1. If the call goes via PSTN at any point is not possible to protect confidentiality in any way, because there is always the possibility of wiretap inside or outside premises. You will notice that in fact this type of calls are the ones about what people is mostly worried.
2. If the call goes via VoIP exclusively, the only way to ensure confidentiality is to configure SRTP, that cyper the voice strame and will make a lock appear in the phone display. All other methods can be defeated by skilled attackers and of course by malicious system administrators.
3. Really motivated attackers do not care about wiretapping the line or the phone. They use "evironmental bugs" in the room or elsewhere.
I know that all this can seem to go a little overboard, but it's simply the truth, then it's up to you to decide how to present it to your concerned user.
Jason, as far as I know here are no known vulnerabilities in cisco's SRTP.
I would look at CM's SRND for an implementation guide.
What I want to bring your attention to, is point 1 of my previous post.
When realizing that wiretapping can always happen at PSTN level, most users are willing to renounce to the incomplete protection available with encryption in network, consequently relieving the system administrator from the burden of configuring and maintaining it. Security comes at a price!
SRTP is not something to be taken lightly. The configuration can become very overwhelming very quickly. And even then, there will be so many things that you cannot encrypt that the entire process becomes very questionable whether it was worth the effort or not.
SRTP implementation is generally used by large organizations / government that have no room for error or security breaches.
And that's not going to stop anyone from doing things in the 'physical' world like pointing listening devices at your users or putting 'bugs' in the room.
There are some features for IPCC that allow this to happen. Otherwise, every other feature notifies the user that someone is listening.
If you make sure your switches haven't been compromised, you should be fine.
SIP traces provide key information in troubleshooting SIP Trunks, SIP
endpoints and other SIP related issues. Even though these traces are in
clear text, these texts can be gibberish unless you understand fully
what they mean. This document attempts to br...
Please find the attached HTML document, download and open it on your PC.
This provides an easy to use form where you simply answer a few
questions and it will render the proper jabber-config.xml file for you
to copy/paste. There is built in logic to verif...
[toc:faq]CUCM Database Replication is an area in which Cisco customers
and partners have asked for more in-depth training in being able to
properly assess a replication problem and potentially resolve an issue
without involving TAC. This document discusse...