Datasheet

In this example, Dan Willis is sending an invitation to initiate a messaging session with me. If I want
to communicate with Dan, even when it’s 2
A.M., I will respond with the following SIP response
message:
SIP/2.0 200 OK
Via: SIP/2.0/UDP workstation1.connectedinnovation.com
To: “Joe” <sip:joes@connectedinnovation.com>;tag=987
From: “Dan Willis” <sip:danw@awesome.com>;tag=123
Call-ID: 972-555-5555@192.168.1.102
CSeq: 1 INVITE
Contact: <sip:joes@connectedinnovation.com>192.168.1.103
Content-Type: application/sdp
Content-Length: 200
As you can see, SIP messages contain the information required for one contact to communicate with
another contact, much like our mobile and digital phones use to contact one another for example,
when someone calls you on the phone and you see the Caller ID. Caller ID is one of many settings that
are negotiated between callers.
Introducing Transport Layer Security
Transport Layer Security (TLS) is the security protocol that is enabled for use within a Live
Communications Server environment to provide encryption and authentication trusts between LCS
clients. This book provides an overview of TLS, so I encourage you to read the RFC 2246 for TLS.
As the next evolution of SSL, TLS continues to provide an encrypted transport for messaging traffic
to be sent and received. Enabling TLS within a Live Communications Server environment, like SSL
in a web server environment, requires a Public Key Infrastructure (PKI), which requires certificate con-
figuration and application on both the client and server devices. Live Communications Server requires
each server to have a TLS certificate installed, while the root Enterprise Certificate Authority that issued
the server certificates must be trusted on the client device, whether it is a laptop, desktop, or mobile
device.
Figure 1-9 shows an architecture diagram that depicts how TLS and Mutual Transport Layer Security
(MTLS), described in the following section, are used for client-to-server and server-to-server communi-
cations within a Live Communications Server environment.
Live Communications Server does not require TLS for client-to-server communication, as it offers
TCP as its default communication protocol and uses Active Directory to authenticate users, but it does
require MTLS for server-to-server communication, which means if you are deploying a LCS Enterprise
Edition pool or multiple LCS servers, you will need to enable MTLS connectivity between servers.
Enabling TLS within your Live Communications Server environment will provide the level of security
that is required to encrypt and authenticate messages between your Live Communications Server users
and servers.
20
Chapter 1
04_773212 ch01.qxp 5/25/06 6:59 PM Page 20