Secure Jabber
Planning Guide for Cisco Jabber 12.6 – Security and …
Encryption
Compliance and Policy Control for File Transfer and Screen Capture
If you send file transfers and
screen captures using the
Managed file
transfer option on
Cisco Unified
Communications Manager IM and Presence 10. 5(2) or later, you can send the files to
a compliance server for audit and policy enforcement.
For more information about
compliance, see the
Instant Messaging Compliance for IM and Presence Service on Cisco
Unified Communications Manager guide.
configuring file transfer and screen capture, see the
Cisco Unified Communications Manager IM and Presence Deployment and Installation Guide.
Instant Message
Cisco Jabber
uses Transport Layer Security (TLS) to secure Extensible Messaging and Presence
Protocol (XMPP) traffic over the network between the client and server.
encrypts point to point instant messages.
On-Premises
The following table summarizes the details for instant message encryption in on-premises deployments.
Connection
Protocol
Negotiation Certificate
Expected Encryption Algorithm
Client to server
XMPP over TLS v1. 2
X. 509 public key infrastructure certificate
AES 256 bit
Server and
Client Negotiation
The following servers negotiate TLS encryption with Cisco Jabber using X. 509 public key infrastructure (PKI) certificates
with the following:
Cisco Unified Communications Manager IM and Presence
Cisco Unified Communications Manager
After the server
and client negotiate TLS encryption, both the client and server generate and
exchange session keys to encrypt instant messaging traffic.
The following table lists the PKI certificate key lengths for Cisco Unified Communications Manager IM and Presence Service.
Version
Key Length
Cisco Unified Communications Manager IM and Presence Service versions 9. 0. 1 and higher
2048 bit
XMPP
Cisco Unified Communications Manager IM and Presence Service uses 256-bit length session keys that are encrypted with the
AES algorithm to
secure instant message traffic between Cisco Jabber and the presence server.
If you require additional security for traffic between server nodes, you can configure XMPP security settings on Cisco Unified
Communications Manager IM and Presence Service. See the following for more information about security settings:
Cisco Unified Communications Manager IM and Presence Service—Security configuration on IM and Presence
Instant
Message Logging
You can log and
archive instant messages for compliance with regulatory guidelines. To log
instant messages, you either configure an external database or integrate with a
third-party compliance server. Cisco Unified
Communications Manager IM and Presence Service does not encrypt instant messages
that you log in external databases or in third party compliance servers. You
must configure your external database or third party compliance server as
appropriate to protect the instant messages that you log.
See the following for more information about compliance:
Cisco Unified Communications Manager IM and Presence Service—Instant Messaging Compliance for IM and Presence Service
For more information about encryption levels and cryptographic algorithms, including symmetric key algorithms such as AES
or public key algorithms such as RSA, see Next Generation Encryption at this link.
For more
information about X. 509 public key infrastructure certificates, see the
Internet
X. 509 Public Key Infrastructure Certificate and CRL Profile document at this link.
Cloud-Based
The following table summarizes the details for instant message encryption in cloud-based deployments:
XMPP within TLS
AES 128 bit
Client to client
The following servers negotiate TLS encryption with Cisco Jabber using X. 509 public key infrastructure (PKI) certificates with the Cisco Webex Messenger service.
The Cisco Webex Messenger service uses 128-bit session keys that are encrypted with the AES algorithm to secure instant message traffic between Cisco Jabber and the Cisco Webex Messenger service.
You can optionally enable 256-bit client-to-client AES encryption to secure the traffic between clients.
The Cisco Webex Messenger service can log instant messages, but it does not archive those instant messages in an encrypted format. However, the Cisco Webex Messenger service uses stringent data center security, including SAE-16 and ISO-27001 audits, to protect the instant messages that
it logs.
The Cisco Webex Messenger service cannot log instant messages if you enable AES 256 bit client-to-client encryption.
Client-to-Client
By default,
instant messaging traffic between the client and the
Cisco Webex Messenger
service is secure. You can optionally specify policies in the
Cisco Webex
Administration Tool to secure instant messaging traffic between clients.
The following
policies specify client-to-client encryption of instant messages:
Support AES Encoding For
IM—Sending clients encrypt instant messages with the AES 256-bit
algorithm. Receiving clients decrypt instant messages.
