This letter is to remind everyone of VOIP Security best practices. Security is important with every aspect of a company. We lock doors, use alarm systems, set passwords and change them regularly. The same concepts and requirements apply to phone systems, traditional or VOIP based.

There are a handful of basic security measures that should be deployed in order to protect your network from fraud and abuse:

• IP-PBX systems should only accept connections from on-site phones and specific IP addresses.
• Strong passwords and MD5 authentication or public/private keys should be used to protect valid user accounts from being exploited.
• SIP Proxies and Firewall systems should be configured with ACLs to prevent access from unauthorized IP address blocks.
• SIP account passwords and device configuration passwords should not be shared with anyone.

It is also important to secure other services on your IP PBX system. Services like HTTP, FTP and SSH are commonly exploited services which should be tightly restricted. PBX Systems should be behind firewalls and SIP Proxy services should be used to pass traffic between external and internal systems.

To assist in securing your network and your PBX system the following are the address blocks allocated to Voxitas. All SIP signaling and in most cases, all RTP traffic will come from these blocks and these blocks only.

206.80.64.0/19 and 209.40.224.0/19

If you are concerned about the security of your system please contact your PBX Vendor to discuss with them the security of your system. We are happy to work with them and answer any questions they may have about securely interconnecting with our network.

It is important to remember that you will be responsible for any financial implications if your PBX system is improperly used. You should check with your insurance providers to make sure you would be covered in case of fraud.


Thank You,

Voxitas