136
The MCU supports the use of encryption with SIP. When encryption is in use with SIP, the audio and video media
are encrypted using Secure Real-time Transport Protocol (SRTP). When using SRTP, the default mechanism for
exchanging keys is Session Description Protocol Security Description (SDES). SDES exchanges keys in clear text, so it
is a good idea to use SRTP in conjunction with a secure transport for call control messages. You can configure the
MCU to also use Transport Layer Security (TLS) which is a secure transport mechanism that can be used for SIP call
control messages.
Using TLS for call setup is not sufficient for the call to be considered encrypted such that it can participate in a
conference which requires encryption. Where encryption is required in the conference configuration, a SIP call must
use SRTP.
To configure the MCU to use SRTP to encrypt media in calls that are set up using TLS:
1. You must have the encryption feature key installed on your MCU.
2. Go to and set:
o Encryption status to Enabled.
o Default setting for new scheduled conferences to Required.
o SRTP encryption to Secure transports (TLS) only.
3. Go to and set Outgoing transport to TLS.
Note that to allow the MCU to accept incoming calls that use TLS, go to and ensure that Incoming
Encrypted SIP (TLS) is selected.