Back-to-Back SRTP Termination

Back-to-back SRTP termination is illustrated in the following figure.

Initial processing is similar to the single-ended termination described above. Before forwarding the request to the called party, the Net-Net ESD replaces the original crypto attribute with a new one whose crypto attribute conforms to the media security policy for the outbound realm/interface. Upon receiving the answer from the called party, the Net-Net ESD accepts or rejects it, again based upon conformity to the media security policy. If accepted, the Oracle® Enterprise Session Border Controller replaces the original crypto attribute from the called party with its own to form a new SDP, which it forwards back to the calling party. At this point, SRTP media sessions are established on both sides for both calling and called parties.

Refer to ACLI Example Configurations for a sample ACLI configuration.