Support No Encoding For
IM—Clients can send and receive instant messages to and from other
clients that do not support encryption.
table describes the different combinations that you can set with these
policies.
Policy
Combination
Client-to-Client Encryption
When
the Remote Client Supports AES Encryption
the Remote Client Does not Support AES Encryption
Support AES Encoding For IM = false
Support No Encoding For IM = true
No
sends unencrypted instant messages.
does not negotiate a key exchange. As a result, other clients do not send
encrypted instant messages.
sends and receives unencrypted instant messages.
Support AES Encoding For IM = true
Yes
sends and receives encrypted instant messages.
displays an icon to indicate instant messages are encrypted.
sends encrypted instant messages.
receives unencrypted instant messages.
Support No Encoding For IM = false
does not send or receive instant messages to the remote client.
displays an error message when users attempt to send instant messages to the
remote client.
Note
does not support client-to-client encryption with group chats.
uses client-to-client encryption for point-to-point chats only.
information about encryption and
policies, see
About
Encryption Levels in the
documentation.
Encryption Icons
Review the icons that the client displays to indicate encryption levels.
Lock Icon for Client to Server Encryption
In both on-premises and cloud-based deployments, Cisco Jabber displays the following icon to indicate client to server encryption:
Lock Icon for Client to Client Encryption
In cloud-based deployments, Cisco Jabber displays the following icon to indicate client to client encryption:
Local Chat
History
Chat history is retained after participants close the chat window and until participants sign out. If you do not want to retain
chat history after participants close the chat window, set the Disable_IM_History parameter to true. This parameter is available to all clients except IM-only users.
For on-premises deployment of Cisco Jabber for Mac, if you select the Save chat archives to: option in the Chat Preferences window of Cisco Jabber for Mac, chat history is stored locally in the Mac file system and can be searched using Spotlight.
Cisco Jabber does not encrypt archived instant messages when local chat history is enabled.
For desktop clients, you can restrict access to chat history by savings archives to the following directories:
Windows, %USERPROFILE%\AppData\Local\Cisco\Unified Communications\Jabber\CSF\History\
Mac: ~/Library/Application Support/Cisco/Unified Communications/Jabber/CSF/History/
For mobile clients, the chat history files are not accessible.
Voice and Video
You can optionally set up secure phone capabilities for all devices.
Secure phone capabilities provide secure SIP signaling, secure media streams,
and encrypted device configuration files.
If you enable secure phone capabilities for users, device connections
to Cisco Unified Communications Manager are secure. However, calls with other
devices are secure only if both devices have a secure connection.
Authentication Methods for Secure Media
Use SIP oAuth to enable secure media in a token-based authentication. You can set up SIP oAuth instead of CAPF enrollment
for your security authentication for on-premises, cloud, and hybrid deployments of Jabber.
SIP oAuth
Done once on your Cisco Unified Communications Manager set up. It ensures that your SIP traffic, including your RTP media,
is secure.
CAPF Enrollment
Workflow for enabling CAPF enrolment is as follows:
Create and Configure Jabber Devices
Authentication Strings
Configure Phone Security Profile
PIE ASLR Support
Cisco Jabber for Android, iPhone and iPad supports Position Independent Executable Address Space Layout Randomization (PIE
ASLR).
Federal
Information Processing Standards
The Federal
Information Processing Standard (FIPS) 140 is a U. S. and Canadian government
standard that specifies security requirements for cryptographic modules. These cryptographic modules
include the set of hardware, software, and firmware that implements approved
security functions and is contained within the cryptographic boundary.
FIPS requires that
all encryption, key exchange, digital signatures, and hash and random number
generation functions used within the client are compliant with the
FIPS 140. 2 requirements for the security of cryptographic modules.
FIPS mode results
in the client managing certificates more strictly. Users in FIPS mode may see
certificate errors in the client if a certificate for a service expires and they haven’t reentered their credentials.
Users also see a
FIPS icon in their hub window to indicate that the client is running in FIPS mode.
Enable FIPS for Cisco Jabber for Windows
Cisco Jabber for Windows supports two methods of enabling FIPS:
Operating system enabled—The Windows operating system is in FIPS mode.
Cisco Jabber bootstrap setting—Configure the FIPS_MODE installer switch. Cisco Jabber can be in FIPS mode on an operating
system that is not FIPS enabled. In this scenario, only connections with non-Windows APIs are in FIPS mode.
