You can configure 9608, 9611, 9621 and 9641 H.323 endpoints with or without staging.

• The manual staging process is the most secure.

• The automated process is less secure.

In the automated process, the phone does not authenticate the server with the initial HTTPS connection. If the initial phone connection to HTTPS is hijacked to an attacker's file server, the fraudulent file server can become trusted by the phone. In deployments with stronger security requirements where this risk is not acceptable, the phones must be manually staged in a controlled environment.