Sip account properties – transport – CounterPath Bria 3.5.2 for Windows User Guide - Retail Deployments User Manual

Bria 3 for Windows User Guide – Retail Deployments

63

SIP Account Properties – Transport

Encryption

You can set up Bria for the type of security (encryption) you want for incoming and outgoing calls.

Bria supports:

• Signaling encryption using TLS
• Media encryption using SRTP.

Setting up for Security outside of Bria

When using TLS, you must have the root certificate that signs the proxy's chain of certificates. In most cases,
the root certification will already be installed. Procedures for the exchange of certificates are outside the scope
of this documentation. The certificates must be stored on the Bria computer, in the root certificate store.

Setting up the root certificate on your computer ensures that the connection to the proxy is TLS secure (the first
hop). Any proxy in the chain (between you and the caller) that does not support TLS may cause an insecure link
in the chain. Therefore, if the other party is outside your domain, you cannot be completely sure that the call is
secured at the signaling level, which means that you cannot be sure that it is secured at the media level.

Table 7: SIP Account Properties – Transport

Field

Description

Signaling Transport

Contact your VoIP service provider to identify the types of transport that are supported.
Then choose a supported transport:

• Automatic: Bria sets up the transport based on the capabilities of the network and the

Bria computer. Choose this option if you do not care which transport is used.

• TCP: This transport provides no signaling security.

• UDP: This transport provides no signaling security.

• TLS: Choose this option to request signaling encryption or both signaling and media

encryption.

Encryption

See the description below for more information.

Enable IPv6

Generally, leave this enabled. Disable it only if advised to do so by your VoIP service
provider.