Ask the Expert

Is there a standard for encryption of traffic between IP phones?

Is there a standard for encryption of traffic between IP phones? If no, then what options do enterprises have currently to protect the voice traffic passing via a public domain like the Internet?

    Requires Free Membership to View

Yes, there are standards for encrypting the payload for voice traffic that will traverse the public Internet. As you may know, VoIP calls consist of a signaling stream, such as SIP, and a voice packet transport connection, such as Real-time Transport Protocol (RTP). For SIP, you can use several encryption schemes such as HTTP Digest authentication, TLS, S/MIME or IPSec. For RTP you can use Secure RTP (SRTP).

Given these standards, you can achieve end-to-end security or secure just the part of the call that will traverse public networks. You can also transport VoIP traffic over a VPN to achieve security.

The products you use for your IP PBX or VoIP gateway must support these protocols for you to be able to make your calls secure. In addition, your network security elements (firewalls, NATs, proxies, etc.) must also be VoIP-aware. You must also realize that encrypting voice traffic has a big performance overhead on the equipment at the endpoints and thus may be able to carry less traffic.

This was first published in June 2006

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: