VoIP and SRST/AES Encryption!

Encryption of VoIP traffic was, for some of us a humorous concept. I remembered as a young development professional how much fun it was to use a packet sniffer to capture the bosses packets and reassemble his email over the LAN. Years before that when I worked at the phone company as a central office test engineer, it was not uncommon to find an interesting phone call and plug it into the over head paging system to provide entertainment for the late night test crew. There are times I still think the concept of encryption on VoIP is humorous, but it is becoming less funny all the time as we move toward end to end VoIP with no TDM at all in a world populated by terrorists and other evil doers. In any VoIP environment today, you can at some point use the usual tapping tools to capture a phone call as it hits the TDM gateway and is converted from VoIP to traditional analog or digital signals. From an induction coil to a line mans butt set, you can still intercept a VoIP call as it crosses the TDM boundary.


Now that VoIP is being used end to end, we do need to have a mechanism for encrypting at least the media stream. Today we generally do that with SRTP and IETF standard in combination with AES. AES or the Advanced Encryption Standard was adopted by the US Government and comprises three block ciphers: AES 128, AES 192 and AES256. Each AES cipher has a 128 bit block size with key sizes of 128, 192,and 256 respectively. This standard has generally replaced the former Data Encryption Standard or DES. It is important to understand the difference between encryption and authentication. Determining that a signal is “authentic” and originated from a source we believe to be authentic, and encrypting the contents of that communication are two very different issues. Media authentication and encryption ensures that the media streams between authenticated devices (i.e. we have validated the devices and identifies at each end) are secure and that only the intended device receives and reads the data. We need to encrypt both the media (i.e. the voice) and the signaling information (i.e. the DTMF). In most VoIP systems today, SRTO or secure RTO is implemented to assure media encryption. Understand that this encryption is not passed through to the TDM network, so once the media stream leaves the VoIP environment it is subject to eavesdropping.

Clearly as we are now able to employ VoIP end to end, SRST/AES encryption has very powerful ramifications for both the good guys and the bad guys!

Get The Most out of your ShoreTel Communications System

ShoreTel Training for Small Businesses

There are many incredible services available to help small businesses with ShoreTel training for their ShoreTel communications system. With all of the great opportunities for businesses to have one-on-one support as well as comprehensive online tutorials, it is easier than it has ever been to truly get the most from your ShoreTel VoIP system.

Some of the offerings available for this type of hands on ShoreTel training include online courses that can give small businesses the knowledge they need to install, configure, trouble-shoot and thoroughly learn the administrative process. However, by far the most powerful tool available for businesses is the ShoreTel training VoIP Solutions DVD. This incredible training DVD will give small businesses the power to effectively learn the skills they need to make their system as functional as possible. This includes managing IP phones; setting up and creating users, hunt groups, automated attendants, and trunk groups. This type of training gives businesses and business owners the tools they need to make their ShoreTel communications system work for them and make their VoIP solution as efficient as possible. Below you will find some of the administrative processes and other functions of your ShoreTel system that the ShoreTel training VoIP solutions DVD will allow your business to quickly and easily implement.

•    Dialing Plan Definition
•    SIP Basics
•    Professional Call Manager Integration
•    Configuring Application Servers
•    Trunk Group Definition
•    System Installation Overview
•    Configuring IP Phones
•    Setting Call Control Options
•    Microsoft Unified Communications Server
•    Configuring Switches