Cisco Unified Communications Manager Security Guide, Release 8.0(1)
Index
Downloads: This chapterpdf (PDF - 488.0KB) The complete bookPDF (PDF - 2.63MB) | Feedback

Index

Table Of Contents

A - B - C - D - E - F - H - I - J - L - M - N - P - S - T - V -

Index

A

authentication

device 1-17

digest 1-17

interactions 1-7

overview 1-17

restrictions 1-7, 1-8

with CTI/JTAPI/TAPI applications 20-2

authentication string

entering on phone 8-10

finding phones using 8-9

with CAPF 8-1

with CTI/JTAPI/TAPI applications 20-4

authorization

configuration settings (table)

for SIP trunk 23-4

configuring for SIP trunk 23-3

interactions 1-7

overview 1-17

B

barge

encryption restrictions with 1-13

security 12-1

security icons 12-3

C

Certificate Authority Proxy Function (CAPF)

activating service 8-6, 20-8

authentication string

entering on phone 8-10

CAPF service 4-6

configuration checklist (table) 8-5

configuration settings (table)

for CTI/JTAPI/TAPI applications 20-11

for phones 8-8

configuring an application user or end user CAPF profile 20-10

configuring in Cisco Unified Serviceability 8-5

deleting an application user or end user CAPF profile 20-12

finding an application user or end user CAPF profile 20-9

finding phones using LSC or authentication string 8-9

generating CAPF report 8-9

installing 1-14

interactions and requirements 8-4

interaction with Cisco Unified IP Phone 8-2

interaction with IPv6 addressing 8-3

overview 8-1

updating service parameters 8-6

using for phone certificate operations 8-7

viewing certificate operation status for application user or end user 20-14

with CTI/JTAPI/TAPI applications

interactions and requirements 20-5

overview 20-4

updating service parameters 20-8

certificates

external CAs 1-15

Netscape certificate 2-8, 2-10

types 1-15

Certificate Signing Requests (CSRs) 1-15

Cisco Unified IP Phone

authentication string

entering on phone 8-10

configuration checklist (table) for security 5-3

configuration settings (table)

for CAPF 8-8

configuration tips for phone security profiles 6-2

deleting CTL file 4-18

disabling the GARP setting 11-1

disabling the PC Port setting 11-2

disabling the PC Voice VLAN Access setting 11-2

disabling the Setting Access setting 11-2

disabling the Web Access setting 11-1

encrypted configuration file 9-1

interaction with CAPF 8-2

secure conference support 12-5

security icons 1-6

understanding security 5-1

viewing security settings 5-3

computer telephony integration (CTI)

configuration checklist (table) for securing 20-5

secure user groups

adding application users and end users 20-7

conference bridge

conference list 12-3

configuration checklist (table) for security 12-9

configuration tips for security 12-8

configuring minimum Meet-Me security 12-11

configuring packet capture on a secure conference bridge 12-12

configuring security 12-10

minimum Meet-Me security level 12-3

security 12-1

security icons 12-3

security interactions 12-6

security requirements 12-2

security restrictions 12-6

configuration file

encryption 1-22

CTL client

CAPF service 4-6

cluster security mode

updating 4-14

configuration checklist (table) 4-4

configuration settings (table) 4-15

configuration tips 4-3

configuring

CTL client 4-9

TLS port 4-6

CTL Provider service 4-5

deleting CTL file on phone 4-18

installing 1-14, 4-7

migrating 4-9

overview 4-2

security mode

verifying 4-16

security token

changing password 4-18

configuring CTL client 4-9

setting the Smart Card service 4-17

size limit 4-3

uninstalling 4-19

upgrading 4-9

verifying 4-19

version

determining 4-19

CTL file

deleting entry 4-14

deleting on phone 4-18

updating 4-12

CTL Provider

activating service 4-5

D

device authentication

configuration settings (table)

for phone that is running SCCP 6-4

for phone that is running SIP 6-7

for SIP trunk 23-4

configuring for phones 6-3

configuring for SIP trunk 23-3

overview 1-17

digest authentication

associating digest user with a phone 10-4

cluster ID 24-2

configuration checklist (table)

for phones 10-1

for SIP trunk 24-1

configuration settings (table)

for application user digest credentials 24-3

for end user 10-3

for phone that is running SIP 6-7

for SIP realm 24-5

for SIP trunk 23-4

configuring a SIP realm 24-4

configuring digest credentials

for application user 24-2

for end user 10-3

configuring for phones 6-3

configuring for SIP trunk 23-3

configuring service parameters 10-2

deleting a SIP realm 24-5

finding a SIP realm 24-3

overview 1-17

E

encrypted configuration file

configuration checklist (table) 9-5

configuration settings (table)

for manual key 9-7

configuration tips 9-4

configuring manual key distribution 9-6

disabling 9-9

enabling 9-6

entering symmetric key 9-7

manual key configuration checklist (table) 9-7

manual key distribution 9-2

phone support 9-4

symmetric key encryption with public key 9-3

understanding 9-1

using symmetric key encryption w/public key 9-8

verifying 9-9

encryption

configuration checklist (table) for gateways and trunks 22-4

configuration settings (table)

