Administrator’s Guide for SIP-T2 Series/T19(P) E2/T4 Series IP Phones896Encrypted contact files can be used to protect against unauthorized access and tampering ofprivate information (e.g., contact number). It is helpful for protecting trade secrets.You can configure the contact files to be automatically encrypted using 16-character symmetrickeys (configured by the parameter “static.auto_provision.aes_key_16.mac”) when uploading tothe server (by setting the value of the parameter “static.auto_provision.encryption.directory” to1). The encrypted contact files have the same file names as before. The encrypted contact filescan be downloaded from the server and decrypted using 16-character symmetric keys duringauto provisioning. If the parameter “static.auto_provision.aes_key_16.mac” is left blank, the valueof the parameter “static.auto_provision.aes_key_16.com” will be used.If the downloaded contact files is encrypted, the IP phone will try to decrypt-contact.xml file using the plaintext AES key. After decryption, the IP phone resolvescontact files and updates contact information onto the IP phone system.Incoming Signaling ValidationYealink IP phones support the following three optional levels of security for validating incomingnetwork signaling: Source IP address validation: ensure request is received from an IP address of a serverbelonging to the set of target SIP servers. Digest authentication: challenge requests with digest authentication using the localcredentials for the associated registered account. Source IP address validation and digest authentication: apply both of the abovemethods.ProcedureIncoming signaling validation can be configured using the configuration files.Central Provisioning(Configuration File).cfgConfigure incoming dignaling validation.Parameter:sip.request_validation.source.listsip.request_validation.digest.listsip.request_validation.digest.realmsip.request_validation.digest.event
