Initiation Protocol
The Session Initiation Protocol is an IETF-defined signaling protocol widely used for controlling communication sessions such as voice and video calls over Internet Protocol . The protocol can be used for creating, modifying and terminating two-party or multiparty sessions...
(SIP) connection is a Voice over Internet Protocol (VoIP) service offered by many Internet telephony service provider
Internet telephony service provider
An Internet telephony service provider offers digital telecommunications services based on Voice over Internet Protocol that are provisioned via the Internet....
s (ITSPs) that connects a company's private branch exchange (PBX) telephone system to the public switched telephone network
Public switched telephone network
The public switched telephone network is the network of the world's public circuit-switched telephone networks. It consists of telephone lines, fiber optic cables, microwave transmission links, cellular networks, communications satellites, and undersea telephone cables, all inter-connected by...
(PSTN) via the Internet
Internet
The Internet is a global system of interconnected computer networks that use the standard Internet protocol suite to serve billions of users worldwide...
.
Using a SIP connection may simplify administration for the organization as the SIP connection typically uses the same Internet access that is used for data. This often removes the need to install Basic Rate Interface
Basic rate interface
Basic Rate Interface is an Integrated Services Digital Network configuration intended primarily for use in subscriber lines similar to those that have long been used for plain old telephone service...
(BRI) or Primary Rate Interface
Primary rate interface
The Primary Rate Interface is a standardized telecommunications service level within the Integrated Services Digital Network specification for carrying multiple DS0 voice and data transmissions between a network and a user....
(PRI) telephone circuits.
Deployment issues
If the call traffic runs on the same connection with other traffic, such as email or Web browsing, voice and even signaling packets may be dropped and the voice stream may be interrupted.To mitigate this, many companies split voice and data between two separate internet connections. Other options include incorporating multiple VLANs (virtual local area networks), traffic shaping
Traffic shaping
Traffic shaping is the control of computer network traffic in order to optimize or guarantee performance, improve latency, and/or increase usable bandwidth for some kinds of packets by delaying other kinds of packets that meet certain criteria...
to avoid this resource conflict, but the efficacy of this solution is dependent on the number of packets dropped between the Internet and the PBX.
Registration is required if the end user has a dynamic IP address, if the provider does not support static hostnames, or if NAT
Network address translation
In computer networking, network address translation is the process of modifying IP address information in IP packet headers while in transit across a traffic routing device....
is used. In order to share several DID numbers on the same registration, the IETF has defined additional headers (for example "P-Preferred-Identity", see RFC 3325). This avoids multiple registrations from one PBX to the same provider. Using this method the PBX can indicate what identity should be presented to the Called party
Called party
The called party is a person who answers a telephone call. The person who initiates a telephone call is the calling party....
and what identity should be used for authenticating the call. This feature is also useful when the PBX redirects an incoming call to a PSTN number, for example a cell phone, to preserve the original Caller ID
Caller ID
Caller ID , also called calling line identification or calling number identification or Calling Line Identification Presentation , is a telephone service, available in analog and digital phone systems and most Voice over Internet Protocol applications, that transmits a caller's number to...
.
Users should also be aware that a SIP connection can be used as a channel for attacking the company's internal networks, similar to Web and Email attacks. Users should consider installing appropriate security mechanisms to prevent malicious attacks.
Encryption
The increasing concerns about security of calls that run over the public Internet has made SIP encryption more popular. Because VPNVoIP VPN
A VoIP VPN combines voice over IP and virtual private network technologies to offer a method for delivering secure voice. Because VoIP transmits digitized voice as a stream of data, the VoIP VPN solution accomplishes voice encryption quite simply, applying standard data-encryption mechanisms...
is not an option for most service providers, most service providers that offer secure SIP connections use TLS
Transport Layer Security
Transport Layer Security and its predecessor, Secure Sockets Layer , are cryptographic protocols that provide communication security over the Internet...
and SRTP
Secure Real-time Transport Protocol
The Secure Real-time Transport Protocol defines a profile of RTP , intended to provide encryption, message authentication and integrity, and replay protection to the RTP data in both unicast and multicast applications...
for encrypting the traffic. The keys for SRTP are exchanged using RFC 4568 (SDES
SDES
SDES stands for Session Description Protocol Security Descriptions for Media Streams and is a way to negotiate the key for Secure Real-time Transport Protocol. It has been standardized by IETF in July 2006 as RFC 4568.- How it works :...
).