Cisco CallManager Security Guide, Release 4.1(2)
Index
Downloads: This chapterpdf (PDF - 276.0KB) The complete bookPDF (PDF - 3.46MB) | Feedback

Index

Table Of Contents

A - C - D - E - F - H - I - L - M - P - S - T -

Index

A

authentication

configuring devices for 4-3

device security mode configuration settings (table) 4-7

installation 1-13

interactions 1-5

overview 1-16

restrictions 1-5

authentication string 3-2

C

Certificate Authority Proxy Function (CAPF)

authentication string 3-2

authentication string entered incorrectly on phone 5-37

Cisco CallManager Serviceability configuration 3-5

Cisco CAPF service 2-6

configuration checklist (table) 3-7

configuration settings (table) 3-18

deleting locally significant certificate 3-16

entering authentication string on phone 3-22

enterprise parameter configuration settings (table) 3-14

finding phones that use CAPF 3-22

generating a report 3-21

installing/upgrading locally significant certificates 3-15

interactions and requirements 3-3

messages 5-36

migrating existing data 3-9

overview 3-2

service parameter configuration settings (table) 3-12

service parameter procedure 3-11

verifying CAPF certificate installation 5-38

verifying manufacture-installed certificate exists 5-40

verifying the locally significant certificate installation 5-39

certificates

types 1-14

Cisco CTL client

changing security token password 5-9

Cisco CAPF service 2-6

Cisco CTL Provider service 2-5

comparing CTL files 5-27

configuration checklist (table) 2-3

configuration settings (table) 2-19

configuring 2-11

configuring TLS ports 2-6

deleting CTL file on phone 5-28

deleting CTL file on server 5-29

determining version 5-35

installing 2-8

locked security token 5-10

losing all security tokens 5-32

losing one security token 5-31

messages 5-5, 5-12

migrating CTL file 2-10

overview 2-2

setting the Smart Card service 5-11

troubleshooting 5-8

troubleshooting the phone 5-25

uninstalling 5-34

updating clusterwide security mode 2-18

upgrading plug-in 2-10

verifying 5-34

verifying security mode 5-33

Cisco IP Phone

authentication string entered incorrectly on phone 5-37

calculating MD5 hash 5-27

configuring hardening 4-11

deleting CTL file 5-28

disabling the GARP setting 4-9

disabling the PC Port setting 4-11

disabling the PC Voice VLAN Access setting 4-10

disabling the Setting Access setting 4-10

disabling the Web Access setting 4-9

security features (table) 1-6

troubleshooting for CTL errors 5-25

using MD5 application 5-27

verifying locally significant certificate installation 5-39

CTL client

changing security token password 5-9

Cisco CAPF service 2-6

Cisco CTL Provider service 2-5

comparing CTL files 5-27

configuration checklist (table) 2-3

configuration settings (table) 2-19

configuring 2-11

configuring TLS ports 2-6

deleting CTL file on phone 5-28

deleting CTL file on server 5-29

determining version 5-35

installing 2-8

locked security token 5-10

losing all security tokens 5-32

losing one security token 5-31

messages 5-5, 5-12

migrating CTL file 2-10

overview 2-2

setting the Smart Card service 5-11

troubleshooting 5-8

troubleshooting the phone 5-25

uninstalling 5-34

updating clusterwide security mode 2-18

upgrading plug-in 2-10

verifying 5-34

verifying security mode 5-33

CTL file

comparing 5-27

deleting entry 2-22

deleting on phone 5-28

deleting on server 5-29

losing all security tokens 5-32

losing one security token 5-31

updating 2-16

D

device authentication

configuring devices for 4-3

installation 1-13

overview 1-16

document

audience x

conventions xiii

organization xi

purpose x

related documentation xii

documentation

related xii

E

encryption

barge restrictions 5-49

configuring devices for 4-3

device security mode configuration settings (table) 4-7

installation 1-13

interactions 1-5

overview 1-18

restrictions 1-5

troubleshooting SRTP/SCCP 5-41

F

file authentication

configuring devices for 4-3

overview 1-16

H

HTTPS

copying the certificate to file (Internet Explorer) 2-17

deleting certificate 5-8

disabling 5-7

enabling 5-6

Internet Explorer support 2-13

Netscape support 2-18

overview 2-11

saving the certificate to trusted folder (Internet Explorer) 2-14

