May 29th, 2018 – According to FBI, many computer routers that connect US homes and businesses to the internet may be hacked or infected by malware. The malware may steal users’ personal data or cripple your website service.

“Foreign cyber actors have compromised hundreds of thousands of home and office routers and other networked devices worldwide,” the FBI said in a warning released on Friday.

What can you do?

  • Reboot your home or office routers immediately
  • Disable remote management settings on the router
  • Update your login with a secure password
  • Make sure your security is updated to the latest available version of firmware

It’s important to regularly update your firmware and have the latest VoIP networking equipment to ensure that your VoIP system is well protected from intruders.

If you need help with upgrading switches, routers, session border controllers, or other security appliances, call one of our VoIP consultants at 1-800-398-8647 today!

We co-hosted a Security webinar Part I with Sangoma this Tuesday and our audience had a lot of questions regarding SBCs, VPN, dynamic IPs, PBX and other security issues. We would like to share the Q&A session with all of you who may have the same questions!

Also, don’t forget the Security Webinar Part II is coming on February 6th! Register early to save your seat!

1. For the session border controller if we have any IPS static do we need one? Then we wouldn’t have ports open to the entire world but only from specific?

Answer: This will protect you as long as your users do not have infected devices at that IP address. Putting a SBC into the equation ensures that only the traffic you want passes onto your network.

2. What if you use a VPN? Do you still need a SBC?

Answer: VPN will secure the device (in this case the IP phone), but you are still opening up ports for your SIP provider. You must also consider the fact that your user may connect an infected PC or Laptop to that phone, which would now have a secure connection directly to your LAN. The same thing applies if your users are using a softphone over VPN using an infected device.

3. If we use remote phones and they are on dynamic IP’s or travel then we should be using an SBC?

Answer: Absolutely.

4. I would imagine VPN from endpoints to PBX, like OpenVPN with the Sysadmin Pro module. So if I have FreePBX, Sysadmin Pro module with Sangoma phones running OpenVPN, what does adding the SBC get me? SIP trunks, like Bandwidth or Flowroute. The PBX is hosted.

Answer: VPN will secure the device (in this case the IP phone), but you are still opening up ports for your SIP provider. You must also consider the fact that your user may connect an infected PC or Laptop to that phone, which would now have a secure connection directly to your LAN. The same thing applies if your users are using a softphone over VPN using an infected device.

5. What if our phone system is cloud hosted. Do we need an SBC?

Answer: Yes. Since you would need to open ports on your firewall to allow SIP traffic thru to your phones.

6. If you are using HA do you need 2 SBCs?

Answer: Since the two PBXs are on the same network, you would only need 1 SBC.

7. What if the SBC fails in the field.  Do you need a hot-swappable or can you run the system without the SBC?

Answer: A system will run without it and hopefully your backup security strategies will protect you until you get another SBC deployed. If security is your number 1 priority you should have a backup if your budget allows for it.

More questions? Utilize the comment box below to ask our VoIP Experts or simply raise your phone to contact Brian Hyrek at bhyrek@voipsupply.com or 716-531-4318!

I’ll admit it. The term “Software Defined” or “SD” is as big a buzz phrase as “The Cloud.” I’m not a huge fan of buzz nomenclature, but sometimes it is the best way to describe a concept in a familiar way, especially when discussing technology. If I were playing devil’s advocate, I’d ask: Isn’t everything software defined? Yes, mostly it is, but when you say SD, or SDN (software defined networking), you imply a new iteration of conventional thinking. A new way of doing things, a more flexible, better way.
network-image
No longer are we bound to the holy gospel of Cisco, or dedicated internet circuits. We can do things with more intelligent, dynamic, and overall thoughtful methods. Gone will be the days of individually configuring routers and switches because they will all be centrally managed and monitored. Yes, Cisco already participates in SDN, but I’d argue that it’s not always affordable for the average SMB.

Software Defined WAN (SD-WAN) is a concept of centrally connecting and managing multiple sites or branches using a variety of internet connections. For example: DOCSIS (cable modem), 3G/4G, or line of sight wireless. The internet is to reduce dependency on technologies like multi-protocol label switching, which traditionally required leased lines from the same provider. If you’ve had to purchase one, you know that leased/dedicated lines are expensive. You can use SD-WAN to augment an existing MPLS connection or discard it all together which will generate significant savings for your business.

SD-WAN (also referred to as vMPLS) is a feature on services like SimpleWan and can be utilized on their cloud based controller. When you purchase a firewall from them and a subscription to their service, you achieve a single sight picture of your entire network regardless of how many branches you have. Also, I’d like to re-emphasize that SimpleWan, and subsequently SD-WAN is carrier agnostic. So, it does not matter if you have multiple locations from one end of town to the other, or from New York, to Beijing. As long as the devices can connect to SimpleWan, you have a singular infrastructure with potentially very diverse internet connection methods.

security-imageYou might be thinking: Why not just use VPNs? Well, you are, but with SD-WAN you’re using a variety of technologies that perform the configuration for you, and establish redundant meshed paths that can decide which direction to send traffic based on bandwidth. Like I said before, SD is a new iteration of the conventional.

What does any of this have to do with VoIP? Well, if you’ve read ANYTHING regarding SIP and NAT, you’ve found out they don’t traditionally get along. Leveraging SD-WAN allows you to bypass any NAT traversal increasing your success with two-way audio. A SIP phone is much happier when it can talk to another local IP and the other end. I’d also be remiss in not mentioning that Quality of Service (QoS) in an integral part of SD-WAN which can prioritize voice and video applications.

Give SD-WAN (from SimpleWan) a chance if you’re considering cutting the cord from your expensive MPLS circuits. As always, thanks for reading and happy VoIPing!

Patton-Banner

Patton Electronics SmartNode 4170 Gateway & SmartNode 5570 ESBR

For over 30 years, Patton SmartNode™ has been known for its high quality VoIP products and outstanding customer support. From VoIP Gateways to Session Border Controllers, they offer comprehensive VoIP products, as well as FREE technical support and upgrades for both pre and post-sales.

Patton-SmartNode-40170-Single-Port-PRI-VoIP-GatewayTo better address a variety of applications, Patton has recently released two new models: SmartNode 4170 PRI VoIP Gateway and SmartNode 5570 Enterprise Session Border Router – targeting enterprise businesses that are searching for cost-effective VoIP solutions to bridge PBX systems on multiple sites, or even to connect to a public Internet telephony service.

Comparing the SN1470 and the SN5570

Patton has a wide range of VoIP gateways/ routers to meet customer’s specific requirements. The SN4170 provides seamless network integration that matches up to ISDN standards for features and quality, and also offers an option for one T1/E1, and one Gigabit Ethernet port that can process up to 15 concurrent SIP calls.

patton-webinar-january-2016 (3)

Process up to 512 Simultaneous Calls

SN5770 can be used as an Enterprise Session Border Router or as a VoIP gateway/router that bridges IP-PBX products to their SIP Trunk service providers. It also comes with built-in security systems such as SIP TLS, SRTP, and also Stateful Firewall and Secure provisioning, which will ensure the protection of any LAN network. In addition to the two T1/E1 ports, the SN5570 can process up to 512 simultaneous SIP calls.

Ease of set up with an online wizard

Both models are equipped with full telephony features and VoIP protocol support, such as flexible call routing, hold, transfer, and also 3-way conferencing. Also, like other SmartNode products, these products provide a high-precision clock for delivering first-line IP telephony service in ISDN and DECT environments, an easy to use Web Wizard that enables convenient installation, and a customized web interface.

The table below gives you a side by side comparison of the two Patton units.

Patton SmartNode

Contact Us Today

For more information or questions, please call our experts today at 1-800-398-VoIP. We are here to help you create the best VoIP solution for your business, and would love to hear from you! Please utilize the comment box below and drop us a note! We are excited to hear what YOU have to say about this product.