[cisco-voip] srtp cme to cucm

Jason Aarons (US) jason.aarons at us.didata.com
Tue Mar 29 08:45:48 EDT 2011


Additionally SRTP  may not encrypt the signaling and wireshark can see communication paths, I'd do a site-site IPSEC tunnel for a remote branch if given the option.

I agree that SIP loads and SIP gateways are the future, I'd encourage their testing/use as I agree with Nick that long term SIP is the defacto standard. Plus easier to decode than H.245.

-----Original Message-----
From: cisco-voip-bounces at puck.nether.net [mailto:cisco-voip-bounces at puck.nether.net] On Behalf Of Nick Matthews
Sent: Tuesday, March 29, 2011 2:19 AM
To: cisco.voip
Cc: cisco-voip at puck.nether.net
Subject: Re: [cisco-voip] srtp cme to cucm

This is a combination of 3 things - secure CME (secure SCCP), secure
H.323 or SIP, and then a secure CUCM cluster.

Even then you can just encrypt the signaling (TLS) or encrypt the signal and media (TLS + SRTP).  This is not a small undertaking, as cryptography has quite a bit of configuration associated.  I would confirm that there is business justification for either case, as it adds complexity to many aspects of the implementation and troubleshooting.

I'm not sure if you'll see much of a difference between H.323 and SIP.
 I prefer SIP just because I can read it better and it's more future-proof.  More of a personal opinion - others may like H.323 because 'it just works'.

-nick

On Tue, Mar 29, 2011 at 12:54 AM, cisco.voip <cisco.voip at verizon.net> wrote:
> All,
> Can I do srtp between my CUCME 8.5 branch offices and the Call Manager 
> 7.1.5 HQ servers?
> What is the current best practice to connect CME to Call Manager - 
> H323, SIP trunk?
>
> Thanks.
> Cisco.Voip
>
>
> _______________________________________________
> cisco-voip mailing list
> cisco-voip at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-voip
>
_______________________________________________
cisco-voip mailing list
cisco-voip at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip
-----------------------------------------
Disclaimer:

This e-mail communication and any attachments may contain
confidential and privileged information and is for use by the
designated addressee(s) named above only.  If you are not the
intended addressee, you are hereby notified that you have received
this communication in error and that any use or reproduction of
this email or its contents is strictly prohibited and may be
unlawful.  If you have received this communication in error, please
notify us immediately by replying to this message and deleting it
from your computer. Thank you.



More information about the cisco-voip mailing list