The following are valid IPv6 formats for your G7500 and Studio X series system:
• ::1
• 2001:db8:abc:def:10.242.12.23
• 2001:db8::/48
• 2001:db8:abcd:0012::0/64
• 2001:0db8:85a3:0000:0000:1234:0abc:cdef
Call Encryption
AES is standard on your G7500 and Studio X series system. When enabled, your system automatically encrypts calls with
other systems using AES.
A locked padlock icon displays on the connected monitor(s) when a call is encrypted. If a call is unencrypted, you see an
unlocked padlock. The padlock may not accurately indicate encryption status if the call is cascaded or includes an audio-
only endpoint. To avoid security ambiguity, participants can verbally communicate the state of their padlock icon at the
beginning of a call.
The following AES cryptographic algorithms ensure flexibility when negotiating secure media transport:
• H.323 (per H.235.6)
– AES-CBC-128 / DH-1024
– AES-CBC-256 / DH-2048
• SIP (per RFCs 3711, 4568, 6188)
– AES_CM_128_HMAC_SHA1_32
– AES_CM_128_HMAC_SHA1_80
– AES_CM_256_HMAC_SHA1_32
– AES_CM_256_HMAC_SHA1_80
Configure Call Encryption
You can encrypt calls on your G7500 and Studio X series system.
Task
1 In the system web interface, go to Call Configuration > Call Settings.
2 For the Require AES Encryption for Calls setting, choose how you want to encrypt calls:
• Off: AES encryption is disabled.
• When Available: AES encryption is used with systems that support it, but the system also allows unencrypted calls.
• Required for Video Calls Only: AES encryption is used in all video calls. Calls with systems that don’t support it fail.
• Required for All Calls: AES encryption is used in all types of calls. Calls with systems that don’t support it fail.
H.460 Firewall/NAT Traversal
Configure your system for firewall or network address translation (NAT) traversal using the H.460.18 and H.460.19
standards. This includes environments with session border controllers (SBCs).
For example, an endpoint outside your network that’s initiating a SIP call connects to an SBC as a remote endpoint. The
incoming SIP traffic then traverses a firewall before connecting to the endpoint it’s calling inside your network.
Real-time media streams often use UDP for their speeds. If your system is behind a firewall that restricts access to UDP
ports, however, you can configure your system for only TCP connections.
Caution: Systems deployed outside a firewall are potentially vulnerable to unauthorized access. Visit the Polycom
Security section of the Knowledge Base at the Poly Online Support Center for timely security information. You can also
register to receive periodic updates and advisories.
Configure the System for H.460 Firewall/NAT Traversal
H.460 firewall/NAT traversal can be necessary if you’re calling with a cloud-based conferencing service or your G7500 and
Studio X series system is outside a corporate network (for example, a home office).
62
To Next Page
Loading...
Need help?
General
