Avaya Contact Center – Extended Capacity supports the TLS, SRTP, and SSH encryption protocols to secure the connections between the contact center components. To secure the contact center databases, you must configure the server disk encryption. To ensure security of your data center connection and databases, Avaya recommends that you regularly update encryption keys. The encryption key replacement period depends on your organization security requirements and encryption type.

Connections using TLS and SRTP protocols automatically generate encryption keys for each session and do not require manual key replacement.

To secure your server disk data, you must regularly update the encryption keys and passphrases for the encrypted disks. For more information about disk encryption management, see the RHEL, CentOS, or Oracle documentation at https://access.redhat.com/, https://docs.centos.org/, and https://www.oracle.com/linux/.

To update the SSH encryption key, you can enable automatic SSH key replacement and set up a key replacement period. For more information about generating SSH keys, and enabling or disabling automatic SSH key replacement, see the related procedures in the Deploying Avaya Contact Center – Extended Capacity guide.