Cisco Cisco TelePresence MCU 4510 Maintenance Manual
Configuring encryption settings
Cisco TelePresence MCU Version 4.2 Printable online help
Page 176 of 252
Configuring encryption settings
You can configure the MCU to encrypt connections to and from H.323 and SIP endpoints.
The encryption technology that the MCU uses for encryption to and from H.323 endpoints is Advanced
Encryption Standard (AES).
Encryption Standard (AES).
The encryption technology that the MCU uses for encryption to and from SIP endpoints is Secure
Real-time Transport Protocol (SRTP).
Real-time Transport Protocol (SRTP).
To use encryption, you must have the Encryption feature key present on the MCU. For information
about installing feature keys, refer to
about installing feature keys, refer to
. To access encryption settings, go to
Settings > Encryption.
Encryption is used where both devices in a call agree to use encryption; by default if one of the
devices cannot use encryption (for example if a SIP endpoint does not support SRTP), the MCU will
allow the call to be unencrypted, unless the conference configuration dictates that encryption is
Required. Where encryption is required, calls that cannot used encryption will not be allowed.
devices cannot use encryption (for example if a SIP endpoint does not support SRTP), the MCU will
allow the call to be unencrypted, unless the conference configuration dictates that encryption is
Required. Where encryption is required, calls that cannot used encryption will not be allowed.
When encryption is in use to and from H.323 endpoints, the MCU will encrypt audio, video, and
content media. It does not encrypt control or authentication information.
content media. It does not encrypt control or authentication information.
When encryption is in use to and from SIP endpoints, the MCU will encrypt audio and video media
using SRTP. Control or authentication information can also be encrypted using TLS. For more
information refer to
using SRTP. Control or authentication information can also be encrypted using TLS. For more
information refer to
Using encryption with SIP
, below.
You can:
configure the MCU to advertise its ability to encrypt connections, such that it will use encryption if
an H.323 endpoint can use AES encryption.
an H.323 endpoint can use AES encryption.
configure the MCU to advertise its ability to encrypt connections, such that it will use encryption if
a SIP endpoint can use SRTP encryption.
a SIP endpoint can use SRTP encryption.
configure the MCU so that the default encryption option for new conferences is either Optional or
Required. Be aware that anyone creating a new conference will be able to set the encryption
setting for the conference to either Optional or Required.
Required. Be aware that anyone creating a new conference will be able to set the encryption
setting for the conference to either Optional or Required.
force new ad hoc conferences to use encryption (by correctly configuring the ad hoc conference
template, see
template, see
Using conference templates
).
Note that using encryption does not affect the number of ports that are available on the MCU.
Note that the MCU will not show thumbnail previews on the Conference participant page if
encryption is required for a conference. If you have the Show thumbnail images option selected on
the Settings > User interface page, thumbnail previews will be shown for conferences where
encryption is optional and there are encrypted participants.
encryption is required for a conference. If you have the Show thumbnail images option selected on
the Settings > User interface page, thumbnail previews will be shown for conferences where
encryption is optional and there are encrypted participants.
Refer to this table for assistance configuring the encryption settings. After making any configuration
changes, click Apply changes.
changes, click Apply changes.
Field
Field description
Usage tips
Encryption
status
status
Whether the MCU is able to use encryption
or not.
or not.
When encryption status is Enabled, the
MCU advertises itself as being able to use
encryption and will use encryption if
required to do so by an endpoint. If this
setting is Enabled, you can enable or
disable the use of encryption on a per-
conference basis.
MCU advertises itself as being able to use
encryption and will use encryption if
required to do so by an endpoint. If this
setting is Enabled, you can enable or
disable the use of encryption on a per-
conference basis.
If this setting is Disabled, no conference
will be able to use encryption.
will be able to use encryption.