Polycom 1500/1800/2000/4000 Life Jacket User Manual


  Open as PDF
of 1101
 
Appendix I - Polycom Open Collaboration Network (POCN)
Polycom®, Inc. 1049
* CTS Version 1.9.1 and higher support H.264 Content.
In Prefer TIP mode, it is pre-requisite that the CTS and CUCM versions support H.264 base profile
content without restrictions and that the CTS version be 1.9.1 or higher and that CUCM version be
version 9.0 or higher.
Encryption
Encryption between the RealPresence Collaboration Server (RMX) 1500/1800/2000/4000 and a CISCO
environment is supported. Media is encrypted using SRTP, while control is encrypted using SRTCP. TIP is
encrypted using SRTCP. SIP is be encrypted using TLS. When upgrading, the Collaboration Server
automatically creates a self-signed certificate to support encrypted communications with CISCO endpoints.
For media encryption. the Collaboration Server will first attempt to exchange keys using DTLS. If the
Collaboration Server fails to exchange keys using DTLS, SIP TLS encrypted with SDES is used to exchange
media encryption keys.
Guidelines
This feature is not supported in Ultra Secure Mode.
Voice activity metrics and RTP are not encrypted.
In the event that DTLS negotiation fails, SIP will be encrypted using TLS if enabled in the IP
Management Network properties, SIP Servers tab. DTLS negotiation does not require SIP TLS.
In a mixed CISCO and Microsoft Lync environment, in order to assure encrypted communications
with both CISCO endpoints and Microsoft Lync in the event of DTLS negotiation failure, the
certificate defined in the IP Management Network Services properties dialog box, SIP Servers
tab, must have been issued by the same certificate authority that issued the certificates used by
both the Microsoft Lync server and the CUCM server.
The flag, SIP_ENCRYPTION_KEY_EXCHANGE_MODE, is used to control this feature. The
possible values are:
AUTO (default): Normal encryption flow
DTLS: Only use DTLS for encryption
SDES: Only use SDES (SRTP) for encryption
NONE: Encryption is disabled
The feature was tested using the following CISCO components:
Cisco CUCM Version 9.0
Cisco TPC Version 2.3
TIP Compatibility - Prefer TIP
Prefer TIP
Content Receiver
HDX / ITP CTS
Content
Sender
HDX / ITP
Media:
Flow Control:
H.264
H.323 via H.239
SIP via BFCP
TIP via Auto Collaboration
CTS*