[cisco-voip] Comparison between using SIP Trunk Encryption and IPSec encryption

Dennis Heim Dennis.Heim at cdw.com
Wed Mar 28 15:16:28 EDT 2012


Call me crazy.. but I am going to ask why?

Dennis Heim
Senior Engineer (Unified Communications)
CDW  Advanced Technology Services
10610 9th Place
Bellevue, WA 98004

425.310.5299 Single Number Reach (WA)
317.569.4255 Single Number Reach (IN)
317.569.4201 Fax
dennis.heim at cdw.com<mailto:dennis.heim at cdw.com>
cdw.com/content/solutions/unified-communications/<http://www.cdw.com/content/solutions/unified-communications/>

From: cisco-voip-bounces at puck.nether.net [mailto:cisco-voip-bounces at puck.nether.net] On Behalf Of ROZA, Ariel
Sent: Wednesday, March 28, 2012 11:40 AM
To: cisco-voip at puck.nether.net
Subject: [cisco-voip] Comparison between using SIP Trunk Encryption and IPSec encryption

Hi, guys and gals!

I wanted to know the opinion of the members of the list about the best strategy for encryption of voice calls.

I am implementing call encryption for a customer´s internal IP telephony infrastructure.
So far I have configured encryption for IP Phones (using tokens) and Analog phones (SRTP, + IPSec between CUCM and each gateway).

Now I am planning to encrypt the calls going through a couple of SIP trunks. The trunks are between the CUCM servers and Cisco 2800 gateways)
A coworker of mine specialized in security suggested me implementing IPSec between  the CUCM Servers and the gateways configured with SIP, instead of using the official approach (TLS with certificates). He claims that it will be simpler to deploy (no troubles with CAs and loading certificates into CUCM) and will offer the same level of protection.

I would like to know if anyone faced this possibility before, and your insight about this.

Thanks everyone in advance!



ARIEL ROZA
Advanced Engineering



LOGICALIS
Perú 327 1er Piso - C.A.B.A. - Argentina - C1067AAG
Tel/Fax: +54 (11) 4344-0300
ariel.roza at la.logicalis.com<mailto:ariel.roza at la.logicalis.com>
www.la.logicalis.com<http://www.la.logicalis.com>
www.logicalisnow.com<http://www.logicalisnow.com>


Por favor, piense en el medioambiente antes de imprimir este email.
La presente información se envía únicamente para el destinatario, y contiene información de carácter CONFIDENCIAL o PRIVLEGIADA.
La modificación, retransmisión, difusón, copia u otro uso de esta información por cualquier medio, por personas distintas al destinatario, están estrictamente prohibidas.



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20120328/fa4d449f/attachment.html>


More information about the cisco-voip mailing list