When connecting to your phone system, Fonolo offers the option of using Secure SIP (SIPS) over port TCP/5061. Although not needed or required in most cases, this connectivity option offers an extra layer of security, and can be configured for customers connecting to Fonolo using the Cloud-Based SIP integration option.
The Fonolo service will utilize secure SIP that provides encryption on data in transit, utilizing TLS with AES-256 encryption (supporting the ciphers listed below).
It will require a valid certificate signed by a known certificate authority publisher; self signed certificates will be rejected.
An optional IPSec VPN is available as an add-on to the service – for more details, see Connecting via an IPSec VPN.
Secure SIP Supported Configurations
When setting up a Secure SIP connection, Fonolo supports the following configuration options that must match what your phone system and hardware devices are capable of.
Fonolo Secure SIP:
- Supports TLS v1.1 and TLS v1.2. SSL v2, SSL v3, and TLS v1.0 are all disabled by default.
- Is limited to the following ciphers: