This is a talk about Twilio's new SIP capabilities given by Twilio Co-founder, John Wolthuis, and SIP Tech Lead, Jonas Borjesson, at TwilioCon 2013.

1. #TWILIOCON
Bringyourinfrastructuretothe cloud
withTwilio SIP
JOHN WOLTHUIS, CO-FOUNDER @THUDDWHIRR
JONAS BORJESSON, TECH LEAD SIP @BORJESSONJONAS
Wednesday, September 25, 13

2. #TWILIOCON
What is SIP anyway?
You’ve probably heard about SIP before. Let’s find out what it really is.
Wednesday, September 25, 13

3. #TWILIOCON
Session Initiation Protocol.
Wednesday, September 25, 13

4. #TWILIOCON
What is SIP about? Initiating & Managing Sessions.
Wednesday, September 25, 13

5. #TWILIOCON
What is a SIP session? It can be anything!
Wednesday, September 25, 13

6. #TWILIOCON
SIP at Twilio. A deep dive.
Let’s take a look at what Twilio does with SIP and some of the new features
that we’ve announced.
Wednesday, September 25, 13

7. #TWILIOCON
<Dial>
<Sip>alice@example.com</Sip>
</Dial>
Wednesday, September 25, 13

8. #TWILIOCON
SIP
SIP
<Response>
<Dial>
415-867-5309
</Dial>
<Response>
Wednesday, September 25, 13

9. #TWILIOCON
SIP
SIP
<Response>
<Dial>
<Sip>alice@example.com</Sip>
</Dial>
<Response>
Wednesday, September 25, 13

10. #TWILIOCON
ahoy.sip.twilio.com
TWILIOCON 2013
Wednesday, September 25, 13

11. #TWILIOCON
Sending SIP to Twilio
Wednesday, September 25, 13

12. #TWILIOCON
Sending SIP to Twilio
ahoy.sip.twilio.com
Twilio SIP Domain
Wednesday, September 25, 13

13. #TWILIOCON
Sending SIP to Twilio
SIP
ahoy.sip.twilio.com
Twilio SIP Domain
Wednesday, September 25, 13

14. #TWILIOCON
Sending SIP to Twilio
SIP
ahoy.sip.twilio.com
Twilio SIP Domain
http://www.example.com/app.php
<Response>
<Say>Please wait as we connect you</Say>
<Dial>+1-415-555-1212</Dial>
<Response>
Wednesday, September 25, 13

15. #TWILIOCON
Connect to Anything
SIP RTC
SIP
Wednesday, September 25, 13

16. #TWILIOCON
Twilio + SIP = Harmony.
Twilio is making SIP easy. Map your domain
ahoy.sip.twilio.com
to a voice URL and secure it with Twilio’s SIP tools.
Wednesday, September 25, 13

17. #TWILIOCON
Let’s do it Live.
Wednesday, September 25, 13

18. #TWILIOCON
How does Twilio handle SIP Security?
Let’s take a look at some of the tools that are available to help you secure
your Twilio SIP integration.
Wednesday, September 25, 13

19. #TWILIOCON
SIP != HTTP. We have to think about security differently.
We can’t approach securing SIP in the same way that we secure HTTP.
Attackers have very different goals in mind.
Vs.
HTTP
Vandalism & Data Theft
SIP
Telco Fraud
Wednesday, September 25, 13

20. #TWILIOCON
Twilio SIP Security: Features
1. IP Access Control Lists (IP ACLs)
2. Authentication Credentials Lists
3. The <Reject /> Verb
Wednesday, September 25, 13

21. #TWILIOCON
Twilio SIP Security: IP Access Control Lists
Think of IP ACL as a firewall for your SIP domain.
When using a multi-tenant system, IP ACL alone won’t
do the trick.
HOW IT WORKS
Each IP ACL can be associated with many domains.
Each domain can be associated with many IP ACLs.
SETUP
Wednesday, September 25, 13

22. #TWILIOCON
Twilio SIP Security: Authenticated Credentials List
All requests to the domain require username / password
to authenticate. Identical to HTTP Digest Auth.
AUTHENTICATION
Works with IP ACL to accept traffic from multi-tenant
systems. Without IP ACL, allows traffic from any IP.
IP ACL INTEGRATION
Wednesday, September 25, 13

23. #TWILIOCON
Twilio SIP Security: The <Reject/> Verb
Your TwiML application knows good behavior from bad.
Includes info about SIP INVITE.
TwiML + SIP
Use the <Reject /> verb to block suspicious, excessive,
& incorrect traffic.
RESTRICT TRAFFIC
Wednesday, September 25, 13

24. #TWILIOCON
• Twilio now accepts incoming calls with SIP
Twilio SIP: In Closing
• Security is managed via IP ACLs, Credentials, & TwiML
• Incoming calls map to TwiML URLs via SIP Domains
• All this can be managed in the Account Portal or the REST API
Wednesday, September 25, 13

25. QUESTIONS?
Wednesday, September 25, 13