The VOCAL Secure SIP Analog Modem Server (SSAMS) package offers an additional layer of protection to the standard SAMS that helps to bridge the gap between legacy analog systems and modern secure telecommunications infrastructure.
Secure SAMS adds strong encryption capabilities to all of the network interfaces exposed by SAMS. This includes the SIP, RTP, and DTE interfaces.
- Real-Time Transport Protocol (RTP)
- Secure Real-Time Transport Protocol (SRTP)
- Transport Layer Security (TLS) and Secure Socket Layer (SSL)
- Data Modem Server
- Analog Modem Adapter (AMA)
SIPS is used to provide end-to-end encryption in supporting telecom networks and TLS SIP is available to secure the connection to a public SIP provider. This includes support for PKI based server authentication. SIPS and TLS SIP protect modem calls from man-in-the-middle attacks as well as securing vital metadata related to the calls.
SRTP is utilized on the RTP stream along with key negotiation mechanisms to encrypt the audio stream between SAMS and the telecom provider. This audio stream can carry sensitive information such as meter polling data, credit card transactions, or out of band login information. SRTP protects this data from eavesdropping attempts that could leak this information to unauthorized third parties.
DTE TLS secures the SAMS DTE interface. This is the interface where AT commands and demodulated data are transferred between SAMS and the controlling application. Encryption is very important here, especially when the SAMS server and application server are located on different networks. The sensitive and business critical information that is being transferred over the SAMS modem connection cannot be allowed to traverse the public internet without this additional layer of encryption, otherwise it is open to being intercepted by unauthorized adversaries.
Features
- Includes all standard SAMS features
- SIPS – SIP Secure using TLS (RFC 3261)
- SRTP – Secure Real-time Transport Protocol (RFC 3711, RFC 4568)
- MKI – Master Key Identifier (part of RFC 3711)
- AES – Advanced Encryption Standard – supports 128/195/256 bit keys
- HMAC – Authentication
- DTE TLS – Secure Transport for Modem Data Stream
- PKI based SIP server authentication
VOCAL’s solution is available for the above platforms. Please contact us for specific supported platforms.