Cisco Unified Communications Manager Security Guide, Release 8.5(1)
Configuring a Cisco Unified Mobility Advantage Server Security Profile
Downloads: This chapterpdf (PDF - 378.0KB) The complete bookPDF (PDF - 6.01MB) | Feedback

Configuring a Cisco Unified Mobility Advantage Server Security Profile

Table Of Contents

Configuring a Cisco Unified Mobility Advantage Server Security Profile

Cisco Unified Mobility Advantage Server Security Profile Overview

Finding a Cisco Unified Mobility Advantage Server Security Profile

Configuring a Cisco Unified Mobility Advantage Server Security Profile

Cisco Unified Mobility Advantage Server Security Profile Configuration Settings

Applying a Cisco Unified Mobility Advantage Server Security Profile

Deleting a Cisco Unified Mobility Advantage Server Security Profile

Where to Find More Information


Configuring a Cisco Unified Mobility Advantage Server Security Profile


This chapter contains information on the following topics:

Cisco Unified Mobility Advantage Server Security Profile Overview

Finding a Cisco Unified Mobility Advantage Server Security Profile

Configuring a Cisco Unified Mobility Advantage Server Security Profile

Cisco Unified Mobility Advantage Server Security Profile Configuration Settings

Applying a Cisco Unified Mobility Advantage Server Security Profile

Deleting a Cisco Unified Mobility Advantage Server Security Profile

Where to Find More Information

Cisco Unified Mobility Advantage Server Security Profile Overview

Cisco Unified Communications Manager Administration groups security-related settings to allow you to assign a single security profile to multiple Mobile Communicator clients. Security-related settings include device security mode, incoming transport type, and X.509 subject name. Configuring a Cisco Unified Mobility Advantage server security profile in Cisco Unified Communications Manager Administration automatically applies this profile to all configured Mobile Communicator clients on that Cisco Unified Communications Manager.

Only the security features that the Cisco Unified Mobility Advantage server supports display in the security profile settings window.


Note You cannot configure Cisco Unified Mobility Advantage servers in Cisco Unified Communications Manager Administration. For information on setting up a security profile for a Cisco Unified Mobility Advantage server, refer to your Cisco Unified Mobility Advantage documentation. Make sure that the Cisco Unified Mobility Advantage Security Profile you configure on Cisco Unified Communications Manager matches the security profile on the Cisco Unified Mobility Advantage servers. For information on configuring a Cisco Unity Cisco Unified Mobility Advantage server security profile, see the Cisco Unified Communications Manager Security Guide.


Finding a Cisco Unified Mobility Advantage Server Security Profile

To find a Cisco Unified Mobility Advantage server security profile, perform the following procedure:

Procedure


Step 1 In Cisco Unified Communications Manager Administration, choose System > Security Profile > CUMA Server Security Profile.

The Find and List CUMA Server Security Profile window displays. Records from an active (prior) query may also display in the window.

Step 2 To find all records in the database, ensure the dialog box is empty; go to Step 3.

To filter or search records

From the first drop-down list box, choose a search parameter.

From the second drop-down list box, choose a search pattern.

Specify the appropriate search text, if applicable.


Note To add additional search criteria, click the + button. When you add criteria, the system searches for a record that matches all criteria that you specify. To remove criteria, click the - button to remove the last added criterion or click the Clear Filter button to remove all added search criteria.


Step 3 Click Find.

All matching records display. You can change the number of items that display on each page by choosing a different value from the Rows per Page drop-down list box.

Step 4 From the list of records that display, click the link for the record that you want to view.


Note To reverse the sort order, click the up or down arrow, if available, in the list header.


The window displays the item that you choose.


Additional Information

See the "Related Topics" section.

Configuring a Cisco Unified Mobility Advantage Server Security Profile

To add, update, or copy a security profile, perform the following procedure:

Procedure


Step 1 In Cisco Unified Communications Manager Administration, choose System > Security Profile > CUMA Server Security Profile.

Step 2 Perform one of the following tasks:

To add a new profile, click Add New in the Find window and continue with Step 3.

To copy an existing security profile, locate the appropriate profile as described in "Finding a Cisco Unified Mobility Advantage Server Security Profile" section, click the Copy button next to the security profile that you want to copy, and continue with Step 3.

