1. Manuals
  2. Brands
  3. Cisco Manuals
  4. Network Hardware
  5. SPA901-UK - Small Business Pro
  6. Provisioning manual

How Https Works; Server Certificate - Cisco SPA901-UK - Small Business Pro Provisioning Manual

Voice system, voice gateways, and ip telephones
Hide thumbs
Table of Contents

Advertisement

Provisioning Cisco Small Business VoIP Devices
Using HTTPS
Cisco Small Business IP Telephony Devices Provisioning Guide

How HTTPS Works

HTTPS encrypts the communication between a client and a server, protecting the
message contents from other network devices. The encryption method for the
body of the communication between a client and a server is based on symmetric
key cryptography. With symmetric key cryptography, a single secret key is shared
by a client and a server over a secure channel protected by Public/Private key
encryption.
Messages encrypted by the secret key can only be decrypted using the same
key. HTTPS supports a wide range of symmetric encryption algorithms. The IP
Telephony device implements up to 256-bit symmetric encryption, using the
American Encryption Standard (AES), in addition to 128-bit RC4.
HTTPS also provides for the authentication of a server and a client engaged in a
secure transaction. This feature ensures that a provisioning server and an
individual client cannot be spoofed by other devices on the network. This is an
essential capability in the context of remote endpoint provisioning.
Server and client authentication is performed by using public/private key
encryption with a certificate that contains the public key. Text that is encrypted
with a public key can be decrypted only by its corresponding private key (and
vice versa). The IP Telephony device supports the RSA algorithm for public/
private key cryptography.

Server Certificate

Each secure provisioning server is issued a SSL server certificate, directly signed
by Cisco. The firmware running on the IP Telephony device recognizes only a
Cisco certificate as valid. When a client connects to a server by using HTTPS, it
rejects any server certificate that is not signed by Cisco.
This mechanism protects the service provider from unauthorized access to the IP
Telephony device, or any attempt to spoof the provisioning server. Without such
protection, an attacker might be able to reprovision the IP Telephony device, to
gain configuration information, or to use a different VoIP service.
1
17

Advertisement

Table of Contents
loading

Related Manuals for Cisco SPA901-UK - Small Business Pro

Related Content for Cisco SPA901-UK - Small Business Pro

This manual is also suitable for:

Spa9000Pap2tSpa2102Spa3102Spa8000Wrp400 ... Show all

Table of Contents