Configuring Voice Services

4

 

Secure Call Implementation

 

 

 

 

 

The signing agent is implicit and must be the same for all ATAs that communicate securely with each other. The public key of the signing agent is pre-configured into the ATA device by the administrator and is used by the ATA device to verify the Mini-Certificate of its peer. The Mini-Certificate is valid if it has not expired, and it has a valid signature.

The ATA device can be configured so that, by default, all outbound calls are either secure or not secure. If secure by default, the user has the option to disable security when making a call by dialing *19 before dialing the target number. If not secure by default, the user can make a secure outbound call by dialing *18 before dialing the target number. However, the user cannot force inbound calls to be secure or not secure; that depends on whether the caller has security enabled or not.

The ATA device will not switch to secure mode if the CID of the called party from its Mini-Certificate does not agree with the user-id used in making the outbound call. The ATA device performs this check after receiving the Mini-Certificate of the called party

Secure Call Details

Looking at the second stage of setting up a secure call in greater detail, this stage can be further divided into two steps.

STEP 1 The caller sends a “Caller Hello” message (base64 encoded and embedded in the message body of a SIP INFO request) to the called party with the following information:

Message ID (4B)

Version and flags (4B)

SSRC of the encrypted stream (4B)

Mini-Certificate (252B)

Upon receiving the Caller Hello, the called party responds with a Callee Hello message (base64 encoded and embedded in the message body of a SIP response to the caller’s INFO request) with similar information, if the Caller Hello message is valid. The caller then examines the Callee Hello and proceeds to the next step if the message is valid.

ATA Administration Guide

73

Page 75
Image 75
Cisco Systems SPA2102, SPA3102, WRP400, SPA8000, PAP2T manual Secure Call Details

PAP2T, SPA8000, SPA3102, WRP400, SPA2102 specifications

The Cisco Systems SPA2102 is a versatile Voice over Internet Protocol (VoIP) adapter that serves as a bridge between traditional telephony systems and modern IP networks. Designed primarily for small to medium businesses, the SPA2102 is highly regarded for its reliability, ease of use, and rich feature set. This device allows users to make and receive phone calls over the internet while maintaining the ability to connect traditional analog phones.

One of the standout features of the SPA2102 is its dual-port capability. The device includes two FXS ports, allowing users to connect two separate analog telephones. This makes it an ideal choice for businesses that want to retain their existing telephony infrastructure while transitioning to a VoIP system. The ability to utilize two telephone lines simultaneously provides flexibility and convenience, especially for users in a busy office environment.

The SPA2102 leverages Session Initiation Protocol (SIP) technology, which is widely recognized for its robustness and interoperability. The support for SIP ensures that the SPA2102 can work seamlessly with various VoIP service providers, offering users a broad range of options for their telecommunication needs. In addition to SIP, the device supports various codecs, including G.711, G.726, and G.729, allowing for flexible audio quality settings and bandwidth management.

Security is also a critical aspect of the SPA2102. It incorporates advanced encryption methods, such as Secure Real-time Transport Protocol (SRTP) and Transport Layer Security (TLS), to protect voice communications from potential eavesdropping. This focus on security makes the SPA2102 a reliable choice for businesses concerned about the confidentiality of their conversations.

The device is easy to configure and manage, thanks to its web-based interface. This allows administrators to quickly set up the adapter, manage network settings, and troubleshoot any issues that may arise. Furthermore, the SPA2102 supports Quality of Service (QoS) features, ensuring that voice traffic is prioritized over other types of network traffic, which enhances call quality and reliability.

Overall, the Cisco SPA2102 is a powerful, user-friendly VoIP adapter that combines traditional telephony with modern IP technology. Its dual-port capability, support for SIP, extensive security features, and ease of configuration make it a solid choice for businesses looking to innovate their communication systems while minimizing disruption. Whether used in a small office or a larger organizational setting, the SPA2102 continues to be a reliable component of VoIP solutions.