Manualshelf

Notice

ManualsBrandsAvaya ManualsIP phones0604DBG
12345678910
Nortel Page 3 of 24
By default, Media Security is enabled on the Nortel Communication Server 1000 release
5.0. For more information about Media Security concepts and implementation in
Communication Server 1000 Release 5.0, see Nortel Communication Server 1000 Security
Management Fundamentals (NN43001-604).
Media Security delivered with Communication Server 1000 Release 5.0 exchanges security
keys through UNIStim, using a secure channel. This implementation of SRTP using UNIStim
Keys (USK) is different from the implementation of SRTP using PreShared Keys (PSK) that
was first introduced into the IP Phone firmware 0604DAD for the Phase II IP Phone 2001,
Phase II IP Phone 2002, and Phase II IP Phone 2004, firmware version 0621C3A for the IP
Phone 2007, firmware 0624C23 and 0625C23 for the IP Phone 1120E and IP Phone 1140E
respectively and firmware 0623C3C and 0627C3C for the IP Phone 1110 and IP Phone
1150E respectively
SRTP PSK was designed to provide encrypted media to deployments where the Call
Servers do not yet (or will not) support the traditional SRTP key exchange infrastructure. It is
also useful in situations where security requirements are less aggressive and the
organization does not want to invest in the infrastructure required to support a traditional key
exchange. But SRTP PSK has some limitations which are overcome with using the SRTP
USK implementation. The benefits of SRTP USK over SRTP PSK include:
Centralized provisioning. SRTP PSK can only be enabled manually by provisioning
each IP Phone using the configuration menu
The beginning of the call is encrypted. With SRTP PSK the first few seconds of the
conversation will not be encrypted.
All codecs and packet sizes are supported. With SRTP PSK certain choices of codec
and packet size will not allow the media stream to be encrypted.
IP Gateways are supported. With SRTP PSK secure calls are only supported
between two Nortel IP Phones associated with the same Call Server or on two
different Call Servers connected by an IP Trunk.
These new firmware loads offer both SRTP PSK and SRTP USK.