The SHAKEN Proxy™ is a TransNexus software product that enables easy integration between a SIP telecommunications network and TransNexus software products that perform STIR/SHAKEN services.

The SHAKEN Proxy performs the following functions:

  • Receives SIP messages from network elements within a telecommunications network
  • Maintains a secure encrypted connection with the TransNexus software product that performs STIR/SHAKEN services
  • Sends information over this secure connection to the TransNexus software products for STIR/SHAKEN services
  • Receives information back from the STIR/SHAKEN services
  • Performs message manipulation tasks to properly format the information
  • Sends the formatted information to network elements.

In summary, the SHAKEN Proxy performs essential message manipulation and acts as secure message relay.

The SHAKEN Proxy works with any SIP-based telecom system.

Network configuration

The SHAKEN Proxy can be configured in several different ways according to the preferences and requirements of the service provider. The following figure shows an illustrative configuration:

SHAKEN Proxy within a telecommunications network

SHAKEN Proxy within a telecommunications network

In this arrangement, the SHAKEN Proxy receives messages for either SHAKEN Authentication or Verification, sends them to the STIR/SHAKEN service, receives the repliess, performs message manipulation and sends the messages to the appropriate network elements (e.g., switch, SBC).

SHAKEN Proxy installation

  1. Create Virtual Machines (VMs) inside your private network with 4 GB of RAM and 2 cores running CentOS 7.x or Redhat 7.x.
    1. The VMs must have access to the internet.
    2. The VMs should not have public IP addresses. We recommend that you set up them up with Network Address Translation (NAT) through a firewall.
    3. No ports should be opened for external access.
    4. All connections to ClearIP from your network will be initiated through proxies running in the VMs. They will connect to ClearIP using TLS 1.2, so all traffic will be encrypted.
    5. The SHAKEN Proxies will accept SIP messages on all interfaces via UDP (5060), TCP (5060), and TLS 1.2 (5061).
    6. Only trusted devices should be able to send SIP messages to the SHAKEN Proxies. If untrusted devices exist on the same network as the SHAKEN Proxies, you must use a firewall to limit access.
    7. The SHAKEN Proxy starts when installed and whenever its VM is rebooted. There is no starting/stopping or further configuration required.
  2. To install the SHAKEN Proxy on each VM, run this command:

curl | sh -s

Contact us today for more information on STIR/SHAKEN and the SHAKEN Proxy.

Request information

* required

This information will only be used to respond to your inquiry. TransNexus will not share your data with any third parties. We will retain your information for as long as needed to retain a record of your inquiry. For more information about how we use personal data, please see our privacy statement.