Information Technology Reference
In-Depth Information
It is also possible to protect voice media traffic between Cisco IP phones, secure MGCP gateways, secure CTI devices and route
points, secure SIP trunks, secure H.323 gateways, secure conference bridges, and secure H.323/H.245/H.225 trunks if no media
resources are used.
It is important to note that SRTP session keys are sent in clear text between CUCM and MGCP gateways, H.323 gateways, and
H.323/H.245/H.225 trunks, and they are therefore vulnerable to discovery unless IPsec is configured between CUCM and IOS
gateways.
Figure 7-4 shows how voice signaling between CUCM and MGCP gateways can be secured using IPsec, and how voice media can be
secured between Cisco IP phones and MGCP gateways using SRTP.
FIguRE 7-4
Securing MGCP
Signaling Using IPsec
and Voice Media Using
SRTP
MGCP over IPsec
(Master Encryption
Keys and Salt)
CUCM
MGCP Gateway
(with MGCP
SRTP Package)
V
SRTP
 
 
 
Search WWH ::




Custom Search