[Serusers] Security methods for PSTN termination of SIP calls

[Alan Litster]

Marian,

When you say to use authentication between server are you suggesting that
the proxy that the users are hanging off authenticates all INVITE requests
before forwarding them onto the proxy that controls access to the gateway?
Or are you referring to some form of proxy to proxy authentication
mechanism? If so what is it, as I've never come across one before and would
be very interested in knowing more about it.
I think using IPSEC/TLS is a little heavy duty for our needs. We require
some means of verifying the identity of the remote SIP proxy that does not
go by source IP address.

Regards,

Alan

-----Original Message-----
Hi Alan,

Excepting source IP check (which is not reliable), you can also use
authentication between server - SIPproxy2 authenticates all request sent
to SIP proxy1 and vice-versa.

Since the end points are fixed (PSTN GWs), you can create IPSEC tunnels
to transport the signaling part. Tunneling also the media will probably
introduce delay and will require some really performat machines :-).

Also you can go for TLS, which is as concept basically the same thing
IPSEC tunnels. The major difference is that TLS is not free as IPSEC is.

Best regards,
Marian



-------------------------------------------------------------------------------------------------------
This email, and any files transmitted with it, is copyright and may contain confidential information.
The contents are intended for the use of the addressee(s) only.
Unauthorized use may be unlawful.
If you receive this email by mistake, please advise sender immediately.
The views of the author may not necessarily constitute the views of Telco Electronics Limited.
Nothing in this mail shall bind Telco Electronics Limited in any contract or obligation.

Telco Electronics Limited
6-8 Oxford Court
Brackley
Northants
NN13 7XY

Tel 01280 761600
Fax 01280 841174