for phone that is running SCCP 6-4

for phone that is running SIP 6-7

for SIP trunk 23-4

configuring for phones 6-3

configuring SRTP allowed check box 22-6

configuring with barge 1-13

for H.323/H.225/H.245 trunk 22-2

for H.323 gateway 22-2

for MGCP gateway 22-1

for SIP trunk 22-3

installing 1-14

interactions 1-7, 12-6

overview 1-22

restrictions 1-7, 1-8, 12-6

signaling

configuring for phones 6-3

configuring for SIP trunk 23-3

with CTI/JTAPI/TAPI applications 20-3

etoken

changing password 4-18

configuring CTL client 4-9

F

file authentication

configuring for phones 6-3

overview 1-17

H

HTTPS

overview 2-1

virtual directories (table) 2-2

with Netscape 2-8, 2-10

I

image authentication

overview 1-17

integrity

overview 1-17

IPSec 1-14

configuration checklist (table) for IPSec 22-4

configuring 22-5

gateway or trunk considerations 22-5

infrastructure considerations 22-5

recommendations 22-5

J

JTAPI

configuration checklist (table) for securing 20-5

configuring security service parameters 20-13

L

locally significant certificate (LSC)

finding phones using 8-9

with CTI/JTAPI/TAPI applications 20-4

M

media encryption (See also encryption)

overview 1-22

MGCP gateway

configuration checklist (table) for security 22-4

configuring 22-5

N

NMAP scans

running 1-24

P

phone hardening

configuring 11-2

disabling the GARP setting 11-1

disabling the PC Port setting 11-2

disabling the PC Voice VLAN Access setting 11-2

disabling the Setting Access setting 11-2

disabling the Web Access setting 11-1

phone security profile

synchronizing configuration to applicable phones 6-11

port

CTL Provider 4-6

Ethernet phone 4-6

SIP secure 4-6

S

secure conference

Cisco Unified IP Phone support 12-5

conference bridge requirements 12-2

conference list 12-3

configuration checklist (table) 12-9

configuration tips 12-8

configuring minimum Meet-Me security 12-11

configuring packet capture 12-12

configuring secure conference bridge 12-10

CTI support 12-6

interactions 12-6

minimum Meet-Me security level 12-3

restrictions 12-6

security icons 12-3

security overview 12-1

trunks and gateways 12-6

secure sockets layer (SSL)

installing 1-14

with HTTPS 2-1

security

authentication overview 1-17

authorization overview 1-17

best practices 1-12

certificate types 1-15

configuration checklist for authentication and encryption (table) 1-25

CTL client overview 4-2

encryption overview 1-22

external CAs 1-15

features list 1-5

HTTPS 2-1

installing 1-14

interactions 1-7, 12-6

rebooting the cluster 1-12

rebooting the server 1-12

resetting devices 1-12

restarting Cisco Unified Communications Manager service 1-12

restrictions 1-7, 1-8, 12-6

SCCP calls (table) 1-5

SIP calls (table) 1-6

system requirements 1-5

terminology (table) 1-2

tokens 4-2, 4-7, 4-9, 4-12, 4-18

using barge with encryption 1-13

where to find more information 1-29

security mode

cluster

configuring 4-14

verifying 4-16

security profile

applying for SIP trunk 23-7

applying to Cisco Unified Mobility Advantage Server 25-4

applying to phones 6-10

configuration settings (table)

for phones that is running SIP 6-7

for phone that is running SCCP 6-4

for SIP trunk 23-4

configuration tips for phones 6-2

configuring for phones 6-3

configuring for SIP trunk 23-3

deleting for Cisco Unified Mobility Advantage server 25-5

deleting for phones 6-12

deleting for SIP trunk 23-9

finding for Cisco Unified Mobility Advantage servers 25-2

finding for phones 6-2

finding for SIP trunk 23-2

finding phones that use 6-12

overview for Cisco Unified Mobility Advantage 25-1

overview for phones 6-1

overview for SIP trunk 23-1

security token

configuring CTL client 4-9

signaling authentication

overview 1-17

signaling encryption

overview 1-22

SIP Trunk security profile

synchronizing configuration to applicable SIP trunks 23-8

Site Administrator Security Token (SAST) 4-2

SRST

configuration checklist (table) for securing 21-3

configuration tips for securing 21-2

overview for securing 21-1

troubleshooting

certificate deleted on gateway 21-5

SRST reference

configuration settings (table) for security 21-5

configuring 21-3

troubleshooting

deleting secured reference 21-5

T

TAPI

configuration checklist (table) for securing 20-5

configuring security service parameters 20-13

Tftp service 4-2

TLS Proxy server 4-2

transport layer security (TLS) 1-14

port 4-6

transport security

and real-time protocol (RTP) 1-14

and secure real-time protocol (SRTP) 1-14

configuration settings (table)

for phone that is running SCCP 6-4

for phone that is running SIP 6-7

for SIP trunk 23-4

configuring for phones that are running SIP 6-3

configuring for SIP trunk 23-3

IPSec 1-14

TLS 1-14

troubleshooting

deleting CTL file on phone 4-18

SRST certificate deleted on gateway 21-5

V

voice messaging

configuration checklist (table) for security 13-3

security overview 13-1

security requirements 13-1

voice messaging port

applying a security profile 13-3

applying a security profile using the Wizard 13-4

configuration checklist (table) for security 13-3

security overview 13-1