Security
When deploying a wireless LAN, security is essential.
The Cisco Unified IP Phone 9971 supports the following wireless security features.
WLAN Authentication
WPA (802.1x authentication + TKIP or AES encryption)
•
WPA2 (802.1x authentication + AES or TKIP encryption)
•
WPA-PSK (Pre-Shared key + TKIP encryption)
•
WPA2-PSK (Pre-Shared key + AES encryption)
•
EAP-FAST (Extensible Authentication Protocol - Flexible Authentication via Secure Tunneling)
•
LEAP (Lightweight Extensible Authentication Protocol)
•
CCKM (Cisco Centralized Key Management)
•
Open
•
Shared Key
•
WLAN Encryption
AES (Advanced Encryption Scheme)
•
TKIP / MIC (Temporal Key Integrity Protocol / Message Integrity Check)
•
WEP (Wired Equivalent Protocol) 40/64 and 104/128 bit
•
The Cisco Unified IP Phone 9971 also supports the following additional security features.
Image authentication
•
Device authentication
•
File authentication
•
Signaling authentication
•
Secure Cisco Unified SRST
•
Media encryption (SRTP)
•
Signaling encryption (TLS)
•
Certificate authority proxy function (CAPF)
•
Secure profiles
•
Encrypted configuration files
•
Settings Access (can limit user access to configuration menus)
•
Extensible Authentication Protocol - Flexible Authentication via Secure
Tunneling (EAP-FAST)
Extensible Authentication Protocol - Flexible Authentication via Secure Tunneling (EAP-FAST) encrypts EAP transactions
within a Transport Level Security (TLS) tunnel between the access point and the Remote Authentication Dial-in User Service
(RADIUS) server such as the Cisco Access Control Server (ACS).
Cisco Unified IP Phone 9971 Wireless LAN Deployment Guide
17