If your system uses SIP phones as external stations, hackers can gain entry to the system by sending a SIP message that duplicates the SIP URI of a SIP phone user, for example, vwilliams@sip:www.Vertical.com. Without protection, Wave assumes the call is coming from the external station and automatically logs it in and provides internal dial tone, permitting the caller to place outbound calls through Wave.
|
•
|
Make sure that each SIP phone uses authentication credentials whenever it connects to Wave. |
|
•
|
If your system interacts with an external SIP server, such as a PSTN gateway or a SIP provider (IPSP), set up two SIP spans, one to handle SIP stations and the other to handle traffic from the external SIP server. |