Live demo

Encryption for H.323/SIP Room Systems

Last Updated: April 10, 2018 // 1:51 PM

H.235 Security - AES Encryption

Some customers may require Encryption due their own company policies, HIPPA compliance or Government requirement. Most healthcare, government and financial institutions are particular sensitive about encryption on calls.

Stand-alone room systems can be set for No H.235 AES Security, Optional (Best Effort or When Available) or Strict (On or Required). Depending on how the room system is configured will dictate the behavior. Room Systems that are registered to a Cisco Unified Call Manager (CUCM), Cisco VCS Expressway, CUBE or other Border Proxy CANNOT just enable encryption on the room system as their is another device in-between the room system and the remote connection (BlueJeans). In this case refer to the Cisco Integration Guide or other documentation for the device they are using.

Cisco Integration Guide: https://support.bluejeans.com/knowledge/cisco-integration

AES Security or Encryption Settings:

OFF - will connect without encryption to a BlueJeans Meeting or another room system.
Optional (Best Effort or When Available) - will enable an encrypted connection IF, the remote connection also has encryption available. It will connect without encryption if the remote site does not offer encryption. This is the recommended setting for most room systems except for customers that have very strict encryption policies.
Strict (On or Required) - will only connect with encryption. IF the remote site does not offer encryption, the room system will not connect at all.

When encryption is enabled we can see this in Indigo (see below) as well as on the room system. The "lock" icon is an easy indicator of a call that is encrypted. This "lock" generally displays on the customers room system screen as well.

    

When a call is encrypted it means the media traffic is protected from sniffing.

These settings can generally be found under the Security Settings in the AdminUI of the room system.

Lifesize Room System → Preferences → Security → H.235 AES Security

  

 

Polycom Room System Security Settings → AES Encryption

  

 

Cisco Room System Conference Settings → Encryption Mode

  
 

NOTE: Important to check BlueJeans Meeting settings for encryption to see how it is configured when troubleshooting. See below.