Manualsbrain.com
  1. Manuals
  2. Brands
  3. Cisco
  4. Cisco WebEx Meeting Center WBS31
  5. White Paper

Cisco Cisco WebEx Meeting Center WBS31 White Paper

Download
Page of 12
Web Conferencing: Unleash the Power of Secure Real-Time Collaboration
White Paper
Cisco Public
© 2016 Cisco and/or its affiliates. All rights reserved.
5
Cisco WebEx meeting sessions use switching 
equipment located in multiple data centers around 
the world. These data centers are strategically 
placed near major Internet access points and use 
dedicated high-bandwidth fiber to route traffic 
around the globe. Cisco operates the entire 
infrastructure within the Cisco WebEx Cloud with 
industry-standard enterprise security.
Additionally, Cisco operates network point-of-
presence (PoP) locations that facilitate backbone 
connections, Internet peering, global site backup, 
and caching technologies to enhance performance 
and availability for end users.
Physical Security
Physical security at the data center includes video 
surveillance for facilities and buildings and enforced 
two-factor identification for entry. Within Cisco data 
centers, access is controlled through a combination 
of badge readers and biometric controls. In addition, 
environmental controls (for example, temperature 
sensors and fire-suppression systems) and service 
continuity infrastructure (for example, power backup) 
help ensure that systems run without interruption.
Within the data centers are also “trust zones,” 
or segmented access to equipment based on 
infrastructure sensitivity. For example, databases are 
“caged”: the network infrastructure has dedicated 
rooms and racks are locked. Only Cisco security 
personnel and authorized visitors accompanied by 
Cisco personnel can enter the data centers.
Cisco’s production network is a highly trusted 
network: only very few people with high trust levels 
have access to the network.
Infrastructure and Platform Security
Platform security encompasses the security of the 
network, systems, and the overall data center within 
the Cisco Collaboration Cloud. All systems undergo 
a thorough security review and acceptance validation 
prior to production deployment, as well as regular 
ongoing hardening, security patching, and vulnerability 
scanning and assessment.
All systems undergo a thorough security review and 
acceptance validation prior to production deployment. 
Servers are hardened using the Security Technical 
Implementation Guidelines (STIGs) published by 
the National Institute of Standards and Technology 
(NIST). Firewalls protect the network perimeter and 
firewalls. Access control lists (ACLs) segregate 
the different security zones. There are intrusion 
detection systems (IDSs) in place, and activities 
are logged and monitored on continuous basis. 
There are daily internal and external security scans 
of Cisco WebEx Cloud. All systems are hardened 
and patched as part of the regular maintenance. 
Additionally, vulnerability scanning and assessments 
are performed continuously.
Service continuity and disaster recovery are critical 
components of security planning. Cisco data 
center’s global site backups and high-availability 
design help enables the geographic failover of Cisco 
WebEx services. There is no single point of failure.
Cisco WebEx Application 
Security
Cryptography
Encryption at Run Time
All communications between Cisco WebEx 
applications and Cisco WebEx Cloud occur over 
encrypted channels. Cisco WebEx supports the TLS 
1.0, TLS 1.1, and TLS 1.2 protocols and uses high-
strength ciphers (for example, AES 256).
1
After a session is established over TLS, all media 
streams (audio VOIP, video, screen share, and 
document share) are encrypted.
2
User Datagram Protocol (UDP) is the preferred 
protocol for transmitting media. In UDP, media 
packets are encrypted using AES 128. The 
initial key exchange happens on a TLS-secured 
channel. Additionally, each datagram uses hashed-
based message authentication code (HMAC) for 
authentication and integrity.
Actual encryption protocol and strength depend on the OS and browser settings, based on which a host negotiates connections with 
Cisco WebEx.
Users connecting to a CMR Cloud meeting using a third-party video endpoint may be sending and receiving unencrypted media 
streams. Configuring your firewall to prevent unencrypted traffic to and from Cisco WebEx helps keep your meetings safe. However, 
allowing attendees outside your firewall to join your meeting using third-party devices can still send your meeting data unencrypted on 
the Internet.