Chapter1 An Overview of the Cisco Unified IP Phone
Understanding Security Features for Cisco Unified IP Phones
1-18
Cisco Unified IP Phone Administration Guide for Cisco Unified CallManager 5.1 (SIP), Cisco Unified IP Phones
OL-11524-01
In an encrypted call, all devices participating in the establishment of the call are
authenticated by the CiscoUnified CallManager. In addition, call signaling and
media streams are encrypted. An encrypted call offers the highest level of
security, providing integrity and privacy to the call. When a call in progress is
being encrypted, the call progress icon to the right of the call duration timer in the
phone LCD screen changes to the following icon:
Note If the call is routed through non-IP call legs, for example, H.323 or PSTN, the call
will be nonsecure even though it is encrypted within the IP network and has a lock
icon associated with it.
Related Topic
•Understanding Security Features for Cisco Unified IP Phones, page1-12
•Security Restrictions, page 1-21
Supporting 802.1X Authentication on Cisco Unified IP PhonesThese sections provide information about 802.1X support on the Cisco Unified IP
Phones:
•Overview, page1-18
•Required Network Components, page1-19
•Best Practices—Requirements and Recommendations, page 1-19
Overview
Cisco Unified IP phones and Cisco Catalyst switches have traditionally used
Cisco Discovery Protocol (CDP) to identify each other and determine parameters
such as VLAN allocation and inline power requirements. However, CDP is not
used to identify any locally attached PCs, therefore Cisco Unified IP Phones
provide an EAPOL pass-through mechanism, whereby a PC locally attached to
the IP phone, may pass through EAPOL messages to the 802.1X authenticator in