Skip navigation

Security and Performance

The good news is that SIP applications are no more or less secure than any other IP-based service and if secured correctly they become more secure than the TDM systems we have used for last 50 years. However they are more difficult to secure than other IP applications.

Latency, jitter and loss: VoIP and other real-time services are more sensitive to latency, jitter and packet loss than other IP applications. With email or web browsing a few seconds’ delay or an occasional resend goes unnoticed. But with VoIP, a small delay or the loss of a few packets can destroy the quality of the call. Security mechanisms increase the risk of unacceptable performance by introducing delay into the packet stream, and the “stronger” the level of security, the greater the potential delay.

Dual-path architecture: SIP’s dual-path architecture adds to the challenge. With most applications, control traffic and data traffic share a single protocol—HTTP for web browsing, SMTP for email, etc.—and a single end-to-end network path. But with SIP applications, at least two paths and two protocols are involved—generally SIP for signaling and RTP for media. A successful security solution, therefore, must maintain a coordinated view of both traffic streams and must scale in multiple dimensions simultaneously.

In short, existing solutions cannot meet the VoIP security challenge.

    Solutions developed for non-real-time applications like email and web browsing cannot meet the QoS requirements of real-time communication or assert coordinated control across separate signaling and media protocols.

    Traditional session border controllers, designed to manage inter-carrier connections, do not provide the comprehensive security required at the edge nor do they stop application-layer attacks.

    And virtual private networks (VPNs) based on IPSec are too usually too cumbersome to address the dynamic any-to-any traffic of VoIP calls.


Covergence Session Manager (CSM) is the first solution that meets the challenges of securing large-scale SIP service delivery. Designed specifically for the access edge, CSM secures, manages, controls and scales access to VoIP and other SIP services. With CSM, organizations and their customers reap the benefits of IP real-time communication and collaboration with complete safety, reliability and control.