What Does End-to-End Encryption Do?

Provides information on Webex End-to-End Encryption.

What does end-to-end encryption do?

What does E2E encryption do?

What are the limitations of enabling E2E encryption on a Webex site?

What features are not available when E2E encryption is enabled?



Architecture Diagram:

User-added image

Media streams flowing from a client to Cisco Webex servers are decrypted after they cross the Cisco Webex firewall. Cisco can then provide network-based recordings that include all media streams for future reference. Cisco Webex then re-encrypts the media stream before sending it to other clients. However, for businesses requiring a higher level of security, Cisco Webex also provides End-to-End encryption. With this option, the Cisco Webex cloud does not decrypt the media streams, as it does for normal communications. Instead it establishes a Transport Layer Security (TLS) channel for client-server communication. Additionally, all Cisco Webex clients generate key pairs and send the public key to the host’s client.

The host generates a symmetric key using a Cryptographically Secure Pseudo-Random Number Generator (CSPRNG), encrypts it using the public key that the client sends, and sends the encrypted symmetric key back to the client. The traffic generated by clients is encrypted using the symmetric key. In this model, traffic cannot be decoded by the Cisco Webex server. This End-to-End encryption option is available for Cisco Webex Meetings and Webex Support.


when end-to-end encryption is enabled, the following features are not available for end-to-end encryption session types:

  • SIP and H.323 video devices
  • Webex Meetings Web App
  • Webex Web App
  • Linux and VDI clients
  • Network-Based Recording (NBR)
  • PSTN audio (Call me and Call in options)
Additional Information:

Was this article helpful?