Table 1. Cisco Jabber for Windows Setting for FIPS
Platform Mode
Bootstrap Setting
Cisco Jabber Client Setting
FIPS Enabled
FIPS Enabled—Bootstrap setting.
FIPS Disabled
FIPS Disabled—Bootstrap setting.
No setting
FIPS Enabled—Platform setting.
FIPS Disabled—Platform setting.
Jabber Voicemail service only accepts TLS Version TLS 1. 2 for HTTPs request with FIPS enabled during an SSL connection.
Enable FIPS for Cisco Jabber for Mobile ClientsTo enable FIPS for Cisco Jabber for mobile clients, set the FIPS_MODE parameter to TRUE in the Enterprise Mobility Management (EMM).
Important
Enabling FIPS removes the users ability to accept untrusted certificates. In this case, some services may not be available
to users. Certificate Trust List (CTL) or ITL file does not apply here. The servers’ certificates must be properly signed,
or the client must be made to trust the servers’ certificates through side-loading.
FIPS enforces TLS1. 2, so the older protocols are disabled.
Cisco Jabber for mobile clients don’t support Platform Mode.
Common Criteria
The Common Criteria for Information Technology Security Evaluation comprise a set of international standards that are used
to evaluate the security attributes of IT products. You can run Cisco Jabber in a mode that is compliant with the Common Criteria
certification requirements. To do this, you must enable it for each of the clients.
To run Jabber in an environment that is enabled with Common Criteria:
Jabber for Windows: Set the CC_MODE installation argument to TRUE.
For Jabber for Android and Jabber for iPhone and iPad: Set the CC_MODE parameter to TRUE in your Enterprise Mobility Management
(EMM).
The RSA key length must be at least 2048 bits. To configure the RSA key length, read about how to Create and Configure Cisco Jabber Devices in the On-Premises Deployment Guide for Cisco Jabber 12. 5.
For more information about how to set up Jabber to run in common criteria mode, read about how to Deploy Cisco Jabber Applications in the On-Premises Deployment Guide for Cisco Jabber 12. 5.
Secure LDAP
Secure LDAP communication is LDAP over SSL/TLS
LDAPS initiates an LDAP connection over a SSL/TLS connection. It opens the SSL session then begins using the LDAP protocol.
This requires a separate port, 636 or Global Catalog port 3269.
Authenticated UDS Contact Search
Enable authentication for UDS contact searches in Cisco Unified Communications Manager and Cisco Jabber provides credentials
to authenticate with UDS for contact searches.
Certificates
Certificate
Validation
The
Certificate Validation Process
The operating system Cisco Jabber runs on validates server certificates when authenticating to services. When attempting to establish secure connections, the
service presents Cisco Jabber with a certificate. The operating system validates the presented certificate against what is in the client device’s local
certificate store. If the certificate is not in the certificate store, the certificate is deemed untrusted and Cisco Jabber prompts the user to accept or decline the certificate.
If the user
accepts the certificate,
connects to the service and saves the certificate in the certificate store or
keychain of the device. If the user declines the certificate,
does not connect to the service and the certificate is not saved to the
certificate store or keychain of the device.
If the
certificate is in the local certificate store of the device,
trusts the certificate.
connects to the service without prompting the user to accept or decline the
certificate.
Cisco Jabber can authenticate to several services, depending on what is deployed in the organization. A certificate signing request (CSR)
must be generated for each service. Some public certificate authorities do not accept more than one CSR per fully qualified
domain name (FQDN). Which means that the CSR for each service may need to be sent to separate public certificate authorities.
Ensure that you
specify FQDN in the service profile for each service, instead of the IP address
or hostname.
Signed
Certificates can be signed by the certificate authority (CA) or self-signed.
CA-signed certificates (Recommended)—Users are not prompted because you are installing the certificate on the devices yourself.
CA-signed certificates can be signed by a Private CA or a Public CA. Many certificates that are signed by a Public CA are
stored in the certificate store or keychain of the device. Devicies using Android 7. 0 or later recognize only CA-signed certificates.
Self-signed certificates—Certificates are signed by the services that are presenting the certificates, and users are always
prompted to accept or decline the certificate.
Validation Options
Before setting up
certificate validation, you must decide how you want the certificates to be
validated:
Whether you
are deploying certificates for on-premises or cloud-based deployments.
