Security and Encryption Gotchas?

[AdmanOK]

I have a customer that is wanting to implement encryption of the signaling and voice streams on their IP Telephony system on the recommendation of an external auditor. I've not actually deployed a voice network with the security features activated. Are there any potential issues with doing something like this? They have an IPCC deployment and make use of call monitoring and recording. Does this still work if the RTP stream is encrypted? What's the best document that outlines the process of implementing this? I've read through a couple of them, but the ones that I have found don't seem to document it end to end.

 

[VoIPGuyNSC]

Certainly not the answer you are looking for, but all of the professionals that I've spoken to say that unless you have NO bandwidth concerns, that encryption is a no-no. It simply adds more delay into the equation. That being said, though, I could certainly see an application for it under ideal circumstances.

John Lever
Telecommunications
Richland School District Two

 

[iptuser]

Sorry to be so negative but that seems to be a very normal "Consultant" response- "I've read it some where don't have a clue but ....." Unless it's something like DOD/ MOD why encrypt ? Do they encrypt their data- email, documents etc I bet they send more sensitive info. across the Internet then in a phone call. Are they looking to encrypt on their LAN only ? You have to be careful with encryption and Voice recording also will their Firewalls work if they encrypt ?