Print

Previous Topic

Next Topic

About Encryption Levels

Typically, all IM communication between Cisco WebEx clients will be encrypted both within the Cisco WebEx Organization and outside of it. The IM communication will be encrypted at the originating Cisco WebEx client and decrypted at the destination client. This encryption applies to all forms of IM communication including text, desktop (and application) sharing, file transfer, VOIP, and video.

Cisco WebEx provides three levels of encryption:

  • 256-bit Advanced Encryption Standard (AES)/End-to-End encryption: Provides an additional layer of security, where data is encrypted using AES at the client and decrypted only at its destination.
  • 128-bit Secure Sockets Layer (SSL): Connectivity between a client and the SSL termination point in the data center is encrypted. In Cisco WebEx version 6 or later, Cisco WebEx clients always use SSL (Secure Sockets Layer) to connect to Cisco WebEx Data Centers.
  • No encryption: The data is not encrypted, but connectivity maybe SSL (for Cisco WebEx version 5.x). For Cisco WebEx version 6 or later, connectivity is always SSL.

The level of encryption depends on the policy set by the Organization Administrator. The Organization Administrator can apply the encryption policy either across the Cisco WebEx Organization or to specific groups.

The Cisco WebEx client automatically determines its encryption level from the policy applicable to the user logged into the client. Therefore, if a Cisco WebEx organization's policy settings do not allow a particular encryption level, the IM session will be disallowed and the applicable error message will be displayed to all clients in the IM session.

 

Note: In a group IM scenario, the encryption level will be negotiated between all the users when the initial invite is sent out. After the IM session is established, subsequent attendees will need to support the negotiated encryption level to be able to participate.

The following example explains a typical encryption policy for IM sessions.

An organization that chooses to adopt end-to-end encryption can choose from these policy options:

  • Allow only end-to-end encryption. Do not set end-to-end encryption exclusively if you have users that you need to log IMs for. This is because IM logging will take precedence over end-to-end encryption.
  • Allow both end-to-end encryption and SSL encryption. This option is applicable if you are using Cisco WebEx version 5.x.
  • Allow end-to-end encryption, SSL encryption, and no encryption.

The following table illustrates the impact of these policy options.

 

Client A Policies

Client B Encryption Level

End-to-end encryption

SSL

SSL

 

Only end-to-end encryption

End-to-end encryption

Don't allow

Don't allow

End-to-end encryption or SSL

End-to-end encryption

SSL

Don't allow

End-to-end encryption or SSL or no encryption

End-to-end encryption

SSL

No encryption

In the Action Editor, you need to set TRUE or FALSE for each of these encryption levels based on the policy option you choose.

Top of Page   Print