Cisco 8831NR Administration Manual page 33

Unified ip conference phone

Hide thumbs Also See for 8831NR:

User manual (88 pages)

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

Table of Contents

Cisco Unified IP Conference Phone 8831 and 8831NR

Feature

File authentication

Signalling Authentication

Manufacturing installed certificate

Secure SRST reference

Media encryption

CAPF (Certificate Authority Proxy Function)

Security profiles

Encrypted configuration files

Optional disabling of the web server functionality for

a conference phone

Description

Validates digitally signed files that the conference

phone downloads. The conference phone validates

the signature to make sure that file tampering did not

occur after the file creation. Files that fail

authentication are not written to Flash memory on the

conference phone. The conference phone rejects such

files without further processing.

Uses the TLS protocol to validate that no tampering

has occurred to signalling packets during transmission.

Each conference phone contains a unique

manufacturing installed certificate (MIC), which is

used for device authentication. The MIC is a

permanent unique proof of identity for the conference

phone, and allows Cisco Unified Communications

Manager to authenticate the phone.

After you configure a SRST reference for security

and then reset the dependent devices in Cisco Unified

Communications Manager Administration, the TFTP

server adds the SRST certificate to the cnf.xml file

and sends the file to the phone. A secure phone then

uses a TLS connection to interact with the

SRST-enabled router.

Uses SRTP to ensure that the media streams between

supported devices proves secure and that only the

intended device receives and reads the data. Includes

creating a media primary key pair for the devices,

delivering the keys to the devices, and securing the

delivery of the keys while the keys are in transport.

Implements parts of the certificate generation

procedure that are too processing-intensive for the

conference phone, and interacts with the conference

phone for key generation and certificate installation.

The CAPF can be configured to request certificates

from customer-specified certificate authorities on

behalf of the conference phone, or it can be configured

to generate certificates locally.

Defines whether the conference phone is nonsecure

or encrypted.

Allows you to ensure the privacy of phone

configuration files.

You can prevent access to a conference phone web

page, which displays a variety of operational statistics

for the conference phone.

Cisco Unified IP Conference Phone 8831 and 8831NR Administration Guide

Supported Security Features

Table of Contents

Chapters

Table of Contents

This manual is also suitable for:

8831

Cisco 8831NR Administration Manual page 33

Chapters

Related Manuals for Cisco 8831NR

Related Products for Cisco 8831NR

This manual is also suitable for:

Table of Contents