Understanding Cisco IP Telephony Authentication and Encryption Fundamentals
This chapter covers the following topics:
Explaining how file manipulation, tampering with call-processing signaling, man-in-the-middle attacks, eavesdropping, and IP phone and server identity theft can compromise a Cisco CallManager system
Explaining how the authentication and encryption mechanisms in a Cisco CallManager system protect against security threats
Explaining the role of CAPF, external CAs, MIC and LSC, CTLs, and Cisco CTL client
Explaining the PKI enrollment process in a Cisco IP telephony environment
Explaining where keys and certificates are stored in a Cisco IP telephony environment
Describing the processes of image authentication, device authentication, file authentication, and signaling authentication
Describing the processes and protocols used for signaling encryption and media encryption
Cisco IP telephony systems are subject to several threats, including eavesdropping, identity spoofing, and denial of service (DoS) attacks. In Cisco CallManager Release 4.0 and later, the Cisco IP telephony solution can be secured against these threats by enabling authentication and encryption features. This chapter explains how authentication and encryption can be applied in a Cisco IP telephony environment.