SRTP is used to encrypt and secure the audio going to and from the phone. You must
configure equivalent parameters in Communication Manager or System Manager. You must
configure the following three parameters on the phones and equivalent Communication
Manager parameters must match one of the parameters:
- SET ENFORCE_SIPS_URI 1
- SET SDPCAPNEG 1
- SET MEDIAENCRYPTION X1, X2, 9. Valid values for X are 1 to 8 for aescm128-hmac80 ,
and 10 or 11 for aescm256-hmac80
Note:
• The Administration menu provides access to certain administrative procedures on the
phone. You must change the default password for the Administration menu to restrict users
from using the administrative procedures to change the phone configuration.
• Remote access to the phone is completely disabled by default.
Access control and security
Phones provide several security features for control and access. These are available as:
Security event logging
The logs are maintained for the following events:
• Successful and failed logins, username lockouts, registration and authorization attempts by
user and administrators.
• Change in roles.
• Firewall configuration changes.
• Modification or access to the critical data, applications, and files.
Private Key storage
The phone stores the private key in PKCS#12 and PEM file formats. The phone sends the device
identity certificate and a private key along with the encrypted password to the WPA supplicants.
EAP-TLS/MD5 password are sent to the WPA supplicants securely.
Temporary Data
The phone deletes any temporary storage data from the program, variables, cache, main memory,
registers, and stack.
IP information
The phone enables the user with ADMIN privileges to see the IP information on the phone screen.
The parameter PROVIDE_NETWORKINFO_SCREEN controls the display information.
Security
September 2017
Installing and Administering Avaya J129 IP Phone
52