Can you experts please share your opinions on if Security is an absolute must in Cisco VoIP solutions? Specifically i'm talking about authentication between phones and gateways, and running Secure RTP accross the wire. The types of solutions I will be working on will be 1-5 site solutions with 500 total users or less. Voice will always run over frame or mpls. Due to reduced budgets, their will be times that public DIA connections might terminate on the same router that a private wan connection terminates on.
I would imagine that authentication should always be used as it doesn't increase the price of the solution. But running Secure RTP drastically increases the overall bandwidth needed for voice calls, and reduces the attractiveness and savings that customers have heard about in comparison to the PSTN.
BTW, I have read the SRND. It provides some good guidance on security, but does not really state if it is always recommended/needed. Is their another Cisco guide or book that covers security from a VoIP perspetive in detail?
Thanks to all in advance. This forum is truly awesome and the level of responsiveness is impressive.
Regarding your question I would say security is important in all converged network nowdays. VoIP calls are esentially IP data which may contain Critical information depending the role of the bussiness. No RTP traffic should be intercepted and recorded for evil purpouses...Basically depends which information you are protecting AND HOW you are going to protect it.
Without protection RTP is considered insecure, as a telephone conversation over IP can easily be eavesdropped. Additionally, manipulation and replay of RTP data could lead to poor voice quality due to jamming of the audio/video stream. Modified RTCP (Real-time Transport Control Protocol) data could even lead to an unauthorized change of negotiated quality of service and disrupt the processing of the RTP stream.
The Secure Real-time Protocol is a profile of the Real-time Transport Protocol (RTP) offering not only confidentiality, but also message authentication, and replay protection for the RTP traffic as well as RTCP (Real-time Transport Control Protocol)
SIP traces provide key information in troubleshooting SIP Trunks, SIP
endpoints and other SIP related issues. Even though these traces are in
clear text, these texts can be gibberish unless you understand fully
what they mean. This document attempts to br...
Please find the attached HTML document, download and open it on your PC.
This provides an easy to use form where you simply answer a few
questions and it will render the proper jabber-config.xml file for you
to copy/paste. There is built in logic to verif...
CUCM Database Replication is an area in which Cisco customers and
partners have asked for more in-depth training in being able to properly
assess a replication problem and potentially resolve an issue without
involving TAC. This document discusses the bas...