Which statement describes the key security service that is provided by the TLS Proxy function on a Cisco ASA appliance?
Click on the arrows to vote for the correct answerA. B. C. D. E.
TLS Proxy is typically deployed in front of Cisco Unified Communications Manager and other unified communications application servers that utilize media encryption.
TLS Proxy is not designed to provide remote-access encryption services for remote phones or client endpoints.
Other solutions such as Cisco ASA Phone Proxy or IP Security/Secure Sockets Layer (IPsec/SSL) VPN services are more appropriate.
TLS Proxy is not designed to provide a secure campus soft phone solution where the requirement is to provide secure data to phone VLAN traversal or for proxying connections to Cisco Unified Communications Manager.
The TLS (Transport Layer Security) proxy function on a Cisco ASA (Adaptive Security Appliance) appliance provides a key security service for secure communication. TLS is a security protocol that encrypts data during transmission over a network, ensuring that data is protected from eavesdropping, tampering, and other security threats.
Answer A is incorrect because the TLS proxy function does not provide interworking to ensure that external IP phone traffic is encrypted, even if the rest of the system is unencrypted.
Answer B is incorrect because the TLS proxy function does not only apply to encrypted voice calls where both parties utilize encryption.
Answer C is incorrect because the TLS proxy function does not manipulate the call signaling to ensure that all media is routed via the adaptive security appliance.
Answer D is incorrect because the TLS proxy function does not enable internal phones to communicate with external phones without encryption.
Answer E is the correct answer. The TLS proxy function on a Cisco ASA appliance protects Cisco Unified Communications Manager (CUCM) from rogue soft clients and attackers on the data VLAN. Rogue soft clients can be used to bypass security controls and gain unauthorized access to the CUCM. Attackers on the data VLAN can also attempt to gain unauthorized access to the CUCM. The TLS proxy function on a Cisco ASA appliance provides an additional layer of security by intercepting and inspecting all communication between the soft clients and the CUCM, ensuring that only authorized and encrypted communication is allowed to pass through.