Security overview

Last Updated : Apr 17, 2026 |
Prolog information
Metadata
Keywords:
Avaya J100 Series IP Phones provide several general, network, and application security features.

General Security features

  • Access control and security logging.
  • Password and user credentials storage using Federal Information Processing Standards (FIPS 140–3) encryption.
  • Department of Defense solution deployment with Joint Interoperability Test Command (JITC) compliance.
  • Encrypted storage of private keys using standards-compliant PKCS #7 and password-protected PKCS #12 file formats.
  • Enhanced random number generator algorithm.
  • Phone firmware integrity and authenticity ensured using a secure SHA-2 hash signature validation.
  • SHA-2 hash algorithm and strong AES-256 bit encryption available for all cryptographic operations.
  • Deprecated support for SHA-1 algorithms in all cryptographic algorithms.
  • Configurable Federal Information Processing Standard (FIPS) and non-FIPS runtime modes.
  • Remote access to the phone disabled by default. Phone access available using web UI and SSH.
  • System clock synchronization using Network Time Protocol (NTP) at configurable intervals.

Network Security features

  • Trust Certificates:
    • X.509 compliant certificates according to RFC 5280.
    • RSA (2048 and 4096 bit) keys support for certificates in truststore and received from servers during TLS connections.
    • Online Certificate Status Protocol (OCSP) for obtaining the revocation status of an X.509 digital certificate according to RFC 6960.
  • Identity certificates:
    • Public Key Infrastructure (PKI) for customers who use third-party certificates for all Avaya services.
    • RSA (2048 and 4096 bit) and limited ECC support keys for the installed identity certificates.
    • Certificate installation using one of the following methods:
      • Device Enrolment Services (DES)
      • Simple Certificate Enrollment Protocol (SCEP)
      • Enhanced Enrollment with Avaya Aura 8.3 or higher
      • PKCS #12 file format
  • Minimum TLS version defined up to TLS v1.3.
  • Secure Real-time Transport Protocol (SRTP) and Secure Real-time Transport Control Protocol (SRTCP) support.
  • 802.1x L2 network authentication.
  • VLAN separation mode using system parameters.
  • Maintenance of integrity under Denial of Service (DoS) attacks. During DoS attacks, the phone goes into the out-of-service mode.

Application Security Features

  • Phone lock and user logout functionalities to protect user privacy. Users can only receive calls or make emergency calls on a locked phone.
  • User logs and data protected with the user account.
Related information
General security features