Administrator’s Guide SoundPoint IP / SoundStation IP
4 - 82
Configuration changes can performed locally:
Incoming Signaling Validation
The three optional levels of security for validating incoming network signaling
are:
• Source IP address validation
• Digest authentication
• Source IP address validation and digest authentication
Configuration changes can performed centrally at the boot server:
Secure Real-Time Transport Protocol
Secure Real-Time Transport Protocol (SRTP) provides means of encrypting the
audio stream(s) of VoIP phone calls to avoid interception and eavesdropping
on phone calls.
For detailed configuration instructions, refer to “Technical Bulletin 25751:
Secure Real-Time Transport Protocol on SoundPoint IP Phones” at
http://www.polycom.com/usa/en/support/voice/soundpoint_ip/VoIP_T
echnical_Bulletins_pub.html .
Configuration File Encryption
Configuration files (excluding the master configuration file), contact
directories, and configuration override files can all be encrypted.
Local Local Phone User
Interface
The custom certificate can be specified and the type of certificate to
trust can be set under the Settings menu.
Central
(boot server)
Configuration File:
sip.cfg
Specify the type of validation to perform on a request-by-request
basis, appropriate to specific event types in some cases.
• For more information, refer to Request Validation
<requestValidation/> on page A-15.
Note
The SoundPoint IP 300 and 500 phones will always fail at decrypting files. These
phones will recognize that a file is encrypted, but cannot decrypt it and will display
an error. Encrypted configuration files can only be decrypted on the SoundPoint IP
301, 320, 330, 430, 501,550, 560, 600, 601, 650, and 670 and the SoundStation IP
4000, 6000, and 7000 phones.
The master configuration file cannot be encrypted on the boot server. This file is
downloaded by the bootROM that does not recognize encrypted files. For more
information, refer to Master Configuration Files on page A-2.