call encryption

Unanswered Question
May 8th, 2009

I have kind of a novice question about call security/encryption.

Currently, we do not encrypt calls. To encrypt calls between the phones and CM, it is just as simple as setting the Enterprise Paramter for Device Security Mode to Encrypted and then resetting all phones? (All phones' Device Security Modes are already set to use System Default.)

This seems too simple, which is why any advice and/or links to config references would be appreciated. Thanks in advance.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
Loading.
Jaime Valencia Fri, 05/08/2009 - 06:54

no, it's not as simple, you need to order the softokens which contain the encyption keys in order to use this, then go thru the CAPF configuration for all servers with the certificates, if you want also for MGCP exchange certificates, etc

also signaling is encrypted between CUCM and phones, RTP between endpoints.

Security Overview

http://www.cisco.com/en/US/docs/voice_ip_comm/cucmbe/security/6_1_1/secuview.html

Once you've gone thru the whole certificate and CAPF process... then it's as simple as changing that parameter

HTH

java

if this helps, please rate

Actions

This Discussion