What method
you are using to sign the certificates.
If are you
deploying CA-signed certificates, whether you are going to use public CA or
private CA.
Which services
you need to get certificates for.
Required
Certificates for On-Premises Servers
On-premises servers present the following certificates to establish a secure connection with Cisco Jabber:
Server
Service
HTTP (Tomcat)
Communications Manager
HTTP (Tomcat) and CallManager certificate (secure SIP call signaling for secure phone)
Cisco Unity Connection
Cisco Webex Meetings Server
Cisco VCS Expressway
Cisco Expressway-E
Server certificate (used for HTTP, XMPP, and SIP call signaling)
Notes
Security Assertion Markup Language (SAML) single sign-on (SSO) and the Identity Provider (IdP) require an X. 509 certificate.
You should apply the most recent Service Update (SU) for Cisco Unified Communications Manager IM and Presence
Service before you begin the certificate signing process.
The required certificates apply to all server versions.
Each cluster node, subscriber, and publisher, runs a Tomcat service and can present the client with an HTTP certificate.
You should plan to sign the certificates for each node in the cluster.
To secure SIP signaling between the client and Cisco Unified
Communications Manager, you should use Certification Authority Proxy Function (CAPF) enrollment.
Signing Request Formats and Requirements
A public
certificate authority (CA) typically requires a certificate signing request
(CSR) to conform to specific formats. For example, a public CA might only
accept CSRs that have the following requirements:
Are
Base64-encoded.
Do not
contain certain characters, such as
@&!, in the
Organization,
OU, or other fields.
Use specific
bit lengths in the server’s public key.
If you submit CSRs from multiple nodes, public CAs might require
that the information is consistent in all CSRs.
To prevent issues
with your CSRs, you should review the format requirements from the public CA to
which you plan to submit the CSRs. You should then ensure that the information
you enter when configuring your server conforms to the format that the public
CA requires.
One Certificate Per
FQDN—Some public CAs sign only one certificate per fully qualified domain
name (FQDN).
For example, to sign the HTTP and XMPP certificates for a single Cisco Unified Communications Manager IM and Presence
Service node, you might need to submit each CSR to different public CAs.
Revocation
Servers
Cisco Jabber cannot connect to the Cisco Unified Communications Manager servers if the revocation server is not reachable.
Also, if a certificate authority (CA) revokes a certificate, Cisco Jabber does not allow users to connect to that server.
Users are not notified of the following outcomes:
The certificates do not contain revocation information.
The revocation server cannot be reached.
To validate certificates, the certificate must contain an HTTP URL in the CDP or AIA fields for a reachable server that can provide revocation information.
To ensure that your certificates are validated when you get a certificate issued by a CA, you must meet one of the following
requirements:
Ensure that the CRL Distribution Point (CDP) field contains an HTTP URL to a certificate revocation list (CRL) on a revocation server.
Ensure that the Authority Information Access (AIA) field contains an HTTP URL for an Online Certificate Status Protocol (OCSP) server.
Server Identity in
As part of the signing process, the CA specifies the server identity in the certificate. When the client validates that certificate,
it checks that:
A trusted authority has issued the certificate.
The identity of the server that presents the certificate matches the identity of the server specified in the certificate.
Public CAs generally require a fully qualified domain name (FQDN) as the server identity, not an IP address.
Identifier Fields
The client checks the following identifier fields in server certificates for an identity match:
XMPP certificates
SubjectAltName\OtherName\xmppAddr
SubjectAltName\OtherName\srvName
SubjectAltName\dnsNames
Subject CN
HTTP certificates
Tip
The Subject CN field can contain a wildcard (*) as the leftmost character, for example, *
Prevent
Identity Mismatch
If users attempt
to connect to a server with an IP address or hostname, and the server
certificate identifies the server with an FQDN, the client cannot identify the
server as trusted and prompts the user.
If your server
certificates identify the servers with FQDNs, you should plan to specify each
server name as FQDN in many places on your servers. For more information, see
Prevent Identity Mismatch section in
Troubleshooting TechNotes.
Certificates for
Multiserver SANs
If you use a multiserver SAN, you only need to upload a certificate to
the service once per cluster per tomcat certificate and once per cluster per
XMPP certificate. If you do not use a multiserver SAN, then you must upload the
certificate to the service for every Cisco Unified Communications Manager node.