saving the certificate to trusted folder (Netscape) 2-19

troubleshooting 5-4

using a third-party certificate 2-110

viewing certificate details (Internet Explorer) 2-15

virtual directories (table) 2-12

I

image authentication

overview 1-16

integrity

overview 1-16

IP Phone

authentication string entered incorrectly on phone 5-37

calculating MD5 hash 5-27

configuring hardening 4-11

deleting CTL file 5-28

disabling the GARP setting 4-9

disabling the PC Port setting 4-11

disabling the PC Voice VLAN Access setting 4-10

disabling the Setting Access setting 4-10

disabling the Web Access setting 4-9

security features (table) 1-6

troubleshooting for CTL errors 5-25

using MD5 application 5-27

verifying locally significant certificate installation 5-39

L

locally significant certificate

authentication string entered incorrectly on phone 5-37

verifying installation 5-39

M

media encryption

configuring devices for 4-3

installation 1-13

overview 1-18

MGCP gateway

security overview 1-10

P

phone

authentication string entered incorrectly on phone 5-37

calculating MD5 hash 5-27

configuring hardening 4-11

deleting CTL file 5-28

disabling the GARP setting 4-9

disabling the PC Port setting 4-11

disabling the PC Voice VLAN Access setting 4-10

disabling the Setting Access setting 4-10

disabling the Web Access setting 4-9

security features (table) 1-6

troubleshooting for CTL errors 5-25

using MD5 application 5-27

verifying locally significant certificate installation 5-39

phone hardening

configuring 4-11

disabling the GARP setting 4-9

disabling the PC Port setting 4-11

disabling the PC Voice VLAN Access setting 4-10

disabling the Setting Access setting 4-10

disabling the Web Access setting 4-9

S

security

alarms 5-2

authentication 1-16

best practices 1-10

Certificate Authority Proxy Function (CAPF) overview 3-2

certificate types 1-14

Cisco CAPF service 2-6

Cisco CTL client configuration checklist (table) 2-3

Cisco CTL client overview 2-2

Cisco CTL Provider service 2-5

encryption 1-18

Etoken 2-8

HTTPS 2-11

installation 1-13

interactions 1-5

log files 5-3

MGCP gateway 1-10

overview of configuration (table) 1-20

packet capturing for phones 5-41

performance monitor counters 5-3

rebooting the cluster 1-12

rebooting the server 1-12

resetting devices 1-12

restarting Cisco CallManager service 1-12

restrictions 1-5

SRST overview 5-1

system requirements 1-4

terminology (table) 1-2

TLS ports 2-6

token 2-8

using barge with encryption 5-49

where to find more information 1-24

signaling authentication

configuring devices for 4-3

installation 1-13

overview 1-16

signaling encryption

configuring devices for 4-3

installation 1-13

overview 1-18

signaling integrity

overview 1-16

SRST

certificate deleted on gateway 5-51

configuring secure references 5-4

deleting security for reference 5-50

security configuration checklist (table) 5-3

security configuration settings (table) 5-6

security overview 5-1

security-related messages 5-51

troubleshooting 5-50

SRST reference

certificate deleted on gateway 5-51

configuring security 5-4

deleting security 5-50

security configuration settings (table) 5-6

security-related messages 5-51

T

troubleshooting

analyzing captured packets 5-48

authentication string entered incorrectly on phone 5-37

CAPF messages 5-36

Cisco CTL client 5-8

Cisco CTL client messages 5-5, 5-12

deleting CTL file on phone 5-28

deleting CTL file on server 5-29

deleting security from SRST reference 5-50

HTTPS 5-4

locally significant certificate validation fails 5-38

locked security token 5-10

losing all security tokens 5-32

losing one security token 5-31

packet capturing configuration checklist (table) 5-42

packet capturing configuration settings (table) 5-47

packet capturing messages 5-49

packet capturing service parameters 5-43

security alarms 5-2

security log files 5-3

security performance monitor counters 5-3

SRST certificate deleted on gateway 5-51

SRST references 5-50

SRST security-related messages 5-51

SRTP/SCCP overview 5-41

using MD5 application 5-27

verifying CAPF certificate installation 5-38

verifying locally significant certificate installation 5-39

verifying manufacture-installed certificate exists 5-40