Specifications
administration.fm
A31003-O1010-M100-17-76A9, 18/05/2010
OpenScape Voice - OpenStage Family, Administration Manual
3-31
Administration
Speech Encryption
3.4 Speech Encryption
Secure speech transmission via SRTP is possible.
If Use secure calls is activated, the encryption of outgoing calls is enabled, and the phone is
capable of receiving encrypted calls. An icon in the call view tells the user whether a call is se-
cure or not. If an active call changes from secure to insecure, e. g. after a transfer, a popup
window and an alert tone will notify the user. For enabling secure calls, a TLS connection to
the OpenScape Voice server is required.
If SIP server certificate validation resp. Backup SIP server certificate validation is activat-
ed, the phone will validate the server certificate sent by the OpenScape Voice server in order
to establish a TLS connection. The server certificate is validated against the root certificate
from the trusted certificate authority (CA), which must be stored on the phone first. For deliver-
ing the root certificate, a DLS (Deployment Software) server is required.
Administration via WBM
System > Security
Administration via Local Phone
>
For secure calls, it is required that both endpoints support SRTP. The secure call
indication tells the user that the other endpoint has acknowledged the secure con-
nection.
>
In order to use SRTP, the phone must be configured for NTP (for further information
please see Section 3.5.4, “Date and Time”). The reason is that the key generation
(MIKEY) uses the system time of the particular device as a basis. Thus, encryption
will only work correctly if all devices have the same UTC time.
|
--- Administration
|
--- System
|
--- Security
|--- Server cerfificate
|--- Backup certificate
|
--- Use secure calls