Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

When to use Secure RTP

Can you experts please share your opinions on if Security is an absolute must in Cisco VoIP solutions? Specifically i'm talking about authentication between phones and gateways, and running Secure RTP accross the wire. The types of solutions I will be working on will be 1-5 site solutions with 500 total users or less. Voice will always run over frame or mpls. Due to reduced budgets, their will be times that public DIA connections might terminate on the same router that a private wan connection terminates on.

I would imagine that authentication should always be used as it doesn't increase the price of the solution. But running Secure RTP drastically increases the overall bandwidth needed for voice calls, and reduces the attractiveness and savings that customers have heard about in comparison to the PSTN.

BTW, I have read the SRND. It provides some good guidance on security, but does not really state if it is always recommended/needed. Is their another Cisco guide or book that covers security from a VoIP perspetive in detail?

Thanks to all in advance. This forum is truly awesome and the level of responsiveness is impressive.

Regards

1 REPLY
Green

Re: When to use Secure RTP

Regarding your question I would say security is important in all converged network nowdays. VoIP calls are esentially IP data which may contain Critical information depending the role of the bussiness. No RTP traffic should be intercepted and recorded for evil purpouses...Basically depends which information you are protecting AND HOW you are going to protect it.

Without protection RTP is considered insecure, as a telephone conversation over IP can easily be eavesdropped. Additionally, manipulation and replay of RTP data could lead to poor voice quality due to jamming of the audio/video stream. Modified RTCP (Real-time Transport Control Protocol) data could even lead to an unauthorized change of negotiated quality of service and disrupt the processing of the RTP stream.

The Secure Real-time Protocol is a profile of the Real-time Transport Protocol (RTP) offering not only confidentiality, but also message authentication, and replay protection for the RTP traffic as well as RTCP (Real-time Transport Control Protocol)

Check out this analisys

http://www.csrc.nist.gov/publications/nistpubs/800-58/SP800-58-final.pdf

Check OUR Best practices.

http://www.cisco.com/univercd/cc/td/doc/product/voice/c_callmg/4_1/sec_vir/ae/sec413/secuview.htm#wp1062436

hth

92
Views
0
Helpful
1
Replies