Security - Made in Germany
Security is a Top Priority for innovaphone

Currently, analog and ISDN networks throughout Europe are being switched over to standard Internet Protocol (IP). End customers and resellers need to deal with IP telephony. Here, the issue of security also plays an important role. innovaphone, manufacturer of IP Telephony and Unified Communications solutions made in Germany, has a secure solution for this.

The innovaphone PBX is equipped with a lot of different security mechanisms that provide the best possible protection against a wide variety of attacks.

In this context, innovaphone is permitted, for example, to carry the trust seal "IT security made in Germany" from TeleTrusT, the German IT security association (Bundesverband IT-Sicherheit e.V.). It is awarded exclusively to German IT companies that develop their products in Germany and meet strict criteria on IT security and data protection.

Within the scope of a labelling initiative, TeleTrusT introduced the optional labellingIT Security made in Europe in 2020 and awarded this trust seal to innovaphone in addition to the trut seal “IT Security made in Germany”.


 

The innovaphone PBX runs on a very lean and fast operating system that has especially been developed. Viruses, worms and Trojans are not known for this operating system. The different ways of communicating from establishing connections, over voice and data connections to administration and address data access can be controlled via a variety of standardized security protocols. The DTLS-SRTP protocol allows device-to-device encryption. This high degree of security is available for all innovaphone PBX connections, if necessary.

Firmenlogo Teletrust | Security Trust Seal

innovaphone Session Border Controller - on Board

The increased prevalence of SIP ports caused by the switch from the ISDN network to All IP across Europe is accompanied by uncertainty and new security requirements because All IP makes it necessary for every PBX to be open to the internet. The innovaphone Session Border Controller (SBC) supports all relevant security mechanisms and reliably protects the innovaphone PBX against attacks from the internet. Since the innovaphone SBC is directly integrated into the innovaphone PBX, no other external or third-party SBC is needed. This simplifies installation and ensures 100% compatibility, bringing a cost advantage for the customer. The innovaphone SBC can either run as a separate process on the innovaphone PBX or can be installed on a separate innovaphone VoIP gateway.

Anywhere Workplace - Flexible and Secure

One special challenge for security is caused by the additional demands of  borderless communication and mobility, as it is the case with Unified Communications and WebRTC solutions. The innovaphone Reverse Proxy is particularly suited for such Anywhere Workplace scenarios. As an independent component in the innovaphone Reverse Proxy, it serves as a central authority for all inbound connections from the internet. As a result, attacks are detected and repelled at an early stage. In the same way as the innovaphone SBC, the innovaphone Reverse Proxy  can either run as a separate process on the innovaphone PBX or it can be installed on a separate innovaphone VoIP gateway, e.g. the IP0011.

Brute-Force Protection: myApps Accounts Reliably Protected against Unauthorized Access

Having access to myApps anywhere and anytime provides a lot of flexibility and mobility for users. However, specialized security mechanisms against unauthorized access, so-called brute-force attacks, are required to make sure that the accounts are adequately protected. If the innovaphone PBX recognizes such a brute-force attack on a myApps user account, an automatic mechanism will slow down the login attempts of the attacker. New login attempts with a wrong password will be blocked for increasing time intervals. The blocked account can then only be unblocked by the respective user entering the correct password.

 

innovaphone PBX Security Protocols

 

TLS

   -

    Encryption and certificate-based authentication for various applications

HTTPS

   -

    HTTP over TLS, encrypted web access to administration

H.235

   -

    Authentication with encrypted password

SIPS

   -

    SIP over TLS, SIP security

H.460.17

   -

    H. 323 over TLS, registration and signaling via TLS encrypted

SRTP

   -

    SDES-encryption of media data (voice, video,...)

DTLS-SRTP

   -

    TLS encryption of media data

LDAP via TLS

   -

    Data encryption for contact data via LDAP

IEEE 802.1X

   -

    Access control to the network, also with EAP-TLS

Kerberos

   -

    Authentication via central server

X.509 Certificates

   -

    Certificate-based authentication for TLS

 

   
    Notice on Cookies

This website uses cookies to provide you with an optimal website experience. This includes cookies that are necessary for the operation of the website, as well as cookies that are only used for anonymous statistical purposes or for convenience settings to display special content. You can decide for yourself which settings you would like to allow. Please note that not all functionalities of the website might be available, depending on your settings. If you accept all cookies, you will have full access to all the services of our website. For further information, please read our privacy policy.