Certificate Validation for Cloud Deployments
Cisco Webex Messenger and Cisco Webex Meetings Center present the following certificates to the client by default:
CAS
WAPI
Cisco Webex certificates are signed by a public Certificate Authority (CA). Cisco Jabber validates these certificates to establish secure
connections with cloud-based services.
Cisco Jabber validates the following XMPP certificates received from Cisco Webex Messenger. If these certificates are not included in your operating system, you must provide them.
VeriSign
Class 3 Public Primary Certification Authority – G5 — This certificate is stored in the Trusted Root
Certificate Authority
VeriSign Class 3 Secure Server CA – G3 —This certificate validates the Webex Messenger server identity and is stored in the Intermediate Certificate Authority.
AddTrust External CA Root
GoDaddy Class 2 Certification Authority Root Certificate
For more information about root certificates for Cisco Jabber for Windows, see
For more information about root certificates for Cisco Jabber for Mac, see
Server Name Indication Support for Multitenant Hosted Collaboration Solution
Cisco Jabber supports Server Name Indication (SNI) in a Mobile and Remote Access (MRA) deployment with a multitenant Hosted
Collaboration Solution.
Cisco Jabber sends the domain information using SNI to Expressway. Expressway looks up the certificate storage to find the
certificate that contains the domain information and returns the certificate to Cisco Jabber for validation.
For more information on multitenant deployment, see the sections Endpoint Service Discovery with Domain Certificates and Jabber Service Discovery without Domain Certificates from the Cisco Hosted Collaboration Solution, Release 11. 5 Multitenant Expressway Configuration Guide.
Antivirus Exclusions
If you deploy antivirus software, include the following folder locations in the antivirus exclusion list:
C:\Users\
C:\Users\
C:\ProgramData\Cisco Systems\Cisco Jabber
Is Cisco Jabber HIPAA compliant? – Paubox
by Hoala Greevy Founder CEO of Paubox
Article filed in
HIPAA compliance
23 Oct 2017
Lately we’ve been discussing in the office whether certain cloud-based solutions are HIPAA compliant or not. Jabber by Cisco is a provider of presence and messaging software.
We know the HIPAA industry is vast so we can empathize with just how many people need to use cloud-based services in this sector.
In previous posts, we’ve covered the following cloud solutions and their capabilities for HIPAA compliance:
Amazon CloudFront
Apple iCloud
Box
Citrix ShareFile
Dropbox
FaceTime
Google Drive
Google Forms
Google Hangouts
GoToMeeting
Microsoft 365
OneDrive
SharePoint
Slack
WhatsApp
Yammer
Zoho
Zoom
The purpose of this post is to determine if Cisco Jabber offers HIPAA compliance or not.
SEE ALSO: HIPAA Breaches and Cloud Providers
About Jabber
Jabber is a provider of presence and messaging software.
It’s important to note that Cisco acquired the company called Jabber () in 2008. The open standard Jabber () is a stand-alone entity.
The Jabber protocol, now called XMPP, is an open standard for Instant Messaging.
We’ve previously talked about how a Business Associate Agreement (BAA) is a written contract between a Covered Entity and a Business Associate. It is required by law for HIPAA compliance to ensure security and privacy.
Jabber XCP Frequently Asked Questions
We checked the Cisco Jabber site and found a page called Jabber XCP Frequently Asked Questions.
In it, Cisco points out:
Q: How secure is Jabber XCP?
A: Jabber XCP is secure enough to support compliance regulations such as the Securities Exchange Commission (SEC) and Health Insurance Portability and Accountability (HIPAA). Jabber XCP security is used and trusted by the U. S. federal government.
The page does not make any mention however, of Cisco being willing to sign a Business Associate Agreement for use with Jabber.
The Cisco Approach to Telehealth White Paper
We also found a White Paper on Cisco’s site called The Cisco Approach to Telehealth.
It’s written in marketing speak and does not dive into any details around whether the company will actually sign a BAA with its customers.
Cisco Compliance Solution for HIPAA Security Rule Design and Implementation Guide
We next found the Cisco Compliance Solution for HIPAA Security Rule Design and Implementation Guide.
The Implementation Guide is comprehensive and overwhelmingly demonstrates Cisco’s focus on the U. Healthcare market.
There are two issues remaining however:
Cisco still does not mention signing a BAA.
