Service providers must remain vigilant against security threats or risk losing customers who fall victim to attacks. The choice of network components is key. Both firewall vendors and Session Border Controller (SBC) vendors claim protection against SIP threats. Firewalls protect against threats carried by the SIP protocol packets themselves. SBCs also correlate session parameters established by the SIP protocol with the RTP data stream. This protects against a type of theft of service in which the SIP protocol specifies a low bandwidth session, but then a high bandwidth stream of RTP packets is sent. SBCs also filter incoming REGISTER and INVITE requests to protect network components from denial of service attacks. The SBC discards requests that exceed network capacity but recognize and pass through prioritized requests, such as 911 calls. Some SBCs have been enhanced to detect and block SPIT and other types of threats such as viruses carried in SIP headers. Service providers must monitor and assist in the work of standards bodies as they develop defenses against threats. Service providers must adopt standards as they are developed and insist that enterprise customers adhere to the requirements placed upon them. Enterprise customers must also be educated about how to address threats beyond the service provider interface. For example, placing a firewall between data and voice VLANs protects against hackers who attempt to gain access to the internal data network. Viruses and spam have been expensive irritants to email and web users. SIP and VoIP offer attractive targets to hackers. Only vigilance on the part of all interested parties can protect against potentially serious damage from attacks. | 
