Security; Speech Encryption; General Configuration - Unify OpenStage 60 Administration Manual
Openstage sip v3r3 for openscape voice
Hide thumbs
Also See for OpenStage 60:
- User manual (288 pages) ,
- User manual (2 pages) ,
- Manual (19 pages)
Table of Contents
Advertisement
administration.fm
Administration
Security
3.4
Security
3.4.1
Speech Encryption
3.4.1.1
General Configuration
OpenStage phones support secure (i.e. encrypted) speech transmission via SRTP. For en-
abling secure (encrypted) calls, a TLS connection to the Phone Administration server is re-
quired.
If Use secure calls is activated, the encryption of outgoing calls is enabled, and the phone is
capable of receiving encrypted calls. When the phone is connected to an OpenScape Voice
system, call security is communicated to the user as follows:
•
An icon in the call view tells the user whether a call is secure (encrypted) or not.
•
If an active call changes from secure to insecure, e. g. after a transfer, a popup window and
an alert tone will notify the user.
For secure (encrypted) calls, it is required that both endpoints support SRTP. The
>
secure call indication tells the user that the other endpoint has acknowledged the se-
cure connection.
In order to use SRTP, the phone must be configured for NTP (for further information
>
please see Section 3.5.5, "Date and Time"). The reason is that the key generation
(MIKEY) uses the system time of the particular device as a basis. Thus, encryption
will only work correctly if all devices have the same UTC time.
If SIP server certificate validation resp. Backup SIP server certificate validation is
activated, the phone will validate the server certificate sent by the Phone Administration server
in order to establish a TLS connection. The server certificate is validated against the root cer-
tificate from the trusted certificate authority (CA), which must be stored on the phone first. For
delivering the root certificate, a DLS (OpenScape Deployment Service) server is required.
The SRTP type sets the key exchange method for SRTP.
When Use SRTCP is activated (together with Use secure calls), the phone will use SRTCP
(Secure RTCP) to transmit and receive RTP control packets.
If SRTP is enabled, ANAT interworking (see Section 3.5.8.3, "Media/SDP") is only
>
possible if SDES is configured as the key exchange protocol for SRTP.
82
OpenStage SIP V3R3 for OpenScape Voice, Administration Manual
A31003-S2030-M100-11-76A9, 01/2015
- Quick Links:
- Openstage 60/80
- Administration Password
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
