Cisco Systems ASA 5505 Webcam User Manual


 
CHAPTER
18-1
Cisco ASA Series Firewall ASDM Configuration Guide
18
Configuring the TLS Proxy for Encrypted Voice
Inspection
This chapter describes how to configure the ASA for the TLS Proxy for Encrypted Voice Inspection
feature.
This chapter includes the following sections:
Information about the TLS Proxy for Encrypted Voice Inspection, page 18-1
Licensing for the TLS Proxy, page 18-4
Prerequisites for the TLS Proxy for Encrypted Voice Inspection, page 18-6
Configuring the TLS Proxy for Encrypted Voice Inspection, page 18-6
Feature History for the TLS Proxy for Encrypted Voice Inspection, page 18-17
Information about the TLS Proxy for Encrypted Voice Inspection
End-to-end encryption often leaves network security appliances “blind” to media and signaling traffic,
which can compromise access control and threat prevention security functions. This lack of visibility can
result in a lack of interoperability between the firewall functions and the encrypted voice, leaving
businesses unable to satisfy both of their key security requirements.
The ASA is able to intercept and decrypt encrypted signaling from Cisco encrypted endpoints to the
Cisco Unified Communications Manager (Cisco UCM), and apply the required threat protection and
access control. It can also ensure confidentiality by re-encrypting the traffic onto the Cisco UCM servers.
Typically, the ASA TLS Proxy functionality is deployed in campus unified communications network.
This solution is ideal for deployments that utilize end to end encryption and firewalls to protect Unified
Communications Manager servers.
The security appliance in Figure 18-1 serves as a proxy for both client and server, with Cisco IP Phone
and Cisco UCM interaction.