SIP Architecture & Security

New Admin

11 years ago

SIP Basics
- SIP’s place in today’s business and telecommunications marketplace
- Protocol messages and features
- Protocol and how it’s handled on the network
- Elements of a SIP message: Header, RTP stream, and more
- Routing SIP messages
- Call set-up
- Control features supported

SIP Devices and Systems: How Each Element Is Used, Potential Issues, Design and Security Considerations
- Gateways
- Media servers
- Application servers
- Registrars
- Proxy servers
- Load balancers
- End points
- Route plans

SIP and Media Control: An In-depth Discussion of How the Media (Audio, Video, or Messaging) are Handled in SIP for Recording, Conferencing, and Mixed Applications

SIP-T (SIP Trunking)
- Architecture
- Protocol and formats
- Vendor/carrier Issues and variations

SIP Security: An Introduction
- SIP security challenges: An overview
- How SIP security fits into the overall data security strategy
- How SIP security relates to the traditional telecommunications security
- Discussion of the SIP protocol using the OSI model
- SIP’s architectural vulnerabilities

Physical Layer Security: Discussion of Security Factors of SIP Endpoints (Telephones)
- Configuration files
- Tools for loading configuration files
- User access levels
- Other security factors

Data Link Layer Security
- Firewalls and NAT’s
- SIP architecture and potential threats that are handled by the firewall
- Denial of Service (DoS) attacks
  - DoS attacks on SIP network components
  - DoS risk mitigation

Transport Layer Security: Digest Authentication and SIP
- How it is implemented in the SIP protocol
- How it is used against threats or attacks

Session Layer Security
- Security vulnerabilities of the SIP protocol
  - SIP standard and attacks
  - IETF and security standards
- Application-level security vulnerabilities
  - General
  - Vendor-specific issues for the leading vendors
- Encryption issues for SIP
  - Encryption as it relates to SIP
  - Tradeoff between real-time processing requirements and security

Presentation Layer Security: Rights and Access Levels

Application Layer Security: Load Balancers, Proxy Servers, Media Servers, etc.
- Securing SIP architecture components
- Password issues with SIP and applications
- User authentication
- Remote system access issues

Network Security Issues and SIP
- New vulnerabilities related to SIP messages on the network
- How SIP fits into the current network security plans and designs

Security of Gateways, One of the Most Vulnerable Elements of SIP design

Security Best Practices Related to the SIP Protocol
- Security audit methods
- Vendor management
- Testing systems and devices: Available tools

Wrap-up: Course Recap, Q/A, and Evaluations

Exit mobile version