Srtp And Securing Calls - Linksys SPA922 Administrator's Manual

Business series

Hide thumbs Also See for SPA922:

User manual (15 pages)

Product data (5 pages)

Administrator's manual (168 pages)

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

page of 196

/ 196
Contents
Table of Contents
Bookmarks

Table of Contents

•

TLS Record Protocol -- layered on top of a reliable transport protocol, such as SIP or TCH,

it ensures that the connection is private by using symmetric data encryption and it

ensures that the connection is reliable.

•

TLS Handshake Protocol -- allows authentication between the server and client and the

negotiation of an encryption algorithm and cryptographic keys before the application

protocol transmits or receives any data.

TLS is application protocol-independent. Higher-level protocols such as SIP can layer on top of

the TLS protocol transparently.

SPA9x2 phones use UDP as a standard for SIP transport, but they also support SIP over TLS for

added security.

To enable TLS for a SPA9x2 phone:

1. Log in to the SPA9x2 phone's administration web browser.

2. Click Ext 1, then scroll to the SIP Settings section.

3. Select TLS from the SIP Transport drop-down box.

4. Click Submt All Changes.

SRTP and Securing Calls

Secure Real-Time Transport Protocol (SRTP) is a secure protocol for transporting real-time data

over networks. SPA9x2 phones use SRTP to securely send and receive real-time voice traffic

from other phones and gateways.

SRTP provides media encryption to ensure that media streams between devices are secure and

that only the intended devices receive and read the data.

When a call is secure, the voice conversation is encrypted so that others cannot eavesdrop on

the conversation. To enable this feature the SPA9x2 phone must have a mini-certificate

installed.

The supplementary service Secure All Calls (*16)—Defaults to prefer to use encrypted media

(voice codecs). Audio packets in both directions of outbound calls are encrypted using SRTP.

To use Secure Call on an extension, you must configure Mini Certificate and SRTP Private Key for

that extension. These parameters appear on the Ext tabs (see

Parameters" section on page

Secure Call Service is defined in the Phone tab (see

section on page

89). Secure Call Service activates Linksys secure encryption of RTP streams

between the two endpoints. You can disable this if the other endpoint (or gateway) does not

support this Linksys proprietary method.

Users can enter *18 to Secure Next Call—Uses encrypted media for the next outbound call (on

this call appearance only). This star code is redundant if all outbound calls are secure by default.

Linksys SPA9x2 Phone Administration Guide

102).

"Supplementary Services Parameters"

Setting System Features

Setting Security Features

"Subscriber Information

Table of Contents

Show Quick Links

Quick Links:
Using the Web User Interface

Hide quick links:

Chapters

Table of Contents

This manual is also suitable for:

Spa932 Spa942 Spa962

Srtp And Securing Calls - Linksys SPA922 Administrator's Manual

SRTP and Securing Calls

Hide quick links:

Chapters

Related Manuals for Linksys SPA922

Related Content for Linksys SPA922

This manual is also suitable for:

Table of Contents