Dialogic 4000 Series SU4.1 Bedienungsanleitung Seite 84
- Seite / 226
- Inhaltsverzeichnis
- LESEZEICHEN
Bewertet. / 5. Basierend auf Kundenbewertungen
Dialogic 4000 Media Gateway Series SU4.1 Reference Guide
76
Secure RTP
Once a Voice over IP (VoIP) call is established, voice data is transported in packets with the
Real-time Transport Protocol (RTP). The voice data can be easily extracted from RTP
packets and replayed using commercially available software. SRTP adds security by
encrypting voice data and authenticating packets. Digital identity certificates are not
required, and the parameters are negotiated during call initiation time. SRTP mode is
activated typically in combination with TLS, but in some cases (e.g., testing, intranet
connections only) it is useful to allow SRTP also without TLS being activated.
For encryption and decryption of data, SRTP uses ciphers. The two parties involved in a
conversation must be "compatible" in the sense that each party understands the other
party's cipher requirements and supports them. Diva SIPcontrol supports the following
ciphers: DH, ADH, AES (128-256 bits), 3DES (64 bits), DES (64 bits), RC4 (64bytes), RC4
(256 bytes), MD5, SHA1.
SRTP can be set for each SIP peer in the security configuration. For information, see
Security Profiles. The cipher level can be set in the Global Security Parameters.
Using Certificates for Authentication and Data Encryption
For authentication and data encryption, certificates need to be installed on the computer on
which Diva SIPcontrol is installed and on remote computers. When a secure domain is
opened, server and client authenticate each other with a so called "SSL handshake". With
this handshake, the identity of a user is certified and it is assured that the user can be
trusted. All necessary certificates should be provided by a Certificate Authority (CA), and
they are issued for one domain name. For test purposes or internal usage, you can also
create and sign your own self-signed certificate, e.g., with one of the many tools available
on the internet. Search for "self-signed certificate" and you will find a list of possible tools.
But you need to be aware that self-signed certificates do not provide the same security as
CA-signed certificates. Also, many web browsers check if the certificate is signed by a CA,
and, if it is not, a warning message will appear asking whether the user really wants to trust
that web site, which can make the user feel insecure.
Certificate files can be generated in different formats, e.g., .pem, .der, .cer, or .pfx. All files
need to be in "pem" format (base64 encoded) in order to be used by Diva SIPcontrol.
A default certificate is provided with the software, but for security reasons, you should
install your own web server certificate.
Note for CER files: CER files can be renamed to .pem directly if they are base64 encoded.
No bag attribute lines and/or additional CR and empty lines are allowed. If CER files are
ASN.1 coded, they need to be converted to with a converter tool.
Note for PFX files: The PFX or PKCS#12 format is a binary format for storing the server
certificate, any intermediate certificates, and the private key in one encryptable file. When
converting a PFX file to PEM format, tools like OpenSSL will put all the certificates and the
private key into a single file. You will need to open the file in a text editor and copy each
certificate and private key (including the BEGIN/END statements) to its own individual text
file and save them as certificate.cer, CACert.cer, and privateKey.key respectively.
- Dialogic 1
- Copyright and Legal Notice 3
- Table of Contents 5
- 1. Introduction 9
- General Features 11
- Call Handling Features 12
- Media Processing Features 13
- Supported RFCs 13
- Enhanced Routing 14
- DSP-Based Features 16
- Fax and Modem Features 16
- Q.SIG Features 17
- PBX Interoperability 18
- Preparing for Configuration 19
- License Activation 19
- Device Unique ID (DUID) 20
- Proof of Purchase Code (PPC) 20
- To Activate a License File 22
- The Board Monitor 25
- The View Report Option 26
- Public Line ISDN Protocols 30
- Carrier Grade 31
- PBX Protocols 31
- Specific Major PBX Types 31
- Configuration Tips and Hints 34
- PSTN Interfaces 39
- Enhanced 40
- Address Normalization 42
- Network Interfaces 45
- SIP Peers 46
- Security 51
- Session Timer 52
- Authentication 54
- Routing 55
- Dialplan) 56
- Conditions 57
- Address Manipulation 60
- Security Profiles 61
- Global Security Parameters 62
- Diva SIPcontrol 64
- Use Case for LDAP 64
- LDAP Query 65
- LDAP Domain 66
- LDAP Cache 68
- Dialplans 69
- Address Maps 72
- Cause Code Maps 76
- Codec Profiles 78
- Registrations 80
- Logging and Diagnostics 82
- 6. Data Security 83
- Secure RTP 84
- SIPcontrol 85
- 7. How Calls are Processed 93
- Emergency Calls 96
- Routing Conditions 96
- Routing Examples 96
- Common Expressions: 103
- Common Results 103
- Address Map Examples 104
- 9. Software Uninstallation 107
- 10. Cause Code Mapping 109
- 11. Event Logging 121
- Warnings 122
- Informational Messages 123
- 12. Use Case Examples 125
- Microsoft® Lync™ Server 2010 175
- 13. SNMP Support 199
- SNMP Support 201
- Configuration Manager 203
- Diva® Line Test Tool 211
- Performing a Line Check Test 211
- Performing a Hardware Test 213
- Performing a Phone/Loop Test 213
- Advanced setup 214
- Advanced transfer setup 215
- Performing a Fax Test 216
- Diagnostics Tool 219
- 17. Customer Service 225
- Dialogic Customer Support 226
Verwandte Produkte und Handbücher für Gateways / Controller Dialogic 4000 Series SU4.1
(316 Seiten)© 2020, manymanuals.de. Alle Rechte vorbehalten. | 0.116 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Kommentare zu diesen Handbüchern