Set Up Aes Encryption For Svc Calls; Verify H.323 Media Encryption - Polycom RealPresence Group Series Administrator's Manual
Hide thumbs
Also See for RealPresence Group Series:
- Reference manual (425 pages) ,
- Administrator's manual (276 pages) ,
- User manual (113 pages)
Table of Contents
Advertisement
2. Click SIP to expand the section.
3. In the Transport Protocol list, select TLS.
4. Click Save.
Related Links
Configuring Encryption Settings for SVC Calls
Set Up AES Encryption for SVC Calls
You can set up AES encryption for SVC calls for the RealPresence Group Series system.
Procedure
1. In the system web interface, go to Admin Settings > Security > Global Security.
2. Click Encryption to expand the section.
3. In the Require AES Encryption for Calls list, select When Available, Required for Video Calls
Only, or Required for All Calls.
4. Click Save.
Related Links
Configuring Encryption Settings for SVC Calls
Verify H.323 Media Encryption
To provide extra security for encrypted H.323 calls, the RealPresence Group Series system provides an
encryption check code. Both parties in a call can use this check code to verify that their call is not being
intercepted by a 3rd party.
The check code is a 16-digit hexadecimal number that is calculated so that the number is the same at
both sites in the call. The numbers are identical if, and only if, the key generation algorithm is performed
between the two sites in the call and is not intercepted and modified by a 3rd party.
Procedure
1. Establish an encrypted H.323 call between two sites.
2. At each site, locate the Call Statistics information on the Place a Call screen of the system web
interface.
The check code also displays under Diagnostics > System > Call Statistics in the Transmit
column of the Call Encryption section.
3. Verbally verify that the code is the same at both sites.
4. Do one of the following:
•
If the codes match, the call is secure. Proceed with the call.
•
If the codes do not match, then there is a possibility that the key exchange is compromised.
Hang up the call. Next, check the network path from the local system to the far-end system
to determine if the systems are experiencing a Man in the Middle attack. This occurs when a
foreign device tricks the local system into creating an encryption key using information from
the imposter. Then, the imposter can decode the data sent by the local system and
eavesdrop on the call.
Polycom, Inc.
on page 98
on page 98
Securing the System
99
Advertisement
Chapters
Table of Contents
Troubleshooting
