Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Security token

Hi, we are trying to run encryption between phones and during instalation of CTL client we were asked for security token. We dont have it and we arent sure if we are supposed to have it. Is USB security token in standard package of CCM server and software? Thanks a lot.

3 REPLIES
Cisco Employee

Re: Security token

yes, you're supposed to have it

no, it's a separate item which needs to be purchased.

you need 2 of them to enable security

HTH

java

if this helps, please rate

HTH

java

if this helps, please rate

www.cisco.com/go/pdi
New Member

Re: Security token

Hi,

I have 2 of them...where can i find a good procedure on how to install/implement security on the phones?

If i can show it to the customer,we are talking about a deal of 15000 phones here...

So any feedback would be greatly appreciated.

Kurt

Super Bronze

Re: Security token

Hi All

A few comments; I've recently deployed this for one of my customers and found a few things:

1) You need at least two security tokens from Cisco (not sure if other ones will work or not, I've not tried).

2) Most phones support SRTP, with some exceptions. Check the data sheets for whatever models you use... once the cluster is in mixed security mode, it's largely just a matter of creating phone security profiles, ensuring phones have valid certificates (which can be done via BAT) and assigning the security profiles.

Detail of this stuff is in the Security Administration Guide for your version e.g:

http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/security/5_1_3/sec513.html

3) If you want to run SRTP to a gateway, that gateway will require Advanced IP Services, or Advanced Enterprise services. This IOS is also required for secure SRST, secure conference, secure transcoding etc.

4) Confernecing, MTP based in software on callmanager do NOT support SRTP. You need hardware conference or transcoder resources for this.

Some docs:

Conferencing & XCODEing SRTP

http://www.cisco.com/en/US/docs/ios/12_4t/12_4t15/itsdsp.html

Gateways and SRTP

http://www.cisco.com/en/US/docs/ios/12_3t/12_3t11/feature/guide/gtsecure.html

Secure SRST (the most tricky)

http://www.cisco.com/en/US/docs/voice_ip_comm/cusrst/admin/srst/configuration/guide/sr_scur1.html

http://www.cisco.com/en/US/products/sw/voicesw/ps2169/products_configuration_example09186a0080509462.shtml

http://www.cisco.com/en/US/products/sw/voicesw/ps2169/products_configuration_guide_chapter09186a00806674c7.html

Regards

Aaron

Aaron Please remember to rate helpful posts to identify useful responses, and mark 'Answered' if appropriate!
648
Views
4
Helpful
3
Replies
CreatePlease to create content