IP Phones from snom Make SIP Secure
Extensive interoperability testing and an array of security capabilities take the worry out of VoIP.
If you're deploying a conventional analog phone system, you can choose telephones from dozens, if not hundreds, of vendors. With a SIP-based IP system, however, your choices are much narrowerespecially given the proprietary nature of many such systems.
One of the few independent makers of IP SIP phones, Berlin-based snom technologies AG, has put a lot of effort into making phones that are truly interoperable with a wide range of SIP-based IP PBX product linesthat is, they reliably implement the systems' features sets, out of the box, without a lot of tweaking. Moreover, snom's phones bring serious security technology to bear on VoIP traffic.
snom founder and CEO, Christian Stredicke and business development director Mike Storella visited VoIPplanet.com recently to show off the company's latest, about-to-be released phone, the snom 370.
According to Stredicke, SIP is far short of an ironclad standard. There are lots of ways to implement the protocolswhich means that supposedly SIP-compliant phones don't necessarily play well with supposedly SIP-compliant PBXs. The remedy is interoperability testinglots of it.
There are some de facto standards, though. "We certified the last [firmware] release against Broadsoft," Stredicke told VoIPplanet.com "BroadSoft has a list of so and so many tests. So we can run through the test list, and all the features that BroadSoft are offering are being supported properly. So it's a kind of stamp [of approval]. It costs money," he concluded, "but it's good for the customer. He can see it's certified and he has a guarantee that it works."
Indeed, snom is certified with roughly a dozen switch/PBX vendors besides BroadSoftincluding the Asterisk and SipX open-source PBXs. Most recent to join the certification list is Maryland-based Patton Electronics Company's SIPxNANO IP-PBX, a super-compact unit designed specifically for SMBs (which is the market snom cultivates).
The new, top-of-the-line, Linux-based, power-over-Ethernet snom 370 has a lot of feature firsts. The phone's high-resolution (240x128 pixel) gray-scale control screen is one. Combined with the built-in HTML and XML functionality, it can display not only look-ups of contact data and images from corporate databases, but also serve up data applications such as news feeds, weather information, and the like.
The phone is bristling with fully programmable function keys and other buttons for implementing anything from speed dialing to a one-touch 911call.
Also new with the 370 is a hi-fidelity speaker from Onkyo to complement the wideband audio codecs that snom phones have had for some time. First rate sound quality on a standard telephone (as opposed to a stereo headset, such as one might use with a PC-based softphone application like Skype) is now a reality.
But perhaps the most significant innovation is the array of security measures available with the 370. Now snom introduced the SIP security protocol (SIPS) and the secure real-time transport protocol (SRTP) support several years ago to provide application-layer security. "The problem is these applications are not rolled out," Stredicke explained. In other words, these systems must be implemented on the PBX, and "there's practically no SIP system that's supporting it. It's great that we have security, but nobody can use it," he mused.
So, snom decided to supplement SIPS and SRTP with another approach: The 370 can function as a virtual private network (VPN) client, so organizations that implement VPNs can have bulletproof encrypted tunnels for all traffic between snom handsets and the company PBXthe part of voice traffic most likely to be subject to security attacks.
Unlike SIPS and SRTP, VPNs are familiar territory to many, many IT personnel. And VPN solves another security-related problem, as well: SIP's notorious difficulty in dealing with network address translation (NAT), a feature of many, many corporate firewalls. " All NAT-traversal issues go away with VPN," Stredicke asserted.
For companies that do not implement VPNs for VoIP/network security, snom has one more rabbit to pull out of the hat. Back in March of this year, it announced a strategic partnership with BorderWare Technologies wherein all snom phones (not just the 370) now work with BorderWare's SIPassure VoIP Security Gateway solution. The combination can be integrated seamlessly into any SIP infrastructure, and operate even with NAT-based firewalls.