SecurePBX encrypted communications service

With modern communications moving to Internet based technologies it is becoming increasingly important to protect not only file data but also voice communications. Project Fort allows to significantly minimize risk of third-party call intercept. One of the key methods to do so is an IPSEC encrypted channel to the IP PBX. IPSEC is an industry standard for IP data encryption that many businesses depend on for data transfer confidentiality and integrity. By encapsulating voice traffic in IPSEC, unencrypted traffic is rejected. It allows to create very secure configurations as unencrypted calls never leave the IP PBX.

Project Fort has two main goals:

• protection of data channels to and from IP PBX, including from mobile devices (Apple, Android)
• strict firewall rules on the IP PBX itself

Security of the system is enchanched thanks to two-phase authorization. On the first VPN phase, SIP client login credentials are used. As a second authentication factor, a PKI issued certificate is used. Such system is very secure against eavesdropping and tampering of voice data. If a certificate is compromised(phone lost), it is revoked to prevent third-party access to the system. A simplified scheme employing preshared keys can be used, although not recommended.