Encrypting the SIP Header Value
For enhanced security, you can configure the device to encrypt the value of a specific SIP header. Encryption is done using the AES-256 key algorithm. This feature is typically used between two AudioCodes devices, where one encrypts the SIP header value before sending the SIP message, while the other decrypts the value when it receives the SIP message.
This feature is intended for SIP headers that are not used by the device for classification or routing. For example, you may want to encrypt the value of a proprietary SIP header called "P-Access-Network-Info" that may contain sensitive information.
| ➢ | To configure SIP header value encryption: |
| 1. | Open the SIP Definitions General Settings page (Setup menu > Signaling & Media tab > SIP Definitions folder > SIP Definitions General Settings), and then in the 'AES-256 Encryption Key' parameter, configure the encryption key. |
| ● | The key must be 32 characters. |
| ● | Configure both devices with the same key. |
| 2. | Open the Message Manipulations table (Setup menu > Signaling & Media tab > Message Manipulation folder > Message Manipulations), and then configure a Message Manipulation rule to specify the SIP header to encrypt. Use the Funct.Encrypt and Funct.Decrypt keywords in the 'Action Value' field to encrypt and decrypt the header, respectively. For more information, refer to the device's User's Manual. |
| 3. | Open the IP Groups table, and then assign the Manipulation Set ID (configured in the previous step) to the relevant IP Group. |