Jabber is not mentioned as being HIPAA compliant.
We were unable to find any other evidence on Cisco’s site that mentions it signing a BAA.
Does Cisco Jabber Offer HIPAA Compliant Service?
The Business Associate Agreement is a key component to HIPAA compliance between a Covered Entity and a Business Associate.
While Cisco is obviously focused on the U. Healthcare market, we were left with the impression that they do not actually sign Business Associate Agreements with their customers.
Instead, we believe they’ve determined themselves to fall in the HIPAA Conduit Exception Rule category.
SEE ALSO: HIPAA Conduit Exception Rule – What is it?
It’s also possible we fundamentally do not understand the nature of Jabber. Perhaps it’s not a cloud-based service at all and instead must be installed on-premises. If that’s the case, a BAA from Cisco would most likely not be required.
Conclusion: We are unable to conclusively determine if Jabber is HIPAA Compliant or not. We’re also unable to determine if it’s even a cloud-based service.
Try Paubox Email Suite for FREE today.
Critical Cisco Jabber Bug Could Let Attackers Hack Remote Systems
Cisco on Wednesday released software updates to address multiple vulnerabilities affecting its Jabber messaging clients across Windows, macOS, Android, and iOS.
Successful exploitation of the flaws could permit an “attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic, or cause a denial of service (DoS) condition, ” the networking major said in an advisory.
The issues concern a total of five security vulnerabilities, three of which (CVE-2021-1411, CVE-2021-1417, and CVE-2021-1418) were reported to the company by Olav Sortland Thoresen of Watchcom, with two others (CVE-2021-1469 and CVE-2021-1471) uncovered during internal security testing.
Cisco notes that the flaws are not dependent on one another, and that exploitation of any one of the vulnerabilities doesn’t hinge on the exploitation of another. But in order to do this, an attacker needs to be authenticated to an Extensible Messaging and Presence Protocol (XMPP) server running the vulnerable software, as well as be able to send XMPP messages.
CVE-2021-1411, which concerns an arbitrary program execution vulnerability in its Windows app, is also the most critical, with a CVSS score of 9. 9 out of a maximum of 10. According to Cisco, the flaw is due to improper validation of message content, thus making it possible for an attacker to send specially-crafted XMPP messages to the vulnerable client and execute arbitrary code with the same privileges as that of the user account running the software.
Besides CVE-2021-1411, four other Jabber flaws have also been fixed by Cisco, counting —
CVE-2021-1469 (Windows) – An issue with improper validation of message content that could result in arbitrary code execution.
CVE-2021-1417 (Windows) – A failure to validate message content that could be leveraged to leak sensitive information, which can then fuel further attacks.
CVE-2021-1471 (Windows, macOS, Android, iOS) – A certificate validation vulnerability that could be abused to intercept network requests and even modify connections between the Jabber client and a server
CVE-2021-1418 (Windows, macOS, Android, iOS) – An issue arising from improper validation of message content that could be exploited by sending crafted XMPP messages to cause a denial-of-service (DoS) condition.
This is far from the first time Norwegian cybersecurity firm Watchcom has uncovered flaws in Jabber clients. In September 2020, Cisco resolved four flaws in its Windows app that could permit an authenticated, remote attacker to execute arbitrary code. But after three of the four vulnerabilities were not “sufficiently mitigated, ” the company ended up releasing a second round of patches in December.
In addition to the fix for Jabber, Cisco has also published 37 other advisories that go into detail about security updates for a number of medium and high severity issues affecting various Cisco products.
Found this article interesting? Follow THN on Facebook, Twitter and LinkedIn to read more exclusive content we post.
Frequently Asked Questions about secure jabber
Is Jabber secure?
A: Jabber XCP is secure enough to support compliance regulations such as the Securities Exchange Commission (SEC) and Health Insurance Portability and Accountability (HIPAA). Jabber XCP security is used and trusted by the U.S. federal government.Oct 23, 2017
Can Jabber be hacked?
Cisco notes that the flaws are not dependent on one another, and that exploitation of any one of the vulnerabilities doesn’t hinge on the exploitation of another. …Mar 25, 2021
Are Jabber calls encrypted?
Cisco Jabber uses client-to-client encryption for point-to-point chats only. For more information about encryption and Cisco WebEx policies, see About Encryption Levels in the Cisco WebEx documentation.Jun 25, 2015
