TIMC Security
This content is no longer actively maintained. It is provided as is, for anyone who may still be using these technologies, with no warranties or claims of accuracy with regard to the most recent product version or service release.
The Telephony Interface Manager Connector (TIMC) is a special Speech Server SIP peer that enables Telephony Interface Manager (TIM)-based telephony boards to communicate with Speech Server. When using TIMC, consider the following security issues for SIP and audio communications.
TIMC SIP Communications
TIMC manages call sessions using SIP messages between itself and Speech Server. If Speech Server and TIMC are on separate computers, these SIP messages can be monitored and used in a malicious manner. By default, SIP communications are not encrypted. To help secure the connection between TIMC and Speech Server, use Mutual Transport Layer Security (TLS), which encrypts the transmission and requires digital certificates to authenticate the endpoints. For more information about setting up the certificate for the computer running Speech Server, see How to: Set Up a Certificate for Secure SIP Peer Communication. For more information about setting up TIMC for Mutual TLS connections, see How to: Configure a SIP Peer for Mutual TLS.
TIMC Audio Communications
Unlike SIP messages, audio communications stream directly between the TIM-based telephony board and Speech Server using TCPSR and TCPTTS protocols. If Speech Server and TIMC are on separate computers, audio carrying sensitive data about callers can be monitored. By default, audio communications are not encrypted. To help secure the audio connection between the TIM-based telephony board and Speech Server, use IP Security Protocol (IPSec) to establish a virtual private network (VPN) between the two endpoints. IPSec is configured using IP Security Policies within local security settings. For more information, see Internet Protocol Security.
Note
When using TIMC as the SIP peer, you must deactivate Secure Real-time Transport Protocol (RTP) for applications in the deployment that are using this setting. For more information, see How to: Configure an Application for Secure RTP Communications.
TIMC Control Communications
TIMC receives remoting messages from Speech Server that control its behavior during a call. A malicious user on your network might be able to interfere with calls in progress between TIMC and Speech Server by sending malicious control messages, even if they cannot monitor communications between TIMC and Speech Server. To prevent this, you must ensure that no untrusted servers are able to contact TIMC.