call encryption

Unanswered Question
May 8th, 2009
User Badges:

I have kind of a novice question about call security/encryption.


Currently, we do not encrypt calls. To encrypt calls between the phones and CM, it is just as simple as setting the Enterprise Paramter for Device Security Mode to Encrypted and then resetting all phones? (All phones' Device Security Modes are already set to use System Default.)


This seems too simple, which is why any advice and/or links to config references would be appreciated. Thanks in advance.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
Loading.
Jaime Valencia Fri, 05/08/2009 - 06:54
User Badges:
  • Cisco Employee,
  • Hall of Fame,

    2011

no, it's not as simple, you need to order the softokens which contain the encyption keys in order to use this, then go thru the CAPF configuration for all servers with the certificates, if you want also for MGCP exchange certificates, etc


also signaling is encrypted between CUCM and phones, RTP between endpoints.


Security Overview

http://www.cisco.com/en/US/docs/voice_ip_comm/cucmbe/security/6_1_1/secuview.html


Once you've gone thru the whole certificate and CAPF process... then it's as simple as changing that parameter


HTH


java


if this helps, please rate

Actions

This Discussion