08-21-2008 06:29 PM - edited 03-18-2019 09:30 PM
Does Phone Proxy 1.0 offer encrypted communications or do you have to use the ASA to get encryption? My research says that the proxy doesn't offer any security between phone and proxy but I have a really upset customer and keeping my fingers crossed.
Thanks.
Cheers.
08-22-2008 09:01 AM
We have phone proxy 1.0 I will check for you.
Randy
We are a very secure site.
08-23-2008 09:21 AM
The phone uses TLS encryption to protect the session back to the ASA if setup properly. There are some DoS vulnerabilities to PhoneProxy though as it is not really authenticating the device in any way other than to bring up the TLS proxy. The UCM node that the ASA is pointed to is somewhat exposed to the outside world because of this, esp if a phone is lost/stolen as every phone uses the same key.
Also, I believe the first release does not support encrypting the PC Port but please confirm the docs. When I saw this in alpha form in a class, it wasn't there and no one was saying it would be...
08-26-2008 10:28 AM
The PhoneProxy appliance supports optional encryption. The encryption can be turned on just between the remote internet phones and the PP, without the need for encryption back to CCM
08-26-2008 04:41 PM
thank you all for your responses
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: