Understanding Cisco IP Telephony Authentication and Encryption Fundamentals

This chapter covers the following topics:

  • Explaining how file manipulation, tampering with call-processing signaling, man-in-the-middle attacks, eavesdropping, and IP phone and server identity theft can compromise a Cisco CallManager system
  • Explaining how the authentication and encryption mechanisms in a Cisco CallManager system protect against security threats
  • Explaining the role of CAPF, external CAs, MIC and LSC, CTLs, and Cisco CTL client
  • Explaining the PKI enrollment process in a Cisco IP telephony environment
  • Explaining where keys and certificates are stored in a Cisco IP telephony environment
  • Describing the processes of image authentication, device authentication, file authentication, and signaling authentication
  • Describing the processes and protocols used for signaling encryption and media encryption

Cisco IP telephony systems are subject to several threats, including eavesdropping, identity spoofing, and denial of service (DoS) attacks. In Cisco CallManager Release 4.0 and later, the Cisco IP telephony solution can be secured against these threats by enabling authentication and encryption features. This chapter explains how authentication and encryption can be applied in a Cisco IP telephony environment.

Категории