Cisco Systems ASA 5580 Manual De Usuario

The TLS signaling connections from the Cisco UCM are terminated on the adaptive security appliance 
and a TCP or TLS connection is initiated to the Cisco UCM. SRTP (media) sent from external IP phones 
to the internal network IP phone via the adaptive security appliance is converted to RTP. The adaptive 
security appliance inserts itself into the media path by modifying the SIP signaling messages that are 
sent over the SIP trunk between Cisco UCMs. TLS (signaling) and SRTP are always terminated on the 
adaptive security appliance. 

If signaling problems occur, the call falls back to the PSTN; however, the Cisco UCM initiates the PSTN 
fall back and the adaptive security appliance does not send REFER message.

This section includes the following topics:

Within the enterprise, Cisco Intercompany Media Engine is deployed with the following components for 
the following purposes: 

The adaptive security appliance—Enabled with the Cisco Intercompany Media Engine Proxy, 
provides perimeter security functions and inspects SIP signaling between SIP trunks.

Cisco Intercompany Media Engine (UC-IME) server— Located in the DMZ, provides an automated 
provisioning service by learning new VoIP routes to particular phone numbers, and recording those 
routes in Cisco UCM. The Cisco Intercompany Media Engine server does not perform call control.

Cisco Unified Communications Manager (Cisco UCM)—Responsible for call control and 
processing. Cisco UCM connects to the Cisco Intercompany Media Engine server by using the 
Access Protocol to publish and exchange updates. The architecture can consist of a single Cisco 
UCM or a Cisco UCM cluster within the enterprise. 

Cisco Intercompany Media Engine (UC-IME) Bootstrap server—Provides a certificate required 
admission onto the public peer-to-peer network for Cisco Intercompany Media Engine. 

 illustrates the components of the Cisco Intercompany Media Engine in a basic deployment.