When it comes to security with VoIP, few options are available – I mean proven and widely available. One of the most secure method is certainly VPN with IPSec. It offers many advantages:
– encrypt traffic from source to destination
– widely available
– proven and robust
What you can do as well, is to fool most ISPs that don’t like VoIP very much (we wonder why 😉 . In some countries they simply filter 5060 or anything related to VoIP (H323).
A simple way to setup IPsec is to use racoon (available on most Linux distributions).
Typical settings are :
Security protocol: ESP(Encapsulating Security Protocol)
Encryption types: 3DES (Triple Data Encryption Algorithm)
Authentication algorithms: MD5 (Message-Digest Algorithm 5)
Authentication methods:PSK (pre-shared key)
Make sure that you share the same encryption key with the remote party – it can be anything.
You will find many tutorials on google explaining how to setup racoon – i recommend having a server with at least 2 ethernet interfaces so you can have the flexibility of encrypting a subset of your traffic, since maybe not all your traffic will need encryption.