Discover Our Helpdesk & Knowledge Base

Table of contents

Table of contents

    VoIP Security Guidelines & Best Practices

    Share this on

    Protecting VoIP infrastructure and telephony services from unauthorized access and fraud is essential for maintaining secure communications.
    This guide outlines the recommended VoIP security best practices for equipment configuration, network protection, PBX security, and account access management on the modulus network.


    1. General Guidelines

    • Software / Firmware Upgrade:

    As mentioned in all configuration guides within the Help Center, you should upgrade your equipment software to the latest firmware version. It is also recommended to regularly check for new releases and proceed with updates whenever available.

    • Changing Default Credentials:

    Before configuring any VoIP equipment or software, it is important to change the default login credentials. Each device should use a unique username/password combination.

    • Do Not Share Access Credentials:

    The access credentials you receive for your VoIP accounts are strictly personal and will never be requested by a modulus representative. If you suspect that your credentials have been compromised, contact customer support immediately to have them changed and identify the source of the breach in order to restore the security gap.
     

     

    2. Network Configuration Guidelines

    • Do Not Use Port Forwarding:

    Port forwarding practices may create security vulnerabilities. By opening a port from the Internet to your equipment, you expose your system to potential attacks. For secure connectivity of remote internal devices, use the vPBX service for additional protection.

    • Do Not Configure Public IPs on PBX Interfaces:

    Avoid using public IP addresses on PBX interfaces, as this may increase security risks. If necessary, enable the Firewall on your PBX system or router.

    • Use a Separate VLAN for Telephony:

    For corporate networks, it is important to separate the VoIP phone network from the rest of the network devices by using VLANs, firewalls, or other isolation techniques.

     

    3. Asterisk Configuration Guidelines

    • Do Not Use the Default Asterisk Context:

    Avoid using the default context for answering incoming calls. In FreePBX-based distributions, disable the “Allow Anonymous Inbound SIP Calls” option under “General SIP Settings”.

    • Additional Security Measures:

    modulus provides additional security safeguards to protect you against fraud incidents, beyond the recommended measures.

     

    4. Features Provided by modulus

    • Charge-Based Call Restriction:

    You may request call restrictions for calls exceeding a specified amount. This helps protect against unwanted charges and allows different limits to be configured per terminal.

    • Destination-Based Call Restriction:

    You may request restrictions for specific destinations, such as international calls or short codes.

    • Account Access Limited to Specific IPs:

    You may request that your account is configured to be accessible only from specific IP addresses. This way, even if your account credentials are exposed to unauthorized individuals, they will not be able to use them from another IP address.

     

    Frequently asked questions

    VoIP Fraud is the unauthorized use of telephony services to make chargeable calls or exploit telecommunications resources without the account holder’s consent.

    Default passwords are often publicly known and are one of the most common ways VoIP devices and PBX systems are compromised.

     

    How often should I update the firmware on my VoIP devices?

    It is recommended to install available security and firmware updates as soon as possible to address known vulnerabilities and operational issues.

     

    Yes. Using a firewall is a fundamental security measure that helps prevent unauthorized access to VoIP devices, PBX systems, and network services.

    A VLAN (Virtual Local Area Network) allows voice traffic to be separated from the rest of the corporate network, improving both security and VoIP service performance.

    Some key security best practices include:

    • Disabling anonymous SIP calls
    • Using strong passwords
    • Enabling a firewall
    • Regularly updating software
    • Restricting access to specific IP addresses

    Signs of a potential security breach include:

    • Unusual charges
    • Calls you did not make
    • Unexplained balance consumption
    • Inability to access your services
    • Changes to settings that you did not perform yourself

    Was this article helpful?

    Thank you for your feedback!