02-08-2012 01:31 AM - edited 03-16-2019 09:28 AM
In the CUCM security guide, it says "The system does not support secure recording on authenticated phones." Also I understand from other Cisco documents(implement cisco unified call manager student guide) that to ensure the authenticity of encrypted packets, encryption is supported only if conbined with authentication(applied to both TLS and SRTP).
So is secured call recording really supported? If yes, how does it work?
Thanks a lot.
Solved! Go to Solution.
02-08-2012 03:19 AM
It is supported but the third-party recording server must also support it. There is an extra group called Allow Reception of SRTP Keying Material (or something similar). This group tells CUCM to share the SRTP symmetric key (aka the shared secret) with the recording server when asked for it. As soon as the recording server has the SRTP key it can decrypt the call just like the phones in the call. This SRTP key has to be protected by the TLS session to avoid being passed in the clear; authentication sets up that TLS session between each phone and CUCM.
02-08-2012 03:19 AM
It is supported but the third-party recording server must also support it. There is an extra group called Allow Reception of SRTP Keying Material (or something similar). This group tells CUCM to share the SRTP symmetric key (aka the shared secret) with the recording server when asked for it. As soon as the recording server has the SRTP key it can decrypt the call just like the phones in the call. This SRTP key has to be protected by the TLS session to avoid being passed in the clear; authentication sets up that TLS session between each phone and CUCM.
02-14-2012 07:18 PM
thanks Jonathan. i believe this should be the way how it works. will test it out during the implementation.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: