Cisco Unified Communications Manager Security Guide, Release 6.0(1) - Index [Cisco Unified Communications Manager (CallManager)]

Table Of Contents

A - B - C - D - E - F - H - I - J - L - M - P - S - T - V -

Index

A

authentication

device1-16

digest1-16

interactions1-6, 1-7

overview1-16

restrictions1-6, 1-7

with CTI/JTAPI/TAPI applications12-2

authentication string

entering on phone6-9

finding phones using6-7

with CAPF6-1

with CTI/JTAPI/TAPI applications12-4

authorization

configuration settings (table)

for SIP trunk15-4

configuring for SIP trunk15-3

interactions1-7

overview1-16

B

barge

encryption restrictions with1-13

security10-1

security icons10-3

C

Certificate Authority Proxy Function (CAPF)

activating service6-5, 12-8

authentication string

entering on phone6-9

CAPF service3-5

configuration checklist (table)6-4

configuration settings (table)

for CTI/JTAPI/TAPI applications12-11

for phones6-7

configuring an application user or end user CAPF profile12-10

configuring in Cisco Unified Serviceability6-3

deleting an application user or end user CAPF profile12-12

finding an application user or end user CAPF profile12-9

finding phones using LSC or authentication string6-7

generating CAPF report6-8

installing1-13

interactions and requirements6-3

interaction with Cisco Unified IP Phone6-2

overview6-1

updating service parameters6-5

using for phone certificate operations6-6

viewing certificate operation status for application user or end user12-14

with CTI/JTAPI/TAPI applications

interactions and requirements12-5

overview12-4

updating service parameters12-8

certificates

external CAs1-13

Internet Explorer certificate2-2

Netscape certificate2-5

types1-13

Certificate Signing Requests (CSRs)1-13

Cisco Unified IP Phone

authentication string

entering on phone6-9

configuration checklist (table) for security4-2

configuration settings (table)

for CAPF6-7

configuration tips for phone security profiles5-1

deleting CTL file3-17

disabling the GARP setting9-1

disabling the PC Port setting9-2

disabling the PC Voice VLAN Access setting9-2

disabling the Setting Access setting9-2

disabling the Web Access setting9-1

encrypted configuration file7-1

interaction with CAPF6-2

secure conference support10-5

security icons1-6

understanding security4-1

viewing security settings4-2

computer telephony integration (CTI)

configuration checklist (table) for securing12-5

secure user groups

adding application users and end users12-7

conference bridge

conference list10-3

configuration checklist (table) for security10-9

configuration tips for security10-8

configuring minimum Meet-Me security10-11

configuring packet capture on a secure conference bridge10-12

configuring security10-10

minimum Meet-Me security level10-3

security10-1

security icons10-3

security interactions10-6

security requirements10-2

security restrictions10-6

configuration file

encryption1-21

CTL client

CAPF service3-5

cluster security mode

updating3-13

configuration checklist (table)3-3

configuration settings (table)3-13

configuration tips3-2

configuring

CTL client3-8

TLS port3-5

CTL Provider service3-4

deleting CTL file on phone3-17

installing1-13, 3-6

migrating3-7

overview3-1

security mode

verifying3-15

security token

changing password3-17

configuring CTL client3-8

setting the Smart Card service3-16

uninstalling3-18

upgrading3-7

verifying3-18

version

determining3-18

CTL file

deleting entry3-12

deleting on phone3-17

updating3-11

CTL Provider

activating service3-4

D

device authentication

configuration settings (table)

for SCCP phone5-4

for SIP phones5-6

for SIP trunk15-4

configuring for phones5-3

configuring for SIP trunk15-3

overview1-16

digest authentication

associating digest user with a phone8-4

cluster ID16-2

configuration checklist (table)

for phones8-1

for SIP trunk16-1

configuration settings (table)

for application user digest credentials16-3

for end user8-3

for SIP phones5-6

for SIP realm16-5

for SIP trunk15-4

configuring a SIP realm16-4

configuring digest credentials

for application user16-2

for end user8-3

configuring for phones5-3

configuring for SIP trunk15-3

configuring service parameters8-2

deleting a SIP realm16-5

finding a SIP realm16-3

overview1-16

E

encrypted configuration file

configuration checklist (table)7-5

configuration settings (table)

