DescriptionFeature
When connected to Cisco Unified Communications Manager Release 10.5(2) and later, the
phones support AES 256 encryption support for TLS and SIP for signaling and media
encryption. This enables phones to initiate and support TLS 1.2 connections using AES-256
based ciphers that conform to SHA-2 (Secure Hash Algorithm) standards and are Federal
Information Processing Standards (FIPS) compliant. The new ciphers are:
•
For TLS connections:
â—¦
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
â—¦
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
•
For sRTP:
â—¦
AEAD_AES_256_GCM
â—¦
AEAD_AES_128_GCM
For more information, see the Cisco Unified Communications Manager documentation.
AES 256 Encryption
The following table contains the Trust List update alarm messages and meaning. For more information, see
the Cisco Unified Communications Manager documentation.
Table 17: Trust List Update Alarm Messages
DescriptionCode and Message
Received new CTL and/or ITL1 - TL_SUCCESS
Received new CTL, no existing TL2 - CTL_INITIAL_SUCCESS
Received new ITL, no existing TL3 - ITL_INITIAL_SUCCESS
Received new CTL and ITL, no existing TL4 - TL_INITIAL_SUCCESS
Update to new CTL failed, but have previous TL5 - TL_FAILED_OLD_CTL
Update to new TL failed, and have no old TL6 - TL_FAILED_NO_TL
Generic failure7 - TL_FAILED
Update to new ITL failed, but have previous TL8 - TL_FAILED_OLD_ITL
Update to new TL failed, but have previous TL9 - TL_FAILED_OLD_TL
The Security Setup menu provides information about various security settings. The menu also provides access
to the Trust List menu and indicates whether the CTL or ITL file is installed on the phone.
Cisco IP Phone 8800 Series Administration Guide for Cisco Unified Communications Manager
87
Supported Security Features