Implementing Media Encryption for Secured Conferencing
Polycom®, Inc. 131

* System Flag =

FORCE_ENCRYPTION_FOR_UNDEFINED_PARTICIPANT_IN_WHEN_AVAILABLE_MODE

Recording Link Encryption

Recording Links are treated as regular participants, however the

ALLOW_NON_ENCRYPT_RECORDING_LINK_IN_ENCRYPT_CONF system flag must be set to YES if

a non-encrypted Recording Link is to be allowed to connect to an encrypted conference.

The following table summarizes the connection possibilities for a Recording Link that is to be connected to

a conference for each of the conference profile and Entry Queue encryption options.

Enabling Media Encryption for a Conference

Media encryption is enabled at three levels:

MCU level - Setting the Encryption Flags

Moving Participants from the Entry Queue to the Destination conference or between conferences Based on
the Encryption Settings
Destination
Conference
Encryption Setting
Current Participant Encryption Status
Encrypted Non-Encrypted
*Flag = NO *Flag = YES *Flag = NO *Flag = YES
No Encryption Move succeeds, connected encrypted Move succeeds, connected
non-encrypted
Encrypt All Move succeeds, connected encrypted. Move fails, disconnected.
Encrypt When Possible Move succeeds,
connected
encrypted
Move succeeds,
connected
encrypted
Move succeeds,
connected
non-encrypted
Connected only if
endpoint was a
defined participant
in the source
conference.
Otherwise, move
fails.
Connections by Recording Link and Conference Encryption Settings
Conference
Profile Setting
Recording Link Connection Status according to flag:
ALLOW_NON_ENCRYPT_RECORDING_ LINK_IN_ENCRYPT_CONF
YES NO
Encrypt All Connected encrypted if possible,
otherwise connected non-encrypted.
Connected only if encrypted, otherwise
disconnected
No Encryption Connected non-encrypted Connected non-encrypted
Encrypt when possible Connected encrypted if possible,
otherwise connected non-encrypted.
Connected encrypted if possible,
otherwise connected non-encrypted.