IP Office supports both SRTP and IPsec for VoIP media security.

• IP Office's IPsec feature can be utilized, but it is not recommended as it limited to the IP500 V2 platform and uses a legacy key exchange mechanism (IKEv1).

• VoIP media security using SRTP is supported on IP Office in Standard Edition, Server Edition, Select and hosted, without the need for extra licensing, for the connections:

  • IP Office , SIP and SM lines

  • Avaya H.323 extensions: 9608, 9611, 9621, 9641

  • Avaya SIP extensions: 9608, 9611, 9621 and 9641 (in centralized branch deployments), 1100 Series, 1200 Series, B179, E129, H175, J100 Series, K100 Series (Vantage), Scopia XT series

  • 3rd Party SIP extensions that support SRTP

The following configurable SRTP options are supported by IP Office:

IP Office supports a per-system SRTP set of controls, with a per-line and extension overrides, including encryption and authentication settings. The SRTP operation control has the following values:

Notes

• For calls using Dial Emergency, the Enforce setting is ignored if SRTP connection cannot be established.

• Where SIP soft clients connect to IP Office in simultaneous-registration mode (that is, another device is registered for the same user), they do not have a per-extension override of media security settings. IP Office will handle calls of these devices according to its system-level Media Security settings

• Each leg of a call is regarded independently by IP Office for SRTP control; the appropriate SRTP Line or Extension setting will determine the support by each leg. Conferencing or recording of calls with SRTP legs by IP Office will retain SRTP wherever possible.

• In order to provide complete call security, the SRTP key exchange also requires to be secured.