VoIP encryption - sRTP

Posted on 2012-09-21
Medium Priority
Last Modified: 2012-10-01
There's a bit of a debate going on in the office on whether to encrypt our RTP traffic.  The VoIP network is on a VLAN and is internal only.  We're aware of some of the issues with encrypting data such as speed and QoS but what are the real risks with not encrypting our RTP traffic, such as what attacks are we opening our selves up to?  Is sRTP really worth it?
Question by:jdc1944
1 Comment
LVL 20

Accepted Solution

agonza07 earned 1500 total points
ID: 38433649
How confidential are your phone conversations?

Basically, the main threat is from the inside. If an internal "hacker" can compromise your switch and sniff your VoIP VLAN traffic, then they can in turn convert that traffic to an audio file. That's pretty much your biggest risk.

So if you trust your people on the inside, then there's really no reason to introduce more complexity to your VoIP deployment. If security is a big concern, and your telephone conversations need to maintain the highest confidentiality and security, then you need to implement sRTP.

In the end, not having sRTP is like having a landline at your house. Anybody can tap in to your line from outside your house with any Walmart phone. But it's illegal and can get you in a lot of trouble. Same here.

Featured Post

Free Backup Tool for VMware and Hyper-V

Restore full virtual machine or individual guest files from 19 common file systems directly from the backup file. Schedule VM backups with PowerShell scripts. Set desired time, lean back and let the script to notify you via email upon completion.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In my office we had 10 Cisco 7940G IP phones that were useless as they were showing PROTOCOL APPLICATION INVALID when started. I searched through Google and worked for a week continuously on those phones, and finally got them working. This is a di…
I recently purchased a Bluetooth headset called the Music Jogger (model BSH10). The control buttons on it look like this: One of my goals is to use it as the microphone and speakers for Skype calls. In that respect, it works well. However, I …
This video shows how to quickly and easily deploy an email signature for all users in Office 365 and prevent it from being added to replies and forwards. (the resulting signature is applied on the server level in Exchange Online) The email signat…
With just a little bit of  SQL and VBA, many doors open to cool things like synchronize a list box to display data relevant to other information on a form.  If you have never written code or looked at an SQL statement before, no problem! ...  give i…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question