Cisco Unified Communications Manager Security Guide, Release 6.1(1)
Index
Downloads: This chapterpdf (PDF - 483.0KB) The complete bookPDF (PDF - 4.76MB) | Feedback

Index

Table Of Contents

A - B - C - D - E - F - H - I - J - L - M - P - S - T - V -

Index

A

authentication

device 1-17

digest 1-17

interactions 1-6, 1-7

overview 1-17

restrictions 1-6, 1-7

with CTI/JTAPI/TAPI applications 12-2

authentication string

entering on phone 6-9

finding phones using 6-8

with CAPF 6-1

with CTI/JTAPI/TAPI applications 12-4

authorization

configuration settings (table)

for SIP trunk 15-4

configuring for SIP trunk 15-3

interactions 1-7

overview 1-17

B

barge

encryption restrictions with 1-13

security 10-1

security icons 10-3

C

Certificate Authority Proxy Function (CAPF)

activating service 6-5, 12-8

authentication string

entering on phone 6-9

CAPF service 3-5

configuration checklist (table) 6-4

configuration settings (table)

for CTI/JTAPI/TAPI applications 12-11

for phones 6-7

configuring an application user or end user CAPF profile 12-10

configuring in Cisco Unified Serviceability 6-4

deleting an application user or end user CAPF profile 12-12

finding an application user or end user CAPF profile 12-9

finding phones using LSC or authentication string 6-8

generating CAPF report 6-8

installing 1-13

interactions and requirements 6-3

interaction with Cisco Unified IP Phone 6-2

overview 6-1

updating service parameters 6-5

using for phone certificate operations 6-6

viewing certificate operation status for application user or end user 12-14

with CTI/JTAPI/TAPI applications

interactions and requirements 12-5

overview 12-4

updating service parameters 12-8

certificates

external CAs 1-14

Internet Explorer certificate 2-2

Netscape certificate 2-6

types 1-14

Certificate Signing Requests (CSRs) 1-14

Cisco Unified IP Phone

authentication string

entering on phone 6-9

configuration checklist (table) for security 4-2

configuration settings (table)

for CAPF 6-7

configuration tips for phone security profiles 5-1

deleting CTL file 3-17

disabling the GARP setting 9-1

disabling the PC Port setting 9-2

disabling the PC Voice VLAN Access setting 9-2

disabling the Setting Access setting 9-2

disabling the Web Access setting 9-1

encrypted configuration file 7-1

interaction with CAPF 6-2

secure conference support 10-5

security icons 1-6

understanding security 4-1

viewing security settings 4-2

computer telephony integration (CTI)

configuration checklist (table) for securing 12-5

secure user groups

adding application users and end users 12-7

conference bridge

conference list 10-3

configuration checklist (table) for security 10-9

configuration tips for security 10-8

configuring minimum Meet-Me security 10-11

configuring packet capture on a secure conference bridge 10-12

configuring security 10-10

minimum Meet-Me security level 10-3

security 10-1

security icons 10-3

security interactions 10-7

security requirements 10-2

security restrictions 10-7

configuration file

encryption 1-21

CTL client

CAPF service 3-5

cluster security mode

updating 3-13

configuration checklist (table) 3-3

configuration settings (table) 3-13

configuration tips 3-2

configuring

CTL client 3-8

TLS port 3-5

CTL Provider service 3-4

deleting CTL file on phone 3-17

installing 1-13, 3-6

migrating 3-7

overview 3-1

security mode

verifying 3-15

security token

changing password 3-17

configuring CTL client 3-8

setting the Smart Card service 3-16

uninstalling 3-18

upgrading 3-7

verifying 3-18

version

determining 3-18

CTL file

deleting entry 3-12

deleting on phone 3-17

updating 3-11

CTL Provider

activating service 3-4

D

device authentication

configuration settings (table)

for SCCP phone 5-4

for SIP phones 5-6

for SIP trunk 15-4

configuring for phones 5-3

configuring for SIP trunk 15-3

overview 1-17

digest authentication

associating digest user with a phone 8-4

cluster ID 16-2

configuration checklist (table)

for phones 8-1

for SIP trunk 16-1

configuration settings (table)

for application user digest credentials 16-3

for end user 8-3

for SIP phones 5-6

for SIP realm 16-5

for SIP trunk 15-4

configuring a SIP realm 16-4

configuring digest credentials

for application user 16-2

for end user 8-3

configuring for phones 5-3

configuring for SIP trunk 15-3

configuring service parameters 8-2

deleting a SIP realm 16-5

finding a SIP realm 16-3

overview 1-17

E

encrypted configuration file

configuration checklist (table) 7-5

configuration settings (table)

for manual key 7-7

configuration tips 7-4

configuring manual key distribution 7-6

disabling 7-9

enabling 7-6

entering symmetric key 7-7

manual key configuration checklist (table) 7-7

manual key distribution 7-2

phone support 7-4

symmetric key encryption with public key 7-3

understanding 7-1

using symmetric key encryption w/public key 7-8

verifying 7-9

encryption

configuration checklist (table) for gateways and trunks 14-3

configuration settings (table)

