Cisco 6941 Administration Guide - Page 30

Understanding Security Features for Cisco Unified IP Phones Chapter Table 1-6 Overview of Security Features (continued) Feature Phone hardening 802.1X Authentication Description Additional security options, which you control from Cisco Unified CM Administration: • Disabling PC port • Disabling PC Voice VLAN access • Disabling access to web pages for a phone Note You can view current settings for the PC Port Disabled, GARP Enabled, and Voice VLAN enabled options by looking at the phone's Security Configuration menu. For more information, see the "Security Configuration Menu" section on page 4-9. The Cisco Unified IP Phone can use 802.1X authentication to request and gain access to the network. See the "Supporting 802.1X Authentication on Cisco Unified IP Phones" section on page 1-21 for more information. Related Topics • Understanding Security Profiles, page 1-18 • Identifying Encrypted Phone Calls, page 1-18 • Security Restrictions, page 1-22 Understanding Security Profiles All Cisco Unified IP Phones that support Cisco Unified CM use a security profile, which defines whether the phone is nonsecure or encrypted. For information about configuring the security profile and applying the profile to the phone, refer to Cisco Unified Communications Manager Security Guide. To view the security mode that is set for the phone, look at the Security Mode setting in the Security Configuration menu. For more information, see the "Security Configuration Menu" section on page 4-9. Related Topics • Identifying Encrypted Phone Calls, page 1-18 • Security Restrictions, page 1-22 Identifying Encrypted Phone Calls When security is implemented for a phone, you can identify encrypted phone calls by icons on the screen on the phone. You can also determine if the connected phone is secure and protected if a security tone plays at the beginning of the call. In a secure call, all call signaling and media streams are encrypted. An encrypted call offers a high level of security, providing integrity and privacy to the call. When a call in progress is being encrypted, the call progress icon to the right of the call duration timer in the phone LCD screen changes to the lock icon: . If the call is routed through non-IP call legs, for example, PSTN, the call may be nonsecure even though it is encrypted within the IP network and has a lock icon associated with it. 1-18 Cisco Unified IP Phone 6921, 6941, 6945, and 6961 Administration Guide for Cisco Unified Communications Manager 8.5 (SCCP and SIP) OL-23769-01