Table of Contents
Advertisement
Understanding Security Features for Cisco Unified IP Phones
Table 1-6
Security Restrictions with Conference Calls (continued)
Initiator's Phone
Security Level
Feature Used
Secure (encrypted
Conference
or authenticated)
Secure (encrypted) Join
Non-secure
cBarge
Non-secure
MeetMe
Secure (encrypted) MeetMe
Secure (encrypted) MeetMe
Supporting 802.1X Authentication on Cisco Unified IP Phones
These sections provide information about 802.1X support on the Cisco Unified IP Phones:
•
•
•
Overview
Cisco Unified IP phones and Cisco Catalyst switches have traditionally used Cisco Discovery Protocol
(CDP) to identify each other and determine parameters such as VLAN allocation and inline power
requirements. However, CDP is not used to identify any locally attached PCs; therefore, Cisco Unified
IP Phones provide an EAPOL pass-through mechanism, whereby a PC locally attached to the IP phone,
may pass through EAPOL messages to the 802.1X authenticator in the LAN switch. This prevents the
IP phone from having to act as the authenticator, yet allows the LAN switch to authenticate a data end
point prior to accessing the network.
In conjunction with the EAPOL pass-through mechanism, Cisco Unified IP Phones provide a proxy
EAPOL-Logoff mechanism. In the event that the locally attached PC is disconnected from the IP phone,
the LAN switch would not see the physical link fail, because the link between the LAN switch and the
Cisco Unified IP Phone Administration Guide for Cisco Unified Communications Manager 8.0 (SCCP and SIP)
1-18
Security Level of Participants
For Cisco Unified IP Phones
7962G and 7942G:
Encrypted or secure
For Cisco Unified IP Phones
7961G and 7941G:
Member puts call on Hold with
MOH
Encrypted or authenticated
All participants are encrypted
Minimum security level is
encrypted
Minimum security level is
authenticated
Minimum security level is
non-secure
Overview, page 1-18
Required Network Components, page 1-19
Best Practices—Requirements and Recommendations, page 1-19
Chapter 1
An Overview of the Cisco Unified IP Phone
Results of Action
For Cisco Unified IP Phones 7962G and 7942G:
Conference remains secure. When one participant
tries to hold the call with MOH, the MOH does not
play.
For Cisco Unified IP Phones 7961G and 7941G:
No music on hold is played
Conference remains secure.
Secure conference bridge
Conference remains secure (encrypted or
authenticated)
Secure conference bridge
Conference changes to non-secure
Initiator receives message "Does not meet Security
Level", call rejected.
Secure conference bridge
Conference accepts encrypted and authenticated
calls
Only secure conference bridge available and used
Conference accepts all calls
OL-21011-01
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
