Administrator’s Guide for the Polycom RealPresence Group Series Security
Polycom, Inc. 117
3 In the Require AES Encryption for Calls list, select When Available, Required for Video Calls
Only, or Required for All Calls.
4 Click Save.
For more information on SVC-based calling, refer to SVC-Based Conferencing on page 50.
Configuring Encryption Settings for Integration with Microsoft Servers
Polycom RealPresence Group systems support media encryption in calls with Microsoft Lync 2010/2013.
The encryption settings for each component also affect the ability to place encrypted calls.
Both the Microsoft Lync Server pool and the Polycom RealPresence Group system need to be configured
to support encryption in order for calls to connect with encryption. If both components have encryption
turned off, calls connect without encryption. If one component is set to require encryption and the other is
not, calls fail to connect.
Calls from a Polycom RealPresence Group system to a Polycom RMX system using Microsoft Lync Server
require that the Polycom RealPresence Group system have encryption set to When Available.
For more information about encryption configuration in a Microsoft Lync Server environment, refer to the
Polycom Unified Communications Deployment Guide for Microsoft Environments.
H.323 Media Encryption
To provide extra security for encrypted H.323 calls, the RealPresence Group system provides an encryption
check code. Both parties in a call can use this check code to verify that their call is not being intercepted by
a 3rd party.
The check code is a 16-digit hexadecimal number that is calculated so that the number is the same at both
sites in the call. The numbers are identical if, and only if, the key generation algorithm is performed between
the two sites in the call and is not intercepted and modified by a 3rd party.
To verify the check codes match:
1 Establish an encrypted H.323 call between two sites.
2 At each site, locate the Call Statistics information on the Place a Call screen of the web interface.
The check code also displays under Diagnostics > System > Call Statistics in the Transmit
column of the Call Encryption section.
3 Verbally verify that the code is the same at both sites.
4 Do one of the following:
If the codes match, the call is secure. Proceed with the call.
If the codes do not match, then there is a possibility that the key exchange is compromised. Hang
up the call. Next, check the network path from the local system to the far-end system to determine
if the systems are experiencing a Man in the Middle attack. This occurs when a foreign device
tricks the local system into creating an encryption key using information from the imposter. Then,
the imposter can decode the data sent by the local system and eavesdrop on the call.
List of Sessions
You can use the sessions list to see information about everyone logged in to a RealPresence Group system
including:
● Type of connection, for example, Web
To Next Page
Loading...