for manual key7-7

configuration tips7-4

configuring manual key distribution7-6

disabling7-9

enabling7-6

entering symmetric key7-7

manual key configuration checklist (table)7-7

manual key distribution7-2

phone support7-4

symmetric key encryption with public key7-3

understanding7-1

using symmetric key encryption w/public key7-8

verifying7-9

encryption

configuration checklist (table) for gateways and trunks14-3

configuration settings (table)

for SCCP phone5-4

for SIP phone5-6

for SIP trunk15-4

configuring for phones5-3

configuring SRTP allowed check box14-5

configuring with barge1-13

for H.323/H.225/H.245 trunk14-2

for H.323 gateway14-2

for MGCP gateway14-1

for SIP trunk14-3

installing1-13

interactions1-6, 1-7, 10-6

overview1-21

restrictions1-6, 1-7, 10-6

signaling

configuring for phones5-3

configuring for SIP trunk15-3

with CTI/JTAPI/TAPI applications12-3

etoken

changing password3-17

configuring CTL client3-8

F

file authentication

configuring for phones5-3

overview1-16

H

HTTPS

overview2-1

virtual directories (table)2-1

with Internet Explorer2-2

with Netscape2-5

I

image authentication

overview1-16

integrity

overview1-16

IPSec

configuration checklist (table) for IPSec14-3

configuring14-4

gateway or trunk considerations14-5

infrastructure considerations14-4

recommendations14-4, 14-5

J

JTAPI

configuration checklist (table) for securing12-5

configuring security service parameters12-13

L

locally significant certificate (LSC)

finding phones using6-7

with CTI/JTAPI/TAPI applications12-4

M

media encryption (See also encryption)

overview1-21

MGCP gateway

configuration checklist (table) for security14-3

configuring14-4, 14-5

P

phone hardening

configuring9-2

disabling the GARP setting9-1

disabling the PC Port setting9-2

disabling the PC Voice VLAN Access setting9-2

disabling the Setting Access setting9-2

disabling the Web Access setting9-1

port

CTL Provider3-5

Ethernet phone3-5

SIP secure3-5

S

secure conference

Cisco Unified IP Phone support10-5

conference bridge requirements10-2

conference list10-3

configuration checklist (table)10-9

configuration tips10-8

configuring minimum Meet-Me security10-11

configuring packet capture10-12

configuring secure conference bridge10-10

CTI support10-6

interactions10-6

minimum Meet-Me security level10-3

restrictions10-6

security icons10-3

security overview10-1

trunks and gateways10-6

secure sockets layer (SSL)

installing1-13

with HTTPS2-1

security

adding a subscriber node to a secure cluster1-27

authentication overview1-16

authorization overview1-16

best practices1-11

certificate types1-13

configuration checklist for authentication and encryption (table)1-23

CTL client overview3-1

encryption overview1-21

external CAs1-13

features list1-5

HTTPS2-1

installing1-13

interactions1-6, 1-7, 10-6

rebooting the cluster1-12

rebooting the server1-12

resetting devices1-12

restarting Cisco Unified Communications Manager service1-12

restrictions1-6, 1-7, 10-6

SCCP calls (table)1-5

SIP calls (table)1-6

system requirements1-5

terminology (table)1-2

tokens3-1, 3-6, 3-8, 3-11, 3-17

using barge with encryption1-13

where to find more information1-27

security mode

cluster

configuring3-13

verifying3-15

security profile

applying for SIP trunk15-7

applying to phones5-9

configuration settings (table)

