Noticed today that Tom Keating has a review up on "pbxnsip", which has the interesting twist of being a low-cost PBX solution running on Microsoft Windows. Most other inexpensive or open-source software-only PBX solutions tend to run on Linux, and indeed, pbxnsip does have Linux versions (and apparently NetBSD although they are not listed... perhaps they just run the Linux version). I first actually learned of pbxnsip some time ago at one of the various VoIP tradeshows when I was struck by the fact that they were advertising security as the main point in big letters on the background to their booth. In fact, security is #2 on their list of "reasons to buy":
It addresses security. The pbxnsip PBX uses https, sips, SRTP and sdes to make the communication to your PBX secure. Using sdes-capable devices, your voice calls will stay as secure as your https traffic.
Well, gee, given my background, it's not hard to imagine that any vendor that basically leads with security gets some extra points in my book. (Especially since doing so has the potential to paint a big red target on your back to all the attackers out there who like to debunk claims about security.) I've not played with it myself, but Tom's review does indeed make it sound interesting.
I guess I'll have to add it to the (huge) list of things to check out...
Thanks, Tom, for as usual providing your very thorough reviews - you definitely help a lot of the rest of us.
UPDATE: I knew there was another reason I knew of pbxnsip... CEO Christian Stredicke has been on the VOIPSEC mailing list for quite some time, although I recall hearing from him primarily when he was with snom technology.