A remote phone deployment is completely different than SIP trunking. Remote phones are dynamic in location, and require significantly more calling features. Remote phones cannot be considered as peers, since phones register for services and change IP addresses often across multiple devices and locations. Remote phones require automatic provisioning with file servers and possibly require web access and REST API access to the IP‑PBX. The interconnectivity between a remote phone and IP‑PBX is complicated with many communication requirements.
The application of security solutions involves providing a Session Border Controller (SBC) solution that is used to define the remote phone to the IP‑PBX relationship between various networks using VoIP application layers, file provisioning and other services while ensuring signaling and media are secure. This method highlights the strength of the SBC to protect the IP‑PBX, while providing solutions for remote phones located behind other firewalls.
In this example, the IP‑PBX resides behind an SBC. The SBC is the border element between Internet (or untrusted network zones) and Local Area Networks (or trusted zones). The SBC is a network security device as well as a VoIP security device that monitors incoming and outgoing network and voice traffic and decides whether to allow or block specific traffic based on a defined set of network and voice security rules.
If you enjoyed this blog, and would like to learn more about Security Best Practices for VoIP, download our whitepaper here: sangoma.com/voip-security-best-practices/