for SCCP phone5-4

for SIP phones5-6

for SIP trunk15-4

configuration tips for phones5-1

configuring for phones5-3

configuring for SIP trunk15-3

deleting for phones5-10

deleting for SIP trunk15-8

finding for phones5-2

finding for SIP trunk15-2

finding phones that use5-11

overview for phones5-1

overview for SIP trunk15-1

security token

configuring CTL client3-8

signaling authentication

overview1-16

signaling encryption

overview1-21

Site Administrator Security Token (SAST)3-1

SRST

configuration checklist (table) for securing13-3

configuration tips for securing13-2

overview for securing13-1

troubleshooting

certificate deleted on gateway13-5

SRST reference

configuration settings (table) for security13-5

configuring13-3

troubleshooting

deleting secured reference13-5

T

TAPI

configuration checklist (table) for securing12-5

configuring security service parameters12-13

Tftp service3-1

TLS Proxy server3-1

transport layer security (TLS)

port3-5

transport security

configuration settings (table)

for SCCP phone5-4

for SIP phone5-6

for SIP trunk15-4

configuring for SIP phones5-3

configuring for SIP trunk15-3

troubleshooting

deleting CTL file on phone3-17

SRST certificate deleted on gateway13-5

V

voice messaging

configuration checklist (table) for security11-3

security overview11-1

security requirements11-1

voice messaging port

applying a security profile11-3

applying a security profile using the Wizard11-4

configuration checklist (table) for security11-3

security overview11-1

	Cisco Unified Communications Manager Security Guide, Release 6.0(1)
	Index
Cisco Unified Communications Manager Security Guide, Release 6.0(1) Index Preface Security Basics Security Overview Using Hypertext Transfer Protocol over Secure Sockets Layer (HTTPS) Configuring the Cisco CTL Client Security for Cisco Unified IP Phones and Cisco Unity Voice Messaging Ports Phone Security Overview Configuring a Phone Security Profile Using the Certificate Authority Proxy Function Configuring Encrypted Phone Configuration Files Configuring Digest Authentication for the SIP Phone Phone Hardening Configuring Secure Conference Resources Configuring Voice Messaging Ports for Security Security for Cisco CTI, JTAPI, and TAPI Applications Configuring Authentication and Encryption for CTI, JTAPI, and TAPI Security for SRST References, Trunks, and Gateways Configuring a Secure Survivable Remote Site Telephony (SRST) Reference Configuring Encryption for Gateways and Trunks Configuring a SIP Trunk Security Profile Configuring Digest Authentication for the SIP Trunk	Download this chapter Index Download the complete book Cisco Unified Communications Manager Security Guide, Release 6.0(1) (PDF - 5 MB) Feedback Table Of Contents A - B - C - D - E - F - H - I - J - L - M - P - S - T - V - Index A authentication device1-16 digest1-16 interactions1-6, 1-7 overview1-16 restrictions1-6, 1-7 with CTI/JTAPI/TAPI applications12-2 authentication string entering on phone6-9 finding phones using6-7 with CAPF6-1 with CTI/JTAPI/TAPI applications12-4 authorization configuration settings (table) for SIP trunk15-4 configuring for SIP trunk15-3 interactions1-7 overview1-16 B barge encryption restrictions with1-13 security10-1 security icons10-3 C Certificate Authority Proxy Function (CAPF) activating service6-5, 12-8 authentication string entering on phone6-9 CAPF service3-5 configuration checklist (table)6-4 configuration settings (table) for CTI/JTAPI/TAPI applications12-11 for phones6-7 configuring an application user or end user CAPF profile12-10 configuring in Cisco Unified Serviceability6-3 deleting an application user or end user CAPF profile12-12 finding an application user or end user CAPF profile12-9 finding phones using LSC or authentication string6-7 generating CAPF report6-8 installing1-13 interactions and requirements6-3 interaction with Cisco Unified IP Phone6-2 overview6-1 updating service parameters6-5 using for phone certificate operations6-6 viewing certificate operation status for application user or end user12-14 with CTI/JTAPI/TAPI applications interactions and requirements12-5 overview12-4 updating service parameters12-8 certificates external CAs1-13 Internet Explorer certificate2-2 Netscape certificate2-5 types1-13 Certificate Signing Requests (CSRs)1-13 Cisco Unified IP Phone authentication string entering on phone6-9 configuration checklist (table) for security4-2 configuration settings (table) for CAPF6-7 configuