Manualshelf

User`s guide

ManualsBrandsDialogic ManualsComputer equipment4000 Series SU4.1
251252253254255256257258259260
Dialogic
®
1000 and 2000 Media Gateway Series User’s Guide 255
7
Data Security
Information about data security and how it is supported by the Dialogic
®
Media Gateway is
described in the following sections:
Data Security Overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 255
Secure HTTP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 255
SIP Call Control Security using TLS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 257
Secure Voice Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 260
Installing Certificate Using Internet Explorer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 262
7.1 Data Security Overview
Data security on the Media Gateway includes the use of various secure protocols when transmitting
and receiving data. The Media Gateway secures three types of data:
HTTP - The data transmitted between the Media Gateway and a Web browser. To secure
HTTP, the Media Gateway uses the Secure HTTP (HTTPS) protocol.
Call Control - The data used to setup and tear down a call. To secure Call Control, the Media
Gateway uses Transport Layer Security (TLS) on top of SIP
Voice - The actual conversation once a call is connected. To secure voice, the Media Gateway
uses Secure RTP (SRTP).
The HTTPS and TLS protocols require digital identity certificates (e.g. public key certificates).
Therefore, certificate management is also covered in this section.
7.2 Secure HTTP
HTTP data is transmitted as messages between the Media Gateway and a Web browser. These
messages travel on the network as clear text and can be “listened” to by anyone. Even though the
HTTP interface has access security (via a password), privacy is not secure.
As an example, if a message containing a request to change a password were captured by a hacker
or third party, the hacker or third party could log on to the Media Gateway and change the
configuration. HTTPS safeguards HTTP data by encryption and authentication. With HTTPS,
messages are no longer transmitted as clear text and are not readily readable.
HTTPS requires two actions by the user:
Both the Media Gateway and the PC on which the Web browser used to connect to the Media
Gateway via HTTPS is running must be configured with the proper certificate.