[EMAIL PROTECTED] wrote:
Well, I think a vpn would do the trick. Personally, I wouldn't even worry about encrypting the stream more than once, as long as you choose the right method.Gentlemen and ladies of the Asterisk community.
I am considering implementing asterisk based IAX solution for a business that handles a lot of sensitive data. Internal security will be no worse than before as they plan on connecting to their current PBX to handle switching. The asterisk boxes will just handle their trunks between the offices. Other than VPN with a few levels of encryption on the VPN any ideas on other good and affordable ways to implement security on the IAX links?
Thanks. [EMAIL PROTECTED]
Add too many layers on, and you increase latency and possible packet loss. Not good.
Here, we are using openvpn, in the tls server/client model. Keys are regenerated once an hour, so the best someone could do is sniff an hour's worth of data before they'd have to refigure the encryption.
If you are sure people are going to try breaking into the stream, you might wan to think about other security methods beyond encryption ( a really big bat, for example ). Anything that adds latency is a "Bad Thing (tm)", and further, encrypting something more than once indicates, to me at least, that encryption is not the solution.
But what the hell, maybe I'm wrong. Other opinions are certainly warrented.
Sean _______________________________________________ Asterisk-Users mailing list [EMAIL PROTECTED] http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
