Provide Encryption For Barge; Wlan Security - Cisco 8832 Administration Manual

Provide Encryption for Barge

A protected phone plays a tone or not under these circumstances:
• When the Play Secure Indication Tone option is enabled:
If the Play Secure Indication Tone option is disabled, no tone plays.
Note
Secure calling is supported between two phones. For protected phones, some features, such as conference
calling, shared lines, and Extension Mobility, are not available when secure calling is configured.
Provide Encryption for Barge
Cisco Unified Communications Manager checks the phone security status when conferences are established
and changes the security indication for the conference or blocks the completion of the call to maintain integrity
and security in the system.
A user cannot barge into an encrypted call if the phone that is used to barge is not configured for encryption.
When barge fails in this case, a reorder (fast busy) tone plays on the phone that the barge was initiated.
If the initiator phone is configured for encryption, the barge initiator can barge into a nonsecure call from the
encrypted phone. After the barge occurs, Cisco Unified Communications Manager classifies the call as
nonsecure.
If the initiator phone is configured for encryption, the barge initiator can barge into an encrypted call, and the
phone indicates that the call is encrypted.

WLAN Security

Because all WLAN devices that are within range can receive all other WLAN traffic, securing voice
communications is critical in WLANs. To ensure that intruders do not manipulate nor intercept voice traffic,
the Cisco SAFE Security architecture supports the Cisco IP Phone and Cisco Aironet APs. For more information
about security in networks, see
http://www.cisco.com/en/US/netsol/ns744/networking_solutions_program_home.html.
The Cisco Wireless IP telephony solution provides wireless network security that prevents unauthorized
sign-ins and compromised communications by using the following authentication methods that the wireless
Cisco IP Phone supports:
• Open Authentication: Any wireless device can request authentication in an open system. The AP that
• Extensible Authentication Protocol-Flexible Authentication via Secure Tunneling (EAP-FAST)
Cisco IP Conference Phone 8832 Administration Guide for Cisco Unified Communications Manager
76
• When end-to-end secure media is established and the call status is secure, the phone plays the secure
indication tone (three long beeps with pauses).
• When end-to-end nonsecure media is established and the call status is nonsecure, the phone plays
the nonsecure indication tone (six short beeps with brief pauses).
receives the request may grant authentication to any requestor or only to requestors that are found on a
list of users. Communication between the wireless device and AP could be nonencrypted or devices can
use Wired Equivalent Privacy (WEP) keys to provide security. Devices that use WEP only attempt to
authenticate with an AP that is using WEP.
Authentication: This client server security architecture encrypts EAP transactions within a Transport
Level Security (TLS) tunnel between the AP and the RADIUS server, such as the Cisco Access Control
Server (ACS).
Cisco IP Conference Phone Administration