Hi - I have a PCIDSs requirement to encrypt VoIP over a 3rd party VPLS network. Has anyone dealt with this. I'd really not use VPN's over the VPLS so am looking at hardware WAN encrypters. Any guidance appreciated. Thanks Simon
On Thu, Apr 9, 2015 at 1:21 PM, Simon Brilus <sbrilus@blueyonder.co.uk> wrote:
Hi - I have a PCIDSs requirement to encrypt VoIP over a 3rd party VPLS network. Has anyone dealt with this. I'd really not use VPN's over the VPLS so am looking at hardware WAN encrypters.
SafeNet and Thales sell L2 WAN encryptors for sure. There is AEP and SINA which also do hardware WAN encryption, but I do not know if they do Layer2. Eugeniu
On Thu, Apr 9, 2015 at 6:21 AM, Simon Brilus <sbrilus@blueyonder.co.uk> wrote:
Hi - I have a PCIDSs requirement to encrypt VoIP over a 3rd party VPLS network. Has anyone dealt with this. I'd really not use VPN's over the VPLS so am looking at hardware WAN encrypters.
wait, you don't want to do some VPN thing over the VPLS network links, but you think that hardware wan encrypters are going to work on the VPLS links? Did you plan on installing one of these devices at the carrier facility? and at all the other possible hops along the way? or were you hoping that the encrypter would not muddle with the L2 payload, but leave the L2 headers intact?
Any guidance appreciated.
On Thu, Apr 09, 2015 at 11:04:06AM -0400, Christopher Morrow wrote:
On Thu, Apr 9, 2015 at 6:21 AM, Simon Brilus <sbrilus@blueyonder.co.uk> wrote:
Hi - I have a PCIDSs requirement to encrypt VoIP over a 3rd party VPLS network. Has anyone dealt with this. I'd really not use VPN's over the VPLS so am looking at hardware WAN encrypters.
wait, you don't want to do some VPN thing over the VPLS network links, but you think that hardware wan encrypters are going to work on the VPLS links? Did you plan on installing one of these devices at the carrier facility? and at all the other possible hops along the way?
or were you hoping that the encrypter would not muddle with the L2 payload, but leave the L2 headers intact?
Any guidance appreciated.
Lost the original post, but why not SIP+TLS & SRTP? Ray
Hi Simon, My understanding is that since your 3rd party VPLS instance is a private ³MPLS² network, there is no requirement for application-level encryption. However if you wanted to encrypt VOIP that carries credit card data, some PBX/handsets offer application-level media encryption if that¹s the problem you want to solve to minimize your PCI scope. Cheers! Ed On 4/9/15, 6:21 AM, "Simon Brilus" <sbrilus@blueyonder.co.uk> wrote:
Hi - I have a PCIDSs requirement to encrypt VoIP over a 3rd party VPLS network. Has anyone dealt with this. I'd really not use VPN's over the VPLS so am looking at hardware WAN encrypters.
Any guidance appreciated.
Thanks
Simon
participants (5)
-
Christopher Morrow -
Edwin Mallette -
Eugeniu Patrascu -
Ray Van Dolson -
Simon Brilus