Algo 8180 User Manual page 17

increasingly more common. Using a hosted SIP service requires traffic to be sent over the
public internet and thus much more susceptible to attacks. Signed certificates are an
important piece in the Algo device's operation, to ensure the security, integrity, and
privacy of its communication. Algo components that use TLS are Provisioning and SIP
Signaling.
These Algo devices each come pre-loaded with certificates from a list of trusted certificate
authorities (CA), which are installed in the hardware at the time of manufacture. Note
these pre-installed trusted certificates are not visible to users and are separate from the
'certs' folder.
The TLS handshake happens to make sure that the client and server can trust each other,
and once that trust is established, the two parties can freely send encrypted data and
decrypt any data that they receive. After the TLS handshake process is complete, a TLS
session is established, and the server and client can then exchange messages that are
symmetrically encrypted with shared (pre-master) secret key.
Provisioning
Provisioning is secured by setting the 'Download Method' to 'HTTPS' (under the
Advanced Settings > Provisioning tab)
Setting provisioning to 'HTTPS' prevents configuration files from being read by unwanted
third-party devices/ attackers. This resolves the potential risk of having sensitive data:
admin passwords and SIP credentials stolen.
Document 90-00095A
01/24/2019
Page 17
Algo Communication Products Ltd
4500 Beedie St Burnaby BC Canada V5J 5L2
www.algosolutions.com
8180 SIP Audio Alerter (G2) FW 1.7
(604) 454-3792
support@algosolutions.com