Alternate Zone Designs
An alternative method of creating zones is to create them functionally, rather than
geographically.You can configure zones with different security restrictions and use
the zone subnet command to only allow users to join their appropriate zone.
Each user (endpoint) can be authenticated before being admitted to their
zone.This can be done with endpoint authentication.Version 1 of H.323 does
not have comprehensive authentication. Users must piggyback their password
onto their H.323 registration with a predefined password separator character separating
the two.The gatekeeper can then collect the password and authenticate it
to the RADIUS or TACACS+ server.While this approach is less common and
far more complex than the geographical approach, it does increase security. It is
typically used when security, not bandwidth utilization, is the primary concern of
the H.323 network.