Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Noprint
Panel
borderColorgreen
bgColortransparent
borderWidth2

Back to Table of Contents

Back to SBC Network Deployment Scenarios

Back to Service Provider Deployment Scenarios

Back to Access (UNI) Scenarios

Panel

In this section:

Table of Contents
maxLevel3

Scenario

The 

Spacevars
0product
 supports encryption across the access and core networks.

Background Information

  • Refer to the background information in Basic Service Availability - DNS.
  • The
    Spacevars
    0product
    supports various encryption protocols such as TLS, IPsec and SRTP.
  • Since the peers are trusted in the core network, encryption protocols may not be necessary on this side.

Description

Caption
0Figure
1Encryption support

Image Modified

  • IADs may use secure paths, such as TLS, IPsec and SRTP for encryption.
  • The
    Spacevars
    0product
    performs scaling as each end point requires a separate connection/tunnel. With support for encryption protocols, the
    Spacevars
    0product
    transmits the message to the core network.

DTLS Encryption

The following cipher suites are supported for DTLS encryption:

  • rsa-with-3des-ede-cbc-sha
  • rsa-with-aes-128-cbc-sha
  • rsa-with-aes-128-cbc-sha-256
  • rsa-with-aes-256-cbc-sha
  • rsa-with-aes-256-cbc-sha-256
  • rsa-with-null-sha
  • tls_ecdh_ecdsa_with_aes_256_cbc_sha384
  • tls_ecdh_ecdsa_with_aes_256_gcm_sha384
  • tls_ecdhe_rsa_with_aes_128_cbc_sha
  • tls_ecdhe_rsa_with_aes_256_cbc_sha384

SRTP Encryption

The crypto suite profile is supported with the following values for SRTP encryption:

  • AES-CM-128-HMAC-SHA1-32 
  • AES-CM-128-HMAC-SHA1-80


Pagebreak