Transport Layer Security
Transport Layer Security (TLS) is a standard protocol for securing and authenticating communications over
the Internet. SIP over TLS encrypts the SIP messages between the service provider SIP proxy and the end
user. SIP over TLS encrypts only the signaling messages, not the media.
TLS has two layers:
• TLS Record Protocol—Layered on a reliable transport protocol, such as SIP or TCH, this layer ensures
that the connection is private through use of symmetric data encryption and it ensures that the connection
is reliable.
• TLS Handshake Protocol—Authenticates the server and client, and negotiates the encryption algorithm
and cryptographic keys before the application protocol transmits or receives data.
The Cisco IP Phone uses UDP as the standard for SIP transport, but the phone also supports SIP over TLS
for added security.
Configure SIP Over TLS Signaling Encryption
Before you begin
Access the phone administration web page. See Access the Phone Web Page, on page 88.
Procedure
Step 1 Select Voice > Ext(n), where n is an extension number.
Step 2 In the SIP Settings section, select TLS from the SIP Transport drop-down list box.
Step 3 Click Submit All Changes.
Configure LDAP over TLS
You can configure LDAP over TLS (LDAPS) to enable secure data transmission between the server and a
specific phone.
Cisco recommends leaving the authentication method to the default value of None. Next to the server field
is an authentication field that uses the values None, Simple, or DIGEST-MD5. There is no TLS value for
authentication. The software determines the authentication method from the ldaps protocol in the server string.
Attention
Before you begin
Access the phone administration web page. See Access the Phone Web Page, on page 88.
Cisco IP Phone 8800 Series Multiplatform Phones Administration Guide
144
Cisco IP Phone Administration
Transport Layer Security
To Next Page
Loading...
Need help?
General