To update an existing profile, locate the appropriate security profile as described in "Finding a Cisco Unified Mobility Advantage Server Security Profile" section and continue with Step 3.

When you click Add New, the configuration window displays with the default settings for each field. When you click Copy, the configuration window displays with the copied settings.

Step 3 Enter the appropriate settings as described in Table 27-1

Step 4 Click Save.


Additional Information

See the "Related Topics" section.

Cisco Unified Mobility Advantage Server Security Profile Configuration Settings

Table 27-1 describes the settings for the Cisco Unified Mobility Advantage Server security profiles.

For configuration tips, see the "Finding a Cisco Unified Mobility Advantage Server Security Profile" section.

For related information and procedures, see the "Related Topics" section.

Table 27-1 Cisco Unified Mobility Advantage Server Security Profile  

Setting
Description

Name

Enter a name for the security profile.

Tip Include the device model in the security profile name to help you find the correct profile when you are searching for or updating a profile.

Description

Enter a description for the security profile.The description can include up to 50 characters in any language, but it cannot include double-quotes ("), percentage sign (%), ampersand (&), back-slash (\), or angle brackets (<>).

Device Security Mode

From the drop-down list box, choose one of the following options:

Non Secure—No security features except image authentication exist for the Cisco Unified Mobility Advantage server. A TCP connection opens to Cisco Unified Communications Manager.

Authenticated—Cisco Unified Communications Manager provides integrity and authentication for the Cisco Unified Mobility Advantage server. A TLS connection that uses NULL/SHA opens for signaling.

Encrypted—Cisco Unified Communications Manager provides integrity, authentication, and encryption for the Cisco Unified Mobility Advantage server. A TLS connection that uses AES128/SHA opens for signaling, and SRTP carries the media for all mobile calls.

Transport Type

When Device Security Mode is Non Secure, choose the following option from the drop-down list box:

TCP—Choose the Transmission Control Protocol to ensure that packets get received in the same order as the order in which they are sent. This protocol ensures that no packets get dropped, but the protocol does not provide any security.

When Device Security Mode is Authenticated or Encrypted, TLS specifies the Transport Type. TLS provides signaling integrity, device authentication, and signaling encryption (encrypted mode only).

X.509 Subject Name

(Required for Authenticated or Encrypted Device Security Mode setting.) This field applies if you configured TLS as the transport type.

X.509 is an ITU Telecommunication Standardization Sector standard for Public Key Infrastructure in cryptography. The subject name corresponds to the source connection TLS certificate.

If multiple X.509 subject names exist, enter one of the following characters to separate the names: space, comma, semicolon, or a colon.

You can enter up to 4096 characters in this field.


Applying a Cisco Unified Mobility Advantage Server Security Profile

No "Device Security Profile" field exists on the device configuration window for a Mobile Communicator client, which means that you do not have to manually apply the Cisco Unified Mobility Advantage Server Security profile to a client.

Configuring a Cisco Unified Mobility Advantage server security profile in Cisco Unified Communications Manager Administration automatically applies this profile to all configured Mobile Communicator clients on that Cisco Unified Communications Manager.

Additional Information

See the "Related Topics" section.

Deleting a Cisco Unified Mobility Advantage Server Security Profile

This section describes how to delete a Cisco Unified Mobility Advantage server security profile from the Cisco Unified Communications Manager database.

Procedure


Step 1 Find the security profile by using the procedure in the "Finding a Cisco Unified Mobility Advantage Server Security Profile" section.

Step 2 To delete a security profile, perform the following task:

In the Find and List window, check the check box next to the appropriate security profile; then, click Delete Selected.

Step 3 When prompted to confirm the delete operation, click OK to delete or Cancel to cancel the delete operation.


Additional Information

See the "Related Topics" section.

Where to Find More Information

Related Topics

Cisco Unified Mobility Advantage Server Security Profile Overview

Finding a Cisco Unified Mobility Advantage Server Security Profile

Finding a Cisco Unified Mobility Advantage Server Security Profile

Configuring a Cisco Unified Mobility Advantage Server Security Profile

Cisco Unified Mobility Advantage Server Security Profile Configuration Settings

Applying a Cisco Unified Mobility Advantage Server Security Profile

Deleting a Cisco Unified Mobility Advantage Server Security Profile