Cisco Unified Communications Manager Security Guide, Release 9.0(1)
Cisco Unified Mobility Advantage server security profile setup
Downloads: This chapterpdf (PDF - 414.0KB) The complete bookPDF (PDF - 3.67MB) | Feedback

Cisco Unified Mobility Advantage server security profile setup

Cisco Unified Mobility Advantage server security profile setup

This chapter provides information about Cisco Unified Mobility Advantage server security profile setup.

About Cisco Unified Mobility Advantage server security profile setup

Cisco Unified Communications Manager Administration groups security-related settings to allow you to assign a single security profile to multiple Mobile Communicator clients. Security-related settings include device security mode, incoming transport type, and X.509 subject name. Configuring a Cisco Unified Mobility Advantage server security profile in Cisco Unified Communications Manager Administration automatically applies this profile to all configured Mobile Communicator clients on that Cisco Unified Communications Manager.

Only the security features that the Cisco Unified Mobility Advantage server supports display in the security profile settings window.


Note


You cannot configure Cisco Unified Mobility Advantage servers in Cisco Unified Communications Manager Administration. For information on setting up a security profile for a Cisco Unified Mobility Advantage server, refer to your Cisco Unified Mobility Advantage documentation. Make sure that the Cisco Unified Mobility Advantage Security Profile you configure on Cisco Unified Communications Manager matches the security profile on the Cisco Unified Mobility Advantage servers. For information on configuring a Cisco Unity Cisco Unified Mobility Advantage server security profile, see the Cisco Unified Communications Manager Security Guide.


Find Cisco Unified Mobility Advantage server security profile

To find a Cisco Unified Mobility Advantage server security profile, perform the following procedure:

Procedure
    Step 1   In Cisco Unified Communications Manager Administration, choose System > Security Profile > CUMA Server Security Profile.

    The Find and List CUMA Server Security Profile window displays. Records from an active (prior) query may also display in the window.

    Step 2   To find all records in the database, ensure the dialog box is empty; go to Step 3.

    To filter or search records

    1. From the first drop-down list box, choose a search parameter.
    2. From the second drop-down list box, choose a search pattern.
    3. Specify the appropriate search text, if applicable.
      Note   

      To add additional search criteria, click the + button. When you add criteria, the system searches for a record that matches all criteria that you specify. To remove criteria, click the button to remove the last added criterion or click the Clear Filter button to remove all added search criteria.

    Step 3   Click Find.

    All matching records display. You can change the number of items that display on each page by choosing a different value from the Rows per Page drop-down list box.

    Step 4   From the list of records that display, click the link for the record that you want to view.
    Note   

    To reverse the sort order, click the up or down arrow, if available, in the list header.

    The window displays the item that you choose.


    Set up Cisco Unified Mobility Advantage server security profile

    To add, update, or copy a security profile, perform the following procedure:

    Procedure
      Step 1   In Cisco Unified Communications Manager Administration, choose System > Security Profile > CUMA Server Security Profile.
      Step 2   Perform one of the following tasks:
      1. To add a new profile, click Add New in the Find window and continue with Cisco Unified Mobility Advantage server security profile setup.
      2. To copy an existing security profile, locate the appropriate profile and click the Copy button next to the security profile that you want to copy, and continue with Cisco Unified Mobility Advantage server security profile setup.
      3. To update an existing profile, locate the appropriate security profile and continue with Cisco Unified Mobility Advantage server security profile setup.

        When you click Add New, the configuration window displays with the default settings for each field. When you click Copy, the configuration window displays with the copied settings.

      Step 3   Enter the appropriate settings as described in Table 1
      Step 4   Click Save.

      Cisco Unified Mobility Advantage server security profile settings

      The following table describes the settings for the Cisco Unified Mobility Advantage Server security profiles.

      Table 1 Security Profile Settings

      Setting

      Description

      Name

      Enter a name for the security profile.

      Tip    Include the device model in the security profile name to help you find the correct profile when you are searching for or updating a profile.

      Description

      Enter a description for the security profile.The description can include up to 50 characters in any language, but it cannot include double-quotes ("), percentage sign (%), ampersand (&), back-slash (\), or angle brackets (<>).

      Device Security Mode

      From the drop-down list box, choose one of the following options:

      • Non Secure—No security features except image authentication exist for the Cisco Unified Mobility Advantage server. A TCP connection opens to Cisco Unified Communications Manager.
      • Authenticated Cisco Unified Communications Manager provides integrity and authentication for the Cisco Unified Mobility Advantage server. A TLS connection that uses NULL/SHA opens for signaling.
      • Encrypted Cisco Unified Communications Manager provides integrity, authentication, and encryption for the Cisco Unified Mobility Advantage server. A TLS connection that uses AES128/SHA opens for signaling, and SRTP carries the media for all mobile calls.

      Transport Type

      When Device Security Mode is Non Secure, choose the following option from the drop-down list box:

      • TCP—Choose the Transmission Control Protocol to ensure that packets get received in the same order as the order in which they are sent. This protocol ensures that no packets get dropped, but the protocol does not provide any security.

      When Device Security Mode is Authenticated or Encrypted, TLS specifies the Transport Type. TLS provides signaling integrity, device authentication, and signaling encryption (encrypted mode only).

      X.509 Subject Name

      (Required for Authenticated or Encrypted Device Security Mode setting.) This field applies if you configured TLS as the transport type.

      X.509 is an ITU Telecommunication Standardization Sector standard for Public Key Infrastructure in cryptography. The subject name corresponds to the source connection TLS certificate.

      If multiple X.509 subject names exist, enter one of the following characters to separate the names: space, comma, semicolon, or a colon.

      You can enter up to 4096 characters in this field.

      Related References

      Cisco Unified Mobility Advantage server security profile client application

      No "Device Security Profile" field exists on the device configuration window for a Mobile Communicator client, which means that you do not have to manually apply the Cisco Unified Mobility Advantage Server Security profile to a client.

      Configuring a Cisco Unified Mobility Advantage server security profile in Cisco Unified Communications Manager Administration automatically applies this profile to all configured Mobile Communicator clients on that Cisco Unified Communications Manager.

      Delete Cisco Unified Mobility Advantage server security profile

      This section describes how to delete a Cisco Unified Mobility Advantage server security profile from the Cisco Unified Communications Manager database.

      Procedure
        Step 1   Find the security profile to delete.
        Step 2   To delete a security profile, perform the following task:
        1. In the Find and List window, check the check box next to the appropriate security profile; then, click Delete Selected.
        Step 3   When prompted to confirm the delete operation, click OK to delete or Cancel to cancel the delete operation.

        Where to Find More Information about Cisco Unified Mobility Advantage server security profile