Buy or Renew
Buy or Renew
COMING SOON: Umbrella and Secure Access release notes are coming to Cisco Community. The community will be in read-only August 16 – 19. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
761
Views
5
Helpful
1
Replies

Security Threat involve while configuring Jabber on Mobile phone

hashimwajid1
Level 3
Level 3

‎02-03-2019 03:50 AM

Hi Experts,

 

I've one query regarding Cisco Jabber configuration. we want to use Jabber on Phones with Anyconnect but we have concern if it could cause any threat to organization security ?

 

what kind of security threats can be involve if we configure VPN on Phones for using Jabber and what are the Steps that we can take to avoid the risk. 

 

if we use jabber on phones then would it cause some kind risk 

Thanks and Best Regards

 

 

Labels:
0 Helpful
1 Reply 1

Shalid Kurunnan Chalil
Spotlight
Spotlight

‎02-04-2019 02:01 AM

Hi Hashim, 

 

This is one of the general questions which we often hear when we talk about the jabber or VPNless connectivity with corporate telephony using Cisco Edge architecture.  I may not be able to answer perfectly but please find a few points which I gathered as below;

 

But bear in mind that the Cisco Expressway is designed in such a way that to address the most common security issue prevailing around it and secure your network from possible threats. if you design the deployment in a well and recommended way by Cisco (installing valid certificates, configuring TLS etc) the possibility of a security threat is low

 

you can often check the security vulnerability issued by Cisco and update the infrastructure accordingly. 

 

Cisco Expressway performs highly secure firewall traversal, allowing B2B collaboration, jabber guest and VPNless jabber mobile and phone collaboration. 

below statement copied from the Cisco doc;

AnyConnect can secure the entire device and its contents.

Expressway and VCS utilize a session-based security model (TLS) to secure and encrypt only the collaboration application(s) and media. Expressway and VCS can secure the voice and media similar to the way that data and email are secured –

-using a socket-based type of security model. Expressway and VCS can secure all “sockets” in the application the person is using. Another way to say this is that Expressway and VCS can secure all connections in each application, not the entire device. They use TLS to secure and encrypt the SIP signaling and the media, described in the steps below :

  1. Signaling and call setup is secured back to the enterprise using Expressway or VCS
  2.  Next, authentication and provisioning are secured by Expressway/VCS and the appropriate Cisco call/session control platform
  3. Then, media is secured over the Internet through encryption With Expressway and VCS, administrators have a choice of how their users connect. Teleworkers who use Cisco TelePresence endpoints, or mobile workers who use Cisco Jabber, may choose to use a VPN client like AnyConnect, or connect via Expressway or VCS

 

More vulnerability on the jabber, please refer : https://www.cvedetails.com/vulnerability-list/vendor_id-16/product_id-25412/Cisco-Jabber.html 

 

Regards,

Shalid

Customers Also Viewed These Support Documents