Administrator's Guide SoundPoint IP / SoundStation IP
Local
Local Phone User
Interface
Incoming Signaling Validation
Central
Configuration File:
sip.cfg
(boot server)
Secure Real-Time Transport Protocol
Configuration File Encryption
Note
4 - 82
Configuration changes can performed locally:
The custom certificate can be specified and the type of certificate to
trust can be set under the Settings menu.
The three optional levels of security for validating incoming network signaling
are:
•
Source IP address validation
•
Digest authentication
•
Source IP address validation and digest authentication
Configuration changes can performed centrally at the boot server:
Specify the type of validation to perform on a request-by-request
basis, appropriate to specific event types in some cases.
•
For more information, refer to
<requestValidation/>
Secure Real-Time Transport Protocol (SRTP) provides means of encrypting the
audio stream(s) of VoIP phone calls to avoid interception and eavesdropping
on phone calls.
For detailed configuration instructions, refer to "Technical Bulletin 25751:
Secure Real-Time Transport Protocol on SoundPoint IP Phones" at
http://www.polycom.com/usa/en/support/voice/soundpoint_ip/VoIP_T
echnical_Bulletins_pub.html
Configuration files (excluding the master configuration file), contact
directories, and configuration override files can all be encrypted.
The SoundPoint IP 300 and 500 phones will always fail at decrypting files. These
phones will recognize that a file is encrypted, but cannot decrypt it and will display
an error. Encrypted configuration files can only be decrypted on the SoundPoint IP
301, 320, 330, 430, 501,550, 560, 600, 601, 650, and 670 and the SoundStation IP
4000, 6000, and 7000 phones.
The master configuration file cannot be encrypted on the boot server. This file is
downloaded by the bootROM that does not recognize encrypted files. For more
information, refer to
Master Configuration Files
Request Validation
on page A-15.
.
on page A-2.