BOM (Bill of Materials, which is not to be provide by me)
- To have Military grade encription:
- at least Class 2 SSL certificate for the PBX Server, I don't think self signed cert be meet military grade, even thought it seems. This can be costly when you a issuing a certificates for each device, since this is a phone (you may want to think if this is necessary and using self-signed Cert instead).
- DNS server to support TXT records of _tls._tcp
- to handle 10 people in conference:
- 98kbps * 10 channels * 1.23 factors (assume using g711 (ulaw) codec + SIPS + SRTP)
- Asterisk, with FreePBX GUI + some modification hacks
- Asterisk is a console software very costly to maintain, even it cost you very cheap to setup, with FreePBX GUI, you can maintain Asterisk much easier, which also comes with many modules to assist you enhance your PBX features, and reduce your long term maintenance.
- VMWare (since your are only talking about 10 channels, which is less than 50 channels, to reduce your long term maintenance cost, and for possibility for change management, vmware is important to make this installation easier, compatibility, long run maintenance, and for our easy support to you
- SSHD (if you are going to use Open Source OS)(you will need a remote control software for us to install, support to your PC, at the same time the RDP will also best to open as backup remote control method, teamviewer shall also be considered, just in case of connection)
- VNC+RDP (if you are going to use Microsoft OS)(you will need a remote control software for us to install, support to your PC, at the same time the RDP will also best to open as backup remote control method, teamviewer shall also be considered, just in case of connection)
- Hardware needed:
- Standard Computer (to start with, later can upgrade to appliance)
- Router (capable of doing "port range" forwarding, note the range is important, or it may be become very difficult to forward RTP packets ports)(the Router shall also has QoS for VoIP, so that you voice don't trim off while your network is accessing other internet functions, a good firewall may also be considered down the track)
- ATA OR FXO card:cost about USD50 (I will suggest Linksys SPA3102 ATA which come with 1 1 VoIP hand set, 1 PSTN normal line, TLS/SRTP)
NOTE: Military grade security cannot be achieve on iphone device, unless you are only considering the middle of the tunnel, not the end-point of the tunnel (I am sorry to tell you that, but this is true, you may want to considerred using android based phone)
NOTE: It depends on what OS are you using one the Laptops, difficult tasks and security auditing need to be done in order to really prevent MITM attack. Real security on TLS/SSL is not as easy as many people thinks. Also it is secury today does not mean it will be secure tomorrow, especially for device your user can carry away from physical secure locations. So, here we will only implement simple methodoloty, and of course Certificate Store Protection from installing Trusted Root CA.
NOTE: "no secure data it is saved in the device at any time" How can this be done? Are you going lock down the whole device (iphone and lapton)? Or you just simple considerred from phone software point of view? Are you considerred this from user originted, or from the soft phone architect (such as buffer/cache) point of view???
NOTE: If Open Source Software is used, IT will follow Open Source License Agreement. If third-party software modules were used, I cannot give it to you. Any source code written by me will be given to you.
NOTE: my quote only include labors.
NOTE: My delivery time is based once you have the listed BOM ready
Look forward to do business with you.