Linksys WIP310 SPA500 Series and WIP310 IP Phone Administration Guide - Page 122
SIP Initial INVITE and MWI Challenge, SIP Over TLS, Configuring Security, Quality
UPC - 745883580927
View all Linksys WIP310 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 122 highlights
Configuring Security, Quality, and Network Features Setting Security Features 5 SIP Initial INVITE and MWI Challenge SIP INVITE (initial) and MWI message in a session can be challenged by the endpoint. The purpose of this challenge is to restrict the SIP servers that are permitted to interact with the devices on the service provider network, which significantly increases the security of the VoIP network by preventing malicious attacks against the device. To configure SIP INVITE challenge: STEP 1 Log in to the web administration interface. STEP 2 Click Admin Login and advanced. STEP 3 Click Ext , then scroll to the SIP Settings section. STEP 4 In the Auth INVITE field, choose yes. STEP 5 Click Submit All Changes. SIP Over TLS Transport layer security (TLS) is a standard protocol for securing and authenticating communications over the Internet. SIP Over TLS eliminates the possibility of malicious activity by encrypting the SIP messages by the SIP proxy of the service provider and the end user. SIP Over TLS relies on the widely-deployed and standardized Transport Layer Security (TLS) protocol. Note that SIP Over TLS encrypts only the signaling messages and not the media. A separate secure protocol such as Secure Real-Time Transport Protocol (SRTP) (see below) can be used to encrypt voice packets. The TLS protocol has two layers: • TLS Record Protocol -- layered on top of a reliable transport protocol, such as SIP or TCH, it ensures that the connection is private by using symmetric data encryption and it ensures that the connection is reliable. • TLS Handshake Protocol -- allows authentication between the server and client and the negotiation of an encryption algorithm and cryptographic keys before the application protocol transmits or receives any data. TLS is application protocol-independent. Higher-level protocols such as SIP can layer on top of the TLS protocol transparently. Cisco SPA 500 Series and WIP310 IP Phone Administration Guide 111