Encrypted Calls; Encryption Check Code For H.323 Point-To-Point Calls; Verify Encryption Check Codes - Polycom realpresence group series User Manual

Encrypted Calls

If encryption is enabled on the system, a locked padlock
encrypted. If a call is not encrypted, an open padlock appears on the monitor screen.
● If you are in a point-to-point call or a multipoint call hosted by another system, the padlock icon
displays the state of your individual connection.
● If you are hosting a multipoint call, the padlock icon displays the combined state of all connections:
encrypted if all connections in the call are encrypted, unencrypted if one or more connections in the
call are not encrypted.
In one call, some connections might be encrypted while others are not. However, the padlock icon might not
accurately indicate whether the call is encrypted if the call is cascaded or includes an audio-only endpoint.
If encryption is required on your system, the far end must support encryption or the call will not be
completed.
Note: Communicate state of padlock icons
To avoid security risks, Polycom recommends that all participants communicate the state of their
padlock icons verbally at the beginning of a call.

Encryption Check Code for H.323 Point-to-Point Calls

To provide extra security for encrypted H.323 calls, the RealPresence Group system provides an encryption
check code. Participants in a call can use this check code to verify that their call is not being intercepted by
a third party. This mechanism is most useful for point-to-point calling; in externally-hosted multipoint calls,
check code numbers do not match any other numbers in the call.
The check code is a 16-digit hexadecimal number that is calculated so that the number is the same at both
sites in the call. The numbers are identical if, and only if, the calculation uses data exclusively from the two
sites in the call, with no data being intercepted and modified by a third party.

Verify Encryption Check Codes

Polycom recommends verifying check codes at each site to protect against third-party eavesdropping on
H.323 point-to-point calls.
To verify the check codes match:
1 Place an encrypted H.323 point-to-point call between two sites.
2 Select on your remote control, then navigate to Settings > System Information > Call
Statistics.
3 At Call Encryption, locate the 16-digit check code as in the following example:
ABC-123/ab-1234 / 1a2b34c99009d66e
4 Verbally verify that the check code is the same at both sites.
5 Do one of the following:
 If the codes match, the call is secure. Proceed with the call.
 If the codes do not match and the call is not a multipoint call on an external MCU, the call might
be compromised. Hang up the call and contact your system administrator.
Polycom, Inc.
appears on the monitor screen when a call is
20