Manualshelf

Specifications

ManualsBrandsSiemens ManualsIP PhoneHIPATH V1.2.33
331332333334335336337338339340
Explorers Nur für den internen Gebrauch
A31003-H3580-M103-2-76A9, 01-2009
7-202 HiPath 3000/5000 V8 - HG 1500 V8, Administrator Documentation
hg-07.fm
Payload
7.7.6.3 View Security Settings
The SPE Security Setup dialog box displays the security settings for signaling and payload en-
cryption (SPE), i.e. for the encryption of signaling and payload communication between the
gateway and the VoIP clients as well between two gateways.
WBM path:
WBM > Explorers > Payload > (right-click) Signaling & Payload Encryption (SPE) > Show Se-
curity Configuration
Procedure:
Proceed as follows to display the SPE security configuration:
1. Select: WBM > Explorers > Payload > (right-click) Signaling & Payload Encryption (SPE)
> Show Security Configuration. The SPE Security Setup mask is displayed containing the
following data:
Minimal length of the RSA key: e.g. 1024.
Minimal length of the RSA key in the certificates. The following lengths are possible:
512, 1024 and 2048. The higher the value, the more secure the key.
Certificate validation with CRL verification required: for example, No.
You can use the certificate revocation list (CRL) to specify whether and why a certifi-
cate should be blocked/revoked. If a certificate or certification authority (CA) declares
a certificate invalid, it enters the certificate’s serial number in its list. This list can be
downloaded from the certification authoritys Internet site for certificate inspection.
Minimum Re-Keying interval [hours]: for example. 24.
This interval defines how long a certain key should be used for the encryption of sig-
naling and user data. A new key is generated when this interval expires.
Subjectname check: e.g. No.
By checking the subject name in the certificate of a gateway (HG 1500) its identity can
be checked. The subject name contains the IP address or the DNS name (DNS: Do-
main Name System) of the respective gateway.
Salt Key Usage: e.g. Yes.
This procedure can be used to securely encrypt passwords. This procedures makes
decrypting these passwords considerably more difficult or even almost impossible. For
example after encryption it is not possible to tell whether two users have the same
password.