Administration
A31003-D3000-M100-01-76A9, 02-2013
68
OpenScape Desk Phone IP, Phone Administration, Administrator Documentation
Security
Related Topics
3.4 Security
Related Topics
3.4.1 Speech Encryption
Related Topics
3.4.1.1 Security - General Configuration
OpenScape Desk Phones support secure (i.e. encrypted) speech transmission
via SRTP. For enabling secure (encrypted) calls, a TLS connection to the
OpenScape Voice server is required.
If
Use secure calls
is activated, the encryption of outgoing calls is enabled, and
the phone is capable of receiving encrypted calls. When the phone is connected
to an OpenScape Voice system, call security is communicated to the user as
follows:
•
An icon in the call view tells the user whether a call is secure (encrypted) or
not.
•
If an active call changes from secure to insecure, e. g. after a transfer, a
popup window and an alert tone will notify the user.
INFO:
For secure (encrypted) calls, it is required that both
endpoints support SRTP. The secure call indication tells the user
that the other endpoint has acknowledged the secure connection.
INFO:
In order to use SRTP, the phone must be configured for
NTP (for further information please see
Date and Time
). The
reason is that the key generation (MIKEY) uses the system time
of the particular device as a basis. Thus, encryption will only work
correctly if all devices have the same UTC time.
If
SIP server certificate validation
resp.
Backup SIP server certificate
validation
is activated, the phone will validate the server certificate sent by the
OpenScape Voice server in order to establish a TLS connection. The server certif-
icate is validated against the root certificate from the trusted certificate authority
(CA), which must be stored on the phone first. For delivering the root certificate,
a DLS (OpenScape Deployment Service) server is required.
The
SRTP type
sets the key exchange method for SRTP.
|--- QCU port
|--- QCU community
|--- QoS to generic dest.