Cisco Unified Communications Manager Security Guide, Release 6.0(1)
Preface
Downloads: This chapterpdf (PDF - 367.0KB) The complete bookPDF (PDF - 4.97MB) | Feedback

Preface

Table Of Contents

Preface


Preface


This preface describes the purpose, audience, organization, and conventions of this guide and provides information on how to obtain related documentation.

The preface covers these topics:

Purpose

Audience

Organization

Related Documentation

Conventions

Obtaining Documentation, Obtaining Support, and Security Guidelines

Purpose

Cisco Unified Communications Manager Security Guide helps system and phone administrators perform the following tasks:

Configure authentication.

Configure encryption.

Configure digest authentication.

Install server authentication certificate that is associated with HTTPS

Configure the Cisco CTL Client.

Configure security profiles.

Configure Certificate Authority Proxy Function (CAPF) to install, upgrade, or delete locally significant certificates on supported Cisco Unified IP Phone models.

Configure phone hardening.

Configure Survivable Remote Site Telephony (SRST) references for security.

Configure gateways and trunks for security.

Audience

This guide provides a reference and procedural guide for system and phone administrators who plan to configure call security features for Cisco Unified Communications Manager (formerly Cisco Unified CallManager).

Organization

Table 1 lists the major sections of this guide:

Table 1 Guide Overview 
Chapter
Description
Security Basics

Chapter 1, "Security Overview"

Provides an overview of security terminology, system requirements, interactions and restrictions, installation requirements, and a configuration checklist; describes the different types of authentication and encryption.

Chapter 2, "Using Hypertext Transfer Protocol over Secure Sockets Layer (HTTPS)"

Provides an overview of HTTPS and describes how to install the server authentication certificate in the trusted folder.

Chapter 3, "Configuring the Cisco CTL Client"

Describes how to configure authentication by installing and configuring the Cisco CTL client.

Security for Phones and Voice Mail Ports

Chapter 4, "Phone Security Overview"

Describes how Cisco Unified Communications Manager and the phone use security; provides a list of tasks that you perform to configure security for the phone.

Chapter 5, "Configuring a Phone Security Profile"

Describes how to configure the security profile and apply it to the phones in Cisco Unified Communications Manager Administration.

Chapter 6, "Using the Certificate Authority Proxy Function"

Provides an overview of Certificate Authority Proxy Function and describes how to install, upgrade, delete, or troubleshoot locally significant certificates on supported phones.

Chapter 7, "Configuring Encrypted Phone Configuration Files"

Describes how to configure encrypted phone configuration files in Cisco Unified Communications Manager Administration.

Chapter 8, "Configuring Digest Authentication for the SIP Phone"

Describes how to configure digest authentication on the SIP phone in Cisco Unified Communications Manager Administration.

Chapter 9, "Phone Hardening"

Describes how to tighten the security on the phone by using Cisco Unified Communications Manager Administration.

Chapter 10, "Configuring Secure Conference Resources"

Describes how to configure media encryption for secure conferences.

Chapter 11, "Configuring Voice Messaging Ports for Security"

Describes how to configure security for voice mail ports in Cisco Unified Communications Manager Administration.

Security for CTI, JTAPI, and TAPI

Chapter 12, "Configuring Authentication and Encryption for CTI, JTAPI, and TAPI"

Describes how to configure the Application User CAPF Profile and End User CAPF Profiles in Cisco Unified Communications Manager Administration.

Security for SRST References, Gateways, and Trunks

Chapter 13, "Configuring a Secure Survivable Remote Site Telephony (SRST) Reference"

Describes how to configure the SRST reference for security in Cisco Unified Communications Manager Administration.

Chapter 14, "Configuring Encryption for Gateways and Trunks"

Describes how Cisco Unified Communications Manager communicates with a secure gateway or trunk; describes IPSec recommendations and considerations.

Chapter 15, "Configuring the SIP Trunk Security Profile"

Describes how to configure and apply the SIP trunk security profile in Cisco Unified Communications Manager Administration.

Chapter 16, "Configuring Digest Authentication for the SIP Trunk"

Describes how to configure digest authentication for the SIP trunk in Cisco Unified Communications Manager Administration.


Related Documentation

Each chapter contains a list of related documentation for the chapter topic.

Refer to the following documents for further information about related Cisco IP telephony applications and products:

Cisco Unified IP Phone Administration Guide for Cisco Unified Communications Manager

Media and Signaling Authentication and Encryption Feature for Cisco IOS MGCP Gateways

Cisco Unified Communications Manager Integration Guide for Cisco Unity

Cisco Unified Communications Manager Integration Guide for Cisco Unity Connection

Cisco Unified Survivable Remote Site Telephony (SRST) administration documentation that supports the SRST-enabled gateway

The firmware release notes that support your phone model

Conventions

Notes use the following conventions:


Note Means reader take note. Notes contain helpful suggestions or references to material not covered in the publication.


Tips use the following conventions:


Tip Means the following are useful tips.


Cautions use the following conventions:


Caution Means reader be careful. In this situation, you might do something that could result in equipment damage or loss of data.

Obtaining Documentation, Obtaining Support, and Security Guidelines

For information on obtaining documentation, obtaining support, providing documentation feedback, security guidelines, and also recommended aliases and general Cisco documents, see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:

http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html

Cisco Product Security Overview

This product contains cryptographic features and is subject to United States and local country laws governing import, export, transfer and use. Delivery of Cisco cryptographic products does not imply third-party authority to import, export, distribute or use encryption. Importers, exporters, distributors and users are responsible for compliance with U.S. and local country laws. By using this product you agree to comply with applicable laws and regulations. If you are unable to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at: http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance, please contact us by sending email to export@cisco.com.