Provide Encryption For Barge - Cisco 9971 Administration Manual

A protected phone plays a tone or not under these circumstances:
• When the Play Secure Indication Tone option is enabled:
◦ When end-to-end secure media is established and the call status is secure, the phone plays the
◦ When end-to-end nonsecure media is established and the call status is nonsecure, the phone plays
If the Play Secure Indication Tone option is disabled, no tone plays.
Note Secure calling is supported between two phones. For protected phones, some features, such as conference
calling, shared lines, and Extension Mobility, are not available when secure calling is configured.

Provide Encryption for Barge

Cisco Unified Communications Manager checks the phone security status when conferences are established
and changes the security indication for the conference or blocks the completion of the call to maintain integrity
and security in the system.
A user cannot barge into an encrypted call if the phone that is used to barge is not configured for encryption.
When barge fails in this case, a reorder (fast busy) tone plays on the phone that the barge was initiated.
If the initiator phone is configured for encryption, the barge initiator can barge into a nonsecure call from the
encrypted phone. After the barge occurs, Cisco Unified Communications Manager classifies the call as
nonsecure.
If the initiator phone is configured for encryption, the barge initiator can barge into an encrypted call, and the
phone indicates that the call is encrypted.
WLAN Security
Because all WLAN devices that are within range can receive all other WLAN traffic, securing voice
communications is critical in WLANs. To ensure that intruders do not manipulate nor intercept voice traffic,
the Cisco SAFE Security architecture supports the Cisco Unified IP Phone and Cisco Aironet APs. For more
information about security in networks, see
program_home.html.
The Cisco Wireless IP telephony solution provides wireless network security that prevents unauthorized
sign-ins and compromised communications by using the following authentication methods that the wireless
Cisco Unified IP Phone 9971 supports:
• Open Authentication: Any wireless device can request authentication in an open system. The AP that
receives the request may grant authentication to any requestor or only to requestors that are found on a
list of users. Communication between the wireless device and AP could be nonencrypted or devices can
use Wired Equivalent Privacy (WEP) keys to provide security. Devices that use WEP only attempt to
authenticate with an AP that is using WEP.
• Shared Key Authentication: The AP sends an unencrypted challenge text string to any device that attempts
to communicate with the AP. The device that is requesting authentication uses a preconfigured WEP
key to encrypt the challenge text and sends it back to the AP. If the challenge text is encrypted correctly,
Cisco Unified IP Phone 8961, 9951, and 9971 Administration Guide for Cisco Unified Communications Manager 10.0
secure indication tone (three long beeps with pauses).
the nonsecure indication tone (six short beeps with brief pauses).
http://www.cisco.com/en/US/netsol/ns744/networking_solutions_
Supported Security Features
167