Verizon (www.verizon.com) Global Wholesale has added IPsec tunneling to its SIP Gateway Service, toll free IP termination, and carrier IP termination transport. All three services can share a single IPsec connection.
According to Verizon, it is the only “major provider” offering IPSec, adding an additional layer of standardized security goodness without requiring vendor-specific security protocols.
Verizon says its SIP Gateway service carriers billions of minutes of use per quarter.
Verizon are the most paranoid and ass-backwards of all carriers on the planet. SIP already has TLS built-in for those who are overly paranoid of having their call-setup packets sniffed. All IPSec does is introduce another layer of unnecessary CPU loading and the need for more useless hardware.
Furthermore, Verizon does not require IPSec for H.323 connections because they’re under the mistaken impression that it is “already secure” because someone there thinks ASN.1 encoding is encryption.
Lastly, Verizon does not allow the RTP stream over their tunnel because then they’d have to explain why it’s required over SIP but not over H.323. So, they leave the RTP (voice media) bare.
Hooray for one more pointless endeavor by a self-proclaimed industry leader who has accomplished nothing more than achieve the ultimate in foolishness.