- SIP Basics
- SIP’s place in today’s business and telecommunications marketplace
- Protocol messages and features
- Protocol and how it’s handled on the network
- Elements of a SIP message: Header, RTP stream, and more
- Routing SIP messages
- Call set-up
- Control features supported
- SIP Devices and Systems: How Each Element Is Used, Potential Issues, Design and Security Considerations
- Gateways
- Media servers
- Application servers
- Registrars
- Proxy servers
- Load balancers
- End points
- Route plans
- SIP and Media Control: An In-depth Discussion of How the Media (Audio, Video, or Messaging) are Handled in SIP for Recording, Conferencing, and Mixed Applications
- SIP-T (SIP Trunking)
- Architecture
- Protocol and formats
- Vendor/carrier Issues and variations
- SIP Security: An Introduction
- SIP security challenges: An overview
- How SIP security fits into the overall data security strategy
- How SIP security relates to the traditional telecommunications security
- Discussion of the SIP protocol using the OSI model
- SIP’s architectural vulnerabilities
- Physical Layer Security: Discussion of Security Factors of SIP Endpoints (Telephones)
- Configuration files
- Tools for loading configuration files
- User access levels
- Other security factors
- Data Link Layer Security
- Firewalls and NAT’s
- SIP architecture and potential threats that are handled by the firewall
- Denial of Service (DoS) attacks
- DoS attacks on SIP network components
- DoS risk mitigation
- Transport Layer Security: Digest Authentication and SIP
- How it is implemented in the SIP protocol
- How it is used against threats or attacks
- Session Layer Security
- Security vulnerabilities of the SIP protocol
- SIP standard and attacks
- IETF and security standards
- Application-level security vulnerabilities
- General
- Vendor-specific issues for the leading vendors
- Encryption issues for SIP
- Encryption as it relates to SIP
- Tradeoff between real-time processing requirements and security
- Security vulnerabilities of the SIP protocol
- Presentation Layer Security: Rights and Access Levels
- Application Layer Security: Load Balancers, Proxy Servers, Media Servers, etc.
- Securing SIP architecture components
- Password issues with SIP and applications
- User authentication
- Remote system access issues
- Network Security Issues and SIP
- New vulnerabilities related to SIP messages on the network
- How SIP fits into the current network security plans and designs
- Security of Gateways, One of the Most Vulnerable Elements of SIP design
- Security Best Practices Related to the SIP Protocol
- Security audit methods
- Vendor management
- Testing systems and devices: Available tools
- Wrap-up: Course Recap, Q/A, and Evaluations