3

Setting System Features

Setting Security Features

Setting System Features

Use the System tab to enable web server access, set security features, the debug server, and VLAN settings. See the following sections:

”Setting Security Features” section on page 35

”Ensuring Voice Quality” section on page 37

”Setting System Features” section on page 40

”Setting System Configuration Information” section on page 41

”Setting Internet, IP and PPPoE Information” section on page 42

”Setting Optional Network Parameters” section on page 43

”Configuring VLAN Settings” section on page 44

Setting Security Features

The following features help ensure that your SPA9x2 calls are secure and authenticated.

”SIP Initial INVITE and MWI Challenge” section on page 35

”SIP Over TLS” section on page 35

”SRTP and Securing Calls” section on page 36

SIP Initial INVITE and MWI Challenge

SIP INVITE (initial) and MWI message in a session can be challenged by the endpoint. The purpose of this challenge is to restrict the SIP servers that are permitted to interact with the devices on the service provider network, which significantly increases the security of the VoIP network by preventing malicious attacks against the device.

In addition, the Auth INVITE option for Lines 1 and 2 enables the challenging of incoming initial SIP INVITE requests.

SIP Over TLS

Transport layer security (TLS) is a standard protocol for securing and authenticating communications over the Internet.

SIP Over TLS eliminates the possibility of malicious activity by encrypting the SIP messages by the SIP proxy of the service provider and the end user. SIP Over TLS relies on the widely- deployed and standardized Transport Layer Security (TLS) protocol. Note that SIP Over TLS encrypts only the signaling messages and not the media. A separate secure protocol such as Secure Real-Time Transport Protocol (SRTP) (see below) can be used to encrypt voice packets.

The TLS protocol has two layers:

Linksys SPA9x2 Phone Administration Guide

35

Page 42
Image 42
Linksys SPA932 Setting System Features, Setting Security Features, SIP Initial Invite and MWI Challenge, SIP Over TLS