The SSL and TLS
protocols have traditionally been used to secure streaming traffic. Both of
these protocols are based on TCP, which is very slow. In addition, TLS cannot
handle lost or reordered packets.
UDP is the
preferred protocol for audio and video applications, such as Lync, Skype,
iTunes, YouTube, training videos, and flash. However, UDP is not secure or
reliable. The DTLS protocol is designed to secure data over UDP and is used for
applications such as media streaming, VOIP, and online gaming for
communication. In DTLS, each handshake message is assigned a specific sequence
number within that handshake. When a peer receives a handshake message, it can
quickly determine whether that message is the next one expected. If it is, the
peer processes the message. If not, the message is queued for handling after
all the previous messages have been received.
You must create a
DTLS virtual server and a service of type UDP. By default, a DTLS profile
(nsdtls_default_profile) is bound to the virtual server.
Optionally, you can create and bind a user-defined DTLS profile to the virtual
Note: RC4 ciphers are not supported on a DTLS virtual server.