SIP is an ASCII protocol that facilitates the formation, modification and execution of communication sessions between individual or multiple participants. The participants can either be a person (videoconferencing clients) or an automation component (voicemail server) or a device that can interact in a similar manner. Various interaction types can be incorporated in these communications, including peer-to-peer or multipoint communication. Users have an address that simulates an email address for identification and location purposes.
All SIP-based communication sessions share at least three typical separate activities and protocols. They are as follows:
- SIP provides the basic signaling between participants to set up the session.
- SIP uses the Session Description Protocol (SDP) to classify the nature of the communication utilize within session.
- SIP uses the suitable protocol to convey information in the session.
SIP’s key functions
SIP has four key functions provided by that facilitates various interaction capabilities. Think of SIP as a building being built with different capabilities as it is being built.
Name mapping and redirection
This involves the translation of participants (client’s)’ descriptive naming information to SIP location information. This function is one of two which occurs during the sessions’ setup.
This incorporates the second function occurring during session setup. The various media capabilities of the participants are determined by the SIP in order to assure appropriate usage of media facilities during the session.
This SIP function enables participant management by allowing participants to control the incorporation of new arrivals into a session or the termination of existing participants during a session. An example of this would be establishing a conference session and adding additional users to the session so that they too can participate in full multimedia session.
SIP is able to monitor the media capabilities during a session and thus make the appropriate adjustments when necessary. This dynamic capability will adjust the client’s interaction with other clients by adjusting the session dynamically to reflect a compounded matrix of capabilities.
The five SIP components
- User Agent Client (UAC)
- User Agent Server (UAS)
- Proxy Server
- Redirect Server
- Registrar Server
User agent client (UAC)
UAC is one of two client–side components, the other being the User agent server (UAS).
The UAC is an application that initiates up to six feasible SIP requests to a UAS.
The six requests issued by the UAC are: INVITE, ACK, OPTIONS, BYE, CANCEL and REGISTER.
When the SIP session is being initiated by the UAC SIP component, the UAC determines the information essential for the request, which is the protocol, the port and the IP address of the UAS to which the request is being sent. This information can be dynamic and this will make it challenging to put through a firewall for this reason it may be recommended to open the specific application type on the firewall. The UAC is also capable of using the information in the request URI to establish the course of the SIP request to its destination, as the request URI always specifies the host which is essential.
The port and protocol are not always specified by the request URI. Thus if the request does not specify a port or protocol a default port or protocol is contacted. Using this method may be the preferred message when not using an application layer firewall like a Cisco PIX, application layer firewalls like to know what applications are flowing though witch ports and it is possible using content types that other applications other than the one you are trying to let through be denied.
User agent server (UAS)
UAS is the Server that hosts the application responsible for receiving the SIP requests from a UAC, and on reception returns a response to the request back to the UAC.
The UAS may issue multiple responses to the UAC, not necessarily a single response.
Communication between UAC and UAS is client/server and (peer-to–peer).
The proxy server as in most cases acts as mediator that services the requests or forwards them to other UASs or UACs for servicing. Proxy server can use an intraorganizational configuration through which to route all its sip communications. Intra-organizational configuration can be described when users messages are routed through a proxy server before the messages are relayed to the destination SIP client. This occurs when initiating a SIP session to another user within the same organization. This can be useful for internal communication where security over an internet link can be a problem.
The inter-organizational configuration is an extension of the intraorganizational one. Users from various organizations have their UA configured to be directed to their respective proxy servers, the proxy servers then communicate with each other to convey the message.
Proxy server can also be used for name mapping. That is a proxy server can question a location service and map an external SIP identity to an internal SIP identity. These proxy servers are not Firewalls they are independent servers on the internet that proxy the request on behalf of the user for various reasons.
The redirect server allows for redirection which enables users to temporarily change geographic location and still be contactable through the same SIP identity. In the future this will be the way that telephone communications will work and with the arrival of wireless is an accommodating way to enable the client to be handed over from server to server as the user moves around. The RTC server implements the proxy server and the redirect server on one server. A server with combined functions is called a SIP server. Determination of how the SIP messages will be processed, that is whether the messages go to the proxy or the redirect server, is determined through the configuration settings on the SIP server. Using this technology it is also possible to keep the service running while some of the servers are being worked on and maintained.
The Registrar server makes it possible for users to alter the address at which they are contactable. This is possible through the SIP client sending a REGISTER request of change of an address to the registrar server, which then accepts the request and records the user’s new address.
There are two ways in which the SIP clients can contact the registrar server. The first way is through a direct approach, by utilizing information that is configured into the client. Secondly through an indirect approach, which users the multicast address to contact the registrar server.
The registrar function can also be added to the SIP server containing the proxy server and redirect server as discussed previously. Thus the RTC server implements the proxy, redirect and registrar functions on one SIP server. This function can only be performed once authentication has taken place and valid user credentials are checked.
SIP uses port UDP5050 to communicate and establish connectionless sessions to servers and clients on ports specified during the session. There is a move afoot to use SIP more and more on IP compatible PSTN networks as telephone switching starts to become incorporated into interconnected LANs, WANs and MANs. Telecommunication looks bright and affordable if this protocol is harnessed. Some search engines are already beginning to harness the technology’s potential by planning to incorporate a call now feature after searching for a company or resource takes place.
The above Diagram depicts how a client links to another client using the SIP infrastructure
SIP is a standard for multimedia conferencing at the application later and is becoming more widely used on the internet as a basis for communication, understanding this protocol’s place will help the Firewall and Security professional to make provision for this protocol on the network. This article highlights how SIP functions with its various components. This protocol is a direct competitor to H.323 the advantage is it is collaborative and widely supported. For more information, see RFC 2543—SIP.