Cisco Unified CallManager Security Guide, Release 5.1(3)
Preface
Downloads: This chapterpdf (PDF - 190.0KB) The complete bookPDF (PDF - 1.99MB) | Feedback

Preface

Table Of Contents

Preface

Purpose

Audience

Organization

Related Documentation

Conventions

Obtaining Documentation, Obtaining Support, and Security Guidelines


Preface


This preface describes the purpose, audience, organization, and conventions of this guide and provides information on how to obtain related documentation.

The preface covers these topics:

Purpose

Audience

Organization

Related Documentation

Conventions

Obtaining Documentation, Obtaining Support, and Security Guidelines

Purpose

Cisco Unified CallManager Security Guide helps system and phone administrators perform the following tasks:

Configure authentication.

Configure encryption.

Configure digest authentication.

Install server authentication certificate that is associated with HTTPS.

Configure security profiles.

Configure Certificate Authority Proxy Function (CAPF) to install, upgrade, or delete locally significant certificates on supported Cisco Unified IP Phone models.

Configure phone hardening.

Configure Survivable Remote Site Telephony (SRST) references for security.

Configure gateways and trunks for security.

Troubleshoot issues.

Audience

This guide provides a reference and procedural guide for system and phone administrators who plan to configure the security features.

Organization

Table 1 lists the major sections of this guide:

Table 1 Guide Overview 

Chapter
Description
Security Basics

"Security Overview"

Provides an overview of security terminology, system requirements, interactions and restrictions, installation requirements, and a configuration checklist; describes the different types of authentication and encryption.

"Using Hypertext Transfer Protocol over Secure Sockets Layer (HTTPS)"

Provides an overview of HTTPS and describes how to install the server authentication certificate in the trusted folder.

"Configuring the Cisco CTL Client"

Describes how to configure authentication by installing and configuring the Cisco CTL client.

Security for Phones and Voice Mail Ports

"Phone Security Overview"

Describes how Cisco Unified CallManager and the phone use security; provides a list of tasks that you perform to configure security for the phone.

"Configuring a Phone Security Profile"

Describes how to configure the security profile and apply it to the phones in Cisco Unified CallManager Administration.

"Using the Certificate Authority Proxy Function"

Provides an overview of Certificate Authority Proxy Function and describes how to install, upgrade, delete, or troubleshoot locally significant certificates on supported phones.

"Configuring Encrypted Phone Configuration Files"

Describes how to configure encrypted phone configuration files in Cisco Unified CallManager Administration.

"Configuring Digest Authentication for the SIP Phone"

Describes how to configure digest authenticationon the SIP phone in Cisco Unified CallManager Administration.

"Phone Hardening"

Describes how to tighten the security on the phone by using Cisco Unified CallManager Administration.

Chapter 10, "Configuring Voice-Messaging Ports for Security"

Describes how to configure security for voice mail ports in Cisco Unified CallManager Administration.

Security for CTI, JTAPI, and TAPI

"Configuring Authentication and Encryption for CTI, JTAPI, and TAPI"

Describes how to configure the Application User CAPF Profile and End User CAPF Profiles in Cisco Unified CallManager Administration.

Security for SRST References, Gateways, and Trunks

"Configuring a Secure Survivable Remote Site Telephony (SRST) Reference"

Describes how to configure the SRST reference for security in Cisco Unified CallManager Administration.

"Configuring Encryption for Gateways and Trunks"

Describes how Cisco Unified CallManager communicates with a secure gateway or trunk; describes IPSec recommendations and considerations.

"Configuring the SIP Trunk Security Profile"

Describes how to configure and apply the SIP trunk security profile in Cisco Unified CallManager Administration.

"Configuring Digest Authentication for the SIP Trunk"

Describes how to configure digest authentication for the SIP trunk in Cisco Unified CallManager Administration.


Related Documentation

Refer to the following documents for further information about related Cisco IP telephony applications and products:

Cisco Unified IP Phone Administration Guide for Cisco Unified CallManager

Media and Signaling Authentication and Encryption Feature for Cisco IOS MGCP Gateways

Cisco Unified CallManager 5.0 Integration Guide for Cisco Unity 4.x

Cisco Unified Survivable Remote Site Telephony (SRST) administration documentation that supports the SRST-enabled gateway

The firmware release notes that support your phone model

Conventions

Notes use the following conventions:


Note Means reader take note. Notes contain helpful suggestions or references to material not covered in the publication.


Tips use the following conventions:


Tip Means the following are useful tips.


Cautions use the following conventions:


Caution Means reader be careful. In this situation, you might do something that could result in equipment damage or loss of data.

Obtaining Documentation, Obtaining Support, and Security Guidelines

For information on obtaining documentation, obtaining support, providing documentation feedback, security guidelines, and also recommended aliases and general Cisco documents, see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:

http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html

Cisco Product Security Overview

This product contains cryptographic features and is subject to United States and local country laws governing import, export, transfer and use. Delivery of Cisco cryptographic products does not imply third-party authority to import, export, distribute or use encryption. Importers, exporters, distributors and users are responsible for compliance with U.S. and local country laws. By using this product you agree to comply with applicable laws and regulations. If you are unable to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at: http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance, please contact us by sending email to export@cisco.com.