for SCCP phone 5-4

for SIP phone 5-6

for SIP trunk 15-4

configuring for phones 5-3

configuring SRTP allowed check box 14-5

configuring with barge 1-13

for H.323/H.225/H.245 trunk 14-2

for H.323 gateway 14-2

for MGCP gateway 14-1

for SIP trunk 14-3

installing 1-13

interactions 1-6, 1-7, 10-7

overview 1-21

restrictions 1-6, 1-7, 10-7

signaling

configuring for phones 5-3

configuring for SIP trunk 15-3

with CTI/JTAPI/TAPI applications 12-3

etoken

changing password 3-17

configuring CTL client 3-8

F

file authentication

configuring for phones 5-3

overview 1-17

H

HTTPS

overview 2-1

virtual directories (table) 2-2

with Internet Explorer 2-2

with Netscape 2-6

I

image authentication

overview 1-17

integrity

overview 1-17

IPSec 1-13

configuration checklist (table) for IPSec 14-3

configuring 14-4

gateway or trunk considerations 14-5

infrastructure considerations 14-4

recommendations 14-4, 14-5

J

JTAPI

configuration checklist (table) for securing 12-5

configuring security service parameters 12-13

L

locally significant certificate (LSC)

finding phones using 6-8

with CTI/JTAPI/TAPI applications 12-4

M

media encryption (See also encryption)

overview 1-21

MGCP gateway

configuration checklist (table) for security 14-3

configuring 14-4, 14-5

P

phone hardening

configuring 9-2

disabling the GARP setting 9-1

disabling the PC Port setting 9-2

disabling the PC Voice VLAN Access setting 9-2

disabling the Setting Access setting 9-2

disabling the Web Access setting 9-1

port

CTL Provider 3-5

Ethernet phone 3-5

SIP secure 3-5

S

secure conference

Cisco Unified IP Phone support 10-5

conference bridge requirements 10-2

conference list 10-3

configuration checklist (table) 10-9

configuration tips 10-8

configuring minimum Meet-Me security 10-11

configuring packet capture 10-12

configuring secure conference bridge 10-10

CTI support 10-6

interactions 10-7

minimum Meet-Me security level 10-3

restrictions 10-7

security icons 10-3

security overview 10-1

trunks and gateways 10-6

secure sockets layer (SSL)

installing 1-13

with HTTPS 2-1

security

authentication overview 1-17

authorization overview 1-17

best practices 1-11

certificate types 1-14

configuration checklist for authentication and encryption (table) 1-24

CTL client overview 3-1

encryption overview 1-21

external CAs 1-14

features list 1-5

HTTPS 2-1

installing 1-13

interactions 1-6, 1-7, 10-7

rebooting the cluster 1-12

rebooting the server 1-12

resetting devices 1-12

restarting Cisco Unified Communications Manager service 1-12

restrictions 1-6, 1-7, 10-7

SCCP calls (table) 1-5

SIP calls (table) 1-6

system requirements 1-5

terminology (table) 1-2

tokens 3-1, 3-6, 3-8, 3-11, 3-17

using barge with encryption 1-13

where to find more information 1-28

security mode

cluster

configuring 3-13

verifying 3-15

security profile

applying for SIP trunk 15-7

applying to phones 5-9

configuration settings (table)

for SCCP phone 5-4

for SIP phones 5-6

for SIP trunk 15-4

configuration tips for phones 5-1

configuring for phones 5-3

configuring for SIP trunk 15-3

deleting for phones 5-10

deleting for SIP trunk 15-8

finding for phones 5-2

finding for SIP trunk 15-2

finding phones that use 5-11

overview for phones 5-1

overview for SIP trunk 15-1

security token

configuring CTL client 3-8

signaling authentication

overview 1-17

signaling encryption

overview 1-21

Site Administrator Security Token (SAST) 3-1

SRST

configuration checklist (table) for securing 13-3

configuration tips for securing 13-2

overview for securing 13-1

troubleshooting

certificate deleted on gateway 13-5

SRST reference

configuration settings (table) for security 13-5

configuring 13-3

troubleshooting

deleting secured reference 13-5

T

TAPI

configuration checklist (table) for securing 12-5

configuring security service parameters 12-13

Tftp service 3-1

TLS Proxy server 3-1

transport layer security (TLS) 1-13

port 3-5

transport security

and real-time protocol (RTP) 1-13

and secure real-time protocol (SRTP) 1-13

configuration settings (table)

for SCCP phone 5-4

for SIP phone 5-6

for SIP trunk 15-4

configuring for SIP phones 5-3

configuring for SIP trunk 15-3

IPSec 1-13

TLS 1-13

troubleshooting

deleting CTL file on phone 3-17

SRST certificate deleted on gateway 13-5

V

voice messaging

configuration checklist (table) for security 11-3

security overview 11-1

security requirements 11-1

voice messaging port

applying a security profile 11-3

applying a security profile using the Wizard 11-4

configuration checklist (table) for security 11-3

security overview 11-1