V7122 Gateway User Guide 333CHAPTER 13: SECURITYThis section describes the security mechanisms and protocols implemented on the gateway.The following list specifies the available security protocols and their objectives: IPSec and IKE protocols are part of the IETF standards for establishing a secured IPconnection between two applications. IPSec and IKE are used in conjunction to providesecurity for control and management protocols but not for media (see IPSec and IKE). SSL ( Secure Socket Layer) / TLS (Transport Layer Security) – The SSL / TLS protocolsare used to provide privacy and data integrity between two communicating applicationsover TCP/IP. They are used to secure the following applications: SIP Signaling (SIPS),Web access (HTTPS) and Telnet access (see SSL/TLS). Secured RTP (SRTP) according to RFC 3711, used to encrypt RTP and RTCP transport(see SRTP). RADIUS (Remote Authentication Dial-In User Service) - RADIUS server is used to enablemultiple-user management on a centralized platform (see RADIUS Login Authentication). Internal Firewall allows filtering unwanted inbound traffic (see Internal Firewall).IPSec and IKEIPSec and IKE protocols are part of the IETF standards for establishing a secured IPconnection between two applications (also referred to as peers). Providing security servicesat the IP layer, IPSec and IKE are transparent to IP applications.IPSec and IKE are used in conjunction to provide security for control and management (forexample, SNMP and Web) protocols but not for media (that is, RTP, RTCP and T.38).IPSec is responsible for securing the IP traffic. This is accomplished by using theEncapsulation Security Payload (ESP) protocol to encrypt the IP payload (illustrated inFigure 103). The IKE protocol is responsible for obtaining the IPSec encryption keys andencryption profile (known as IPSec Security Association (SA)).Figure 103 IPSec Encryption