[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: IPSec IP Telephony:End to End or Segment
Anthony,
I think that the model you suggest below will be a well known paradigm for
IP telephony. Vendors such as Nortel and Qwest are terminating T1 lines at
a device that is able to packetize voice. These voice gateways are then
sending packetized voice over public IP networks. This is totally insecure
traffic today. Our belief here at Spring Tide is that the ISP will need to
provide an additional IP security service for the voice traffic. This will
be done as you describe: two security gateways tunneling subscriber voice
sessions. There are other aspects of this problem, such as providing a
level of service that supports the delay-sensitive voice traffic, but that
is another discussion.
I hope that this helps you.
Steve.
-----Original Message-----
From: Anthony Walwyn [SMTP:anthony.walwyn@telematics.com]
Sent: Tuesday, March 30, 1999 5:32 AM
To: ipsec@lists.tislabs.com
Subject: IPSec IP Telephony:End to End or Segment
Hi,
I've a question which I hope the experts on
this list can answer/give their opinion.
With respect to IP Telephony, should security be
end-to-end or does it make sense to have it on
just one segment, eg between two IP Telephony Gateways.
Phone--PSTN--IPGW--IP Network--IPGW--PSTN-Phone
If security is only implemented between the Gateways
is the security risk unacceptable ??
If the phones were Internet-Phones, security could be
implemented end-to-end using IPSec, but what happens if
one end is an Internet Phone and one end is a normal PSTN Phone ?
--
Anthony Walwyn Title: Senior Systems Engineer
ECI Telecom, UK DCME Development, Voice: +44(0)1256 388065
ISIS House, Reading Road, Chineham Fax : +44(0)1256 388142
Basingstoke, Hampshire UK RG24 8TW Email: anthony.walwyn@telematics.com