[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: IPSec IP Telephony:End to End or Segment

It's not an either/or it's situation dependent.

Inside a corporate network it may not be necessary and the gateway does the
work. (between two points of trust)

In a public network, IPSEC from the end device may or may not be required,
depending on user security needs.

For the Internet Phone to normal PSTN Phone conversation the same applies.
You either protect it for the IP part of the link or you don't. The voice
part of the link continues as it always does.

-----Original Message-----
From: Anthony Walwyn [mailto:anthony.walwyn@telematics.com]
Sent: 30 March 1999 11:32
To: ipsec@lists.tislabs.com
Subject: IPSec IP Telephony:End to End or Segment


I've a question which I hope the experts on 
this list can answer/give their opinion.

With respect to IP Telephony, should security be
end-to-end or does it make sense to have it on 
just one segment, eg between two IP Telephony Gateways.

Phone--PSTN--IPGW--IP Network--IPGW--PSTN-Phone

If security is only implemented between the Gateways
is the security risk unacceptable ??

If the phones were Internet-Phones, security could be 
implemented end-to-end using IPSec, but what happens if
one end is an Internet Phone and one end is a normal PSTN Phone ?

Anthony Walwyn                      Title: Senior Systems Engineer
ECI Telecom, UK DCME Development,   Voice: +44(0)1256 388065
ISIS House, Reading Road, Chineham  Fax  : +44(0)1256 388142
Basingstoke, Hampshire UK RG24 8TW  Email: anthony.walwyn@telematics.com