Q

Traffic logging and VoIP encryption

For best practices, what traffic logging should be performed at firewalls? Is there an encryption for Voice over IP -- for example, to protect traffic from snooping on Internet?

For best practices, what traffic logging should be performed at firewalls? Is there an encryption for Voice over IP -- for example, to protect traffic from snooping on Internet?
Typically best practices would entail traffic logging on ALL traffic coming through a perimeter firewall. Traffic of interest on the VoIP side would typically be User Datagram Protocol (UDP) traffic on port 5060 (SIP) and UDP traffic on the RTP ports opened on the perimeter firewall, typically 10000-30000. This is however a lot of information, so a log analyzer tool will probably be necessary.

Currently, there are a number of encryption technologies being proposed for VoIP by the Internet Engineering Task

Force (IETF), the body which produces the documentation and recommendations for protocol design for the Internet. As typical Internet transmission of VoIP is accomplished through SIP, there are actually three protocols involved in the VoIP traffic: SIP, Session Description Protocol (SDP) and RTP. SIP and SDP are transmitted in cleartext over port 5060 and may be encrypted using Transport Layer Security (TLS) which some handsets and IP PBXs now support.

The media, which is transported using RTP, is where the standards are not yet fully developed. The two main contenders for this are Secure RTP (SRTP) and ZRTP, both of which utilize a variant of key exchange for encrypting the media stream. SRTP entails a separate key management system while ZRTP utilizes an in-band key exchange during the call setup. In other words, ZRTP is transparent to the user! However, neither of these proposals has gained widespread use in the vendor market, meaning you won't see many handsets supporting this yet.

This was first published in June 2006

Dig deeper on VoIP QoS and Performance

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchMobileComputing

SearchNetworking

SearchTelecom

SearchITChannel

SearchEnterpriseWAN

SearchExchange

Close