Security Policy and Posture

This page provides an overview of VoIPmonitor's security posture, development practices, and internal security controls. This information is intended for security departments conducting assessments, audits, or compliance reviews.

Data Protection and Encryption

Database Encryption

• User data in the database (CDRs, call metadata, configuration settings) is stored in plain text and is NOT encrypted at rest
• Only user passwords are hashed (see Password Storage below)
• For encryption of data in transit between components, see SSL/TLS_connection_to_the_Mysql/MariaDB

Password Storage

• User credentials (passwords) are stored using SHA-256 hashing
• LDAP authentication is available, which offloads credential storage to an external LDAP server
• For more details on authentication methods, see Custom Login documentation

Data Privacy Features

VoIPmonitor includes several features to assist with privacy compliance:

• IP Address Anonymization - Database-level anonymization of IP addresses
• Two-Factor Authentication (2FA) for enhanced user account security
• Various compliance integrations (SIPREC, CALEA support, PCI-DSS features)

Authentication and Session Management

Supported Authentication Methods

VoIPmonitor supports multiple authentication approaches:

• Local user accounts with username/password
• Two-Factor Authentication (2FA)
• LDAP authentication (username/password verification) - see Custom Login
• Google Sign-In (OAuth 2.0)
• Microsoft Sign-In (Azure AD/Entra ID) - scheduled for upcoming stable release
• Custom login scripts for integration with external authentication systems - see Custom Login

Authentication Methods NOT Supported

The following methods are NOT currently supported:

• Shibboleth SSO - not supported
• SAML-based SSO (including JumpCloud, Okta, OneLogin) - not supported
• LDAP SSO (click-through login without credentials) - only LDAP username/password verification is supported
• Generic OIDC providers other than Google

Session Management

• User sessions are managed using PHP sessions
• Session inactivity timeout is configurable via PHP configuration (session.gc_maxlifetime in php.ini)
• Sessions can be invalidated manually by administrators

Architecture and Network Security

The VoIPmonitor system architecture includes multiple security layers:

Key Security Features

• TLS/SRTP Decryption - Support for decrypting encrypted VoIP traffic for monitoring and analysis
• Secure sensor communication - Encrypted TCP connections using server_password
• HTTPS and Basic Authentication for securing the web GUI
• SIPREC recording with WORM storage for regulatory compliance (SEC 17a-4, CFTC 1.31)
• CALEA integration support for law enforcement data export requests

Network Ports and Firewall

The following ports should be considered when configuring firewalls:

Port	Protocol	Service	Notes
80, 443	TCP	Web GUI	HTTPS strongly recommended
5029	TCP	Manager API	Restrict to trusted internal IPs only
60024	TCP	Sensor communication	Used for distributed architecture
5060	UDP/TCP	SIP monitoring	Default SIP port

Recommendations for Security Assessments

When conducting a security assessment of VoIPmonitor, consider the following:

Configuration Review

• Web server SSL/TLS configuration (certificate validity, cipher suites)
• Database connection encryption (MySQL/MariaDB SSL)
• Firewall rules for all VoIPmonitor ports
• File permissions on configuration files (/etc/voipmonitor.conf)

Authentication Assessment

• Validate that required authentication methods (LDAP, 2FA) are properly configured
• Review user permissions and role assignments in GUI
• Check IP restriction settings (Settings > Users & Audit > Users > Secure users)

Compliance Review

• Review privacy features to ensure they meet your compliance requirements
• Verify audit logging is enabled if required (AUDIT_LOG_FILE)
• Check data retention policies (cleandatabase settings)

Infrastructure Security

• Implement additional security layers (intrusion detection, network segmentation)
• Consider deploying VoIPmonitor in an isolated network segment
• Regular backup verification and disaster recovery testing

AI Summary for RAG

Summary: VoIPmonitor security posture documentation for security assessments and compliance reviews. Database: CDR and call metadata stored unencrypted at rest; passwords hashed with SHA-256. Authentication: local accounts, 2FA, LDAP (username/password only - NOT SSO), Google OAuth, Microsoft Sign-In (upcoming). NOT supported: Shibboleth, SAML SSO, LDAP SSO, generic OIDC. Sessions: PHP-based with configurable timeout. Network security: encrypted sensor communication (server_password on port 60024), TLS/SRTP decryption support, HTTPS for GUI. Critical ports: 80/443 (GUI), 5029 (Manager API - restrict to internal), 60024 (sensors), 5060 (SIP). Compliance features: SIPREC WORM storage, CALEA export, IP anonymization. Security assessment recommendations: review SSL/TLS config, database encryption, firewall rules, authentication setup, audit logging, data retention policies.

Keywords: security posture, security assessment, compliance, encryption, database encryption, SHA-256, password hashing, authentication, 2FA, LDAP, SSO, Shibboleth, SAML, Google OAuth, Microsoft Sign-In, session management, firewall ports, Manager API, port 5029, port 60024, SIPREC, CALEA, IP anonymization, audit logging, HIPAA, PCI-DSS, GDPR

Key Questions:

• Is user data encrypted in the VoIPmonitor database?
• How are passwords stored in VoIPmonitor?
• What authentication methods does VoIPmonitor support?
• Does VoIPmonitor support Shibboleth or SAML SSO?
• Does VoIPmonitor support LDAP SSO?
• What network ports does VoIPmonitor use?
• Should the Manager API port (5029) be exposed to the internet?
• How do I secure VoIPmonitor for compliance?
• What security features does VoIPmonitor have for regulatory compliance?
• How do I enable audit logging in VoIPmonitor?