Ask most IT teams running Cisco Unified Call Manager whether their 911 is handled, and you’ll get a confident yes. The calls connect. They reach the PSAP. Nothing is obviously broken.
That confidence is the problem. CUCM is excellent at what it was built to do — route calls. But routing a 911 call and delivering a compliant 911 call are two different things, and the difference is exactly where RAY BAUM’s Act lives. If you run CUCM and you haven’t specifically addressed dispatchable location for every user, there’s a good chance you have a gap you can’t see — and, as of this year, a regulator who is newly interested in finding it.
What CUCM does — and where it stops
RAY BAUM’s Act requires that every 911 call deliver a dispatchable location: not just a street address, but enough detail — building, floor, area — for responders to reach the caller without searching. Kari’s Law adds direct dialing and on-site notification on top.
CUCM can be configured to handle the basics. Where it consistently runs short is in delivering accurate, granular, automatically maintained dispatchable location across every type of user — especially the ones who don’t sit at a fixed desk:
- Remote and VPN users. A user connected over AnyConnect VPN or MRA isn’t physically where their phone registration says they are. Without a mechanism to capture their real location, a 911 call from a home office can hand responders your corporate HQ address.
- Jabber and Webex app users. Soft clients move with the person. The location that was accurate at deployment is wrong the moment they relocate, and nothing about CUCM alone forces it to update.
- Multi-site and moves. Reorganizations, new floors, and office moves quietly invalidate location data that was correct a year ago. Static configuration ages badly.
None of this means CUCM is the wrong platform. It means CUCM, on its own, was never designed to solve dispatchable location — and assuming it does is how organizations end up non-compliant without ever seeing an error.
“But we have CER”
Cisco Emergency Responder closes part of the gap. It tracks on-network devices by switch port and can route to the correct PSAP, which is real value inside the four walls of a managed network.
The way CER works is also the key to its limits. It builds dispatchable location by mapping physical switch ports to places — this phone, on this port, on this switch, is on the third floor of the east building. For a desk phone wired into a managed switch, that model is accurate and it updates itself. It’s genuinely good engineering for the environment it was built for.
But the model assumes the phone is plugged into a port you control. The moment a device leaves that wired, managed network, the switch-port map has nothing to map. There’s no port to look up when the “phone” is a Jabber client on a laptop riding home Wi-Fi, or a softphone reaching you through an AnyConnect tunnel. CER can’t infer a location it was never handed a signal for.
So what CER doesn’t fully solve is the modern reality of where your people actually are: off-network, on VPN, working from home, moving between sites. The further a user gets from a wired port on a managed switch, the more the location picture degrades — and that’s precisely the population RAY BAUM’s Act refuses to exempt.
The result is an environment that’s compliant for the in-office desk phone and exposed for everyone else. Given how much of the workforce now works remotely at least part of the time, “compliant for the desk phone” is not compliant.
What the gap looks like when someone actually dials 911
It’s easy to keep this abstract until you follow one user through a single week. Take a sales engineer whose Jabber soft client is provisioned to your headquarters in Dallas.
- Monday — in the office. Connected to a managed switch port. A 911 call delivers an accurate Dallas location. CER did its job.
- Tuesday — working from home. Same Jabber client, now on home Wi-Fi over AnyConnect. The registration still says Dallas HQ, so a 911 call points responders to a downtown lobby the caller isn’t standing in.
- Wednesday — at a customer site two states away. Still Dallas HQ.
- Thursday — a hotel the night before a conference. Still Dallas HQ.
- Friday — home again. Still Dallas HQ.
Four days out of five, the address handed to the PSAP is wrong — and nothing in the system flags it, because from CUCM’s point of view every one of those calls connected perfectly. The error stays invisible right up until the moment it isn’t.
That moment is the one nobody plans for: the user has a medical emergency at the kitchen table and can’t speak, or dials 911 during a break-in and drops the phone. Responders are sent to an empty office a thousand miles away while the clock runs. That is the exact scenario RAY BAUM’s Act was written to prevent — and the exact scenario a desk-phone-only configuration leaves wide open.
The rules just grew teeth
For years, the practical risk of a location gap was mostly a worst-case argument — real, but easy to defer. That’s changing. In April 2026 the U.S. House passed the Kari’s Law Reporting Act by a 405–5 margin, directing the FCC to investigate whether multi-line telephone system makers — and the organizations that deploy them — are actually meeting federal 911 requirements. The agency would have 180 days from enactment to publish what it finds.
The shift that matters for CUCM operators is from reactive to proactive. Enforcement has historically followed an incident: a failed call, an outage, a lawsuit. A proactive federal assessment changes the math, because remote and soft-client endpoints are exactly the kind of gap a review like this is built to surface. And federal law is only the floor — a number of states layer their own MLTS rules on top, so “we meet the federal minimum” can still leave exposure depending on where your people sit.
None of this calls for panic. It does mean the quiet window to close a known gap on your own terms is narrowing.
How 9Line closes the CUCM gap
9Line integrates directly with Cisco Unified Call Manager to deliver full Kari’s Law and RAY BAUM’s Act compliance — without ripping out your phone system and without installing software on user machines. It’s built specifically for the cases CUCM and CER leave open:
- Dispatchable location for every user type — including VPN, MRA, Jabber, and Webex app users, not just on-network desk phones.
- Unlimited emergency locations with no per-location fee, so multi-site environments aren’t penalized for being thorough.
- Automatic on-site notification with visual, map-based location so your team sees exactly where a call originated.
- Cloud-based and fast to deploy — most CUCM environments are live in weeks, not months.
Because 9Line sits in the call path rather than bolting onto the edge, the location data is accurate at the moment of the call — which is the only moment that matters. The week-in-the-life above stops being a liability: Tuesday at home and Thursday in the hotel resolve to where the caller actually is, not where the device was first provisioned.
A 60-second gut check
You don’t need a full audit to know whether you should look closer. Ask one question:
When a remote employee dials 911 from CUCM over VPN, what address does the PSAP receive?
If the answer is “our headquarters,” “I’m not sure,” or “let me check” — you have a RAY BAUM’s Act gap, and CUCM won’t fix it for you.
See where your CUCM environment actually stands
The reason this gap is dangerous is that everything looks fine until the one call where it isn’t. The better path is to find it on your terms, before a regulator — or an emergency — finds it for you.
See how 9Line for CUCM closes the gap — or schedule a working session and we’ll trace exactly what your PSAP receives for every type of user on your system.
9Line Software delivers cloud-based E911 compliance for organizations running Cisco Call Manager, Microsoft Teams, and BroadWorks — no endpoint software, no rip-and-replace, full Kari’s Law and RAY BAUM’s Act coverage.
