Showing results for 
Search instead for 
Did you mean: 

call encryption

Level 5
Level 5

we are being asked by security team to look into encrypting calls.

This is for PCI purposes.

Are there many out there that do this outside of DoD & The White House?

Thought this was a rare thing and just not how realistic the ask is.



3 Replies 3

Gregory Brunn

Do you have ccx? It is my understanding that srtp isn’t supported in ccx yet. That I believed was road mapped maybe 12.0.


Double check that however I don’t have a link handy.


There are tons of white papers on PCI compliance and Cisco UC they are a great place to start your research, or of course reach out to a partner or account manager to begain those discussions. 

We are getting some information from our account team @ Cisco however, just trying to get a feel for what types of businesses are doing this.



I have seen Health Care providers, State and Local Governements, and other companies that are worried about PCI compliance do it as well.

Mix Mode is becoming much more common place in my opinion.

With PCI there are a couple things to take note of.



VoIP traffic that contains cardholder data is in scope for applicable PCI DSS controls.


All System must use TLS v1.1/1.2 with no fallback to SSL/ early TLS (before TLS 1.1)


Any non-console administrative access must use strong cryptography


Only strong cryptography is allowed for any kind of data transfer when using open or public networks.


Starting with 11.5.1SU3 you can now do TLS 1.2 enforcement via tls min version commands. There is a great presentation done by Cisco's guy who normally covers SSO topics on saleconnect if you have access. Things to watch out for is older phones IE anything but 7800 and 8800 will not support the tls limiting. There are work arounds but it gets messy.