All calls are required to be authenticated using SIP username and password, source IP address, account and PIN, etc, before being allowed to call externally.

SIP registration and calls can be limited to individual source IP addresses, or multiple ranges of source IP address per telephone line. The source IP address can be automatically detected on first registration, and automatically locked to that address.

SIP packets from known scanners are automatically rejected. Optionally, only certain SIP user agents may be allowed.

The system owner and resellers can limit which destinations customers may call using classes of service.

Customer administrators can limit which destinations users may call using classes of service. Classes can be defined down to an individual number. Classes can be controlled by time of day, day of week, etc.

Once a customer's balance reaches their credit limit, they can make no more billable calls. The credit limit can be controlled per customer. A temporary credit limit can be applied to each customer, controlled by time of day, day of week, etc.

Each customer and telephone line can have a daily spending limit set. If they exceed this, all their calls are locked until manually unlocked. They are automatically sent a warning email when approaching their limit.

Each customer can have a maximum number of concurrent calls.

Each peer (carrier) can have a maximum number of concurrent calls.

Alerts can be sent by email or text message for abnormal or potentially fraudulent calls, based on destination, duration, cost, number of concurrent calls, etc.

Web interface supports SSL (requires third party certificate).

Policies for allowed passwords are highly configurable. Passwords can be validated against an external web service.

Web logins can be limited to multiple ranges of source IP address per account.

All user actions are recorded in audit logs.