On 28 October 2004, Cisco launched CallManager 4.1. a new version of its IP telephony system. This release increases voice over IP (VoIP) security by broadening encryption support for IP phones and other VoIP devices, such as gateways and voicemail systems. Businesses can upgrade from CallManager 4.0 at no charge.

CallManager 4.1 allows Cisco’s 7940G and 7960G IP phones to encrypt VoIP signaling and voice streams to improve protection against IP phone eavesdropping and connection spoofing. Cisco first introduced IP encryption with CallManager 4.0, released in February 2004; the latest upgrade extends encryption support across multiple Cisco VoIP products, such as voice gateways, and to its Unity Unified Messaging voicemail platform.

Encryption is already a standard feature on most IP PBX platforms, but it is generally limited to LAN-based IP phone users. This means encryption works only for calls made within a single platform, and is removed when calls leave via a gateway. Making call encryption available on Cisco’s VoIP gateways will allow users on other Cisco platforms to conduct secure IP phone calls. And broadening encryption support to include the Unity messaging platform will help to prevent malicious users stealing voicemail files from a corporate Unity server.

The enhancements available with CallManager 4.1 should improve Cisco’s credibility with security-sensitive organizations, and further emphasize the need for businesses to understand user requirements before evaluating vendors for next-generation telephony. Though welcome, the enhancements by themselves will not drive businesses to adopt Cisco’s IP telephony products. Businesses will find more value in CallManager’s distributed architecture, native support for Q-Signaling (QSIG) and Cisco’s plans to support Session Initiation Protocol (SIP).

Recommendations

• CallManager 4.0 customers: Evaluate the 4.1 enhancements, which provide good reasons for upgrading.
• Businesses in sectors requiring more secure voice communications, such as government and higher education: Consider the benefits of CallManager’s ability to provide encryption within VoIP gateways. But evaluate voice security within the broader context of a communications security strategy that includes e-mail, which can be just as sensitive as voice communication.

Analytical Sources: Isabel Montero and Steve Blood, Gartner Research

Recommended Reading and Related Research

• "Cisco AVVID IP Telephony Solution" — Cisco is making progress on providing VoIP telephony features and functions that can support much, but not all, of the traditional PBX feature set. By Richard A. Costello
• "Magic Quadrant for North American Corporate Telephony, 2004" — As the IP telephony market continues to focus on applications and integration with business processes, select a vendor that can offer a complete solution. By Jay Lassman, Richard A. Costello and Jeff Snyder

(You may need to sign in or be a Gartner client to access the documents referenced in this FirstTake.)