Ask the Expert

Traffic logging and VoIP encryption

For best practices, what traffic logging should be performed at firewalls? Is there an encryption for Voice over IP -- for example, to protect traffic from snooping on Internet?

    Requires Free Membership to View

Typically best practices would entail traffic logging on ALL traffic coming through a perimeter firewall. Traffic of interest on the VoIP side would typically be User Datagram Protocol (UDP) traffic on port 5060 (SIP) and UDP traffic on the RTP ports opened on the perimeter firewall, typically 10000-30000. This is however a lot of information, so a log analyzer tool will probably be necessary.

Currently, there are a number of encryption technologies being proposed for VoIP by the Internet Engineering Task Force (IETF), the body which produces the documentation and recommendations for protocol design for the Internet. As typical Internet transmission of VoIP is accomplished through SIP, there are actually three protocols involved in the VoIP traffic: SIP, Session Description Protocol (SDP) and RTP. SIP and SDP are transmitted in cleartext over port 5060 and may be encrypted using Transport Layer Security (TLS) which some handsets and IP PBXs now support.

The media, which is transported using RTP, is where the standards are not yet fully developed. The two main contenders for this are Secure RTP (SRTP) and ZRTP, both of which utilize a variant of key exchange for encrypting the media stream. SRTP entails a separate key management system while ZRTP utilizes an in-band key exchange during the call setup. In other words, ZRTP is transparent to the user! However, neither of these proposals has gained widespread use in the vendor market, meaning you won't see many handsets supporting this yet.

This was first published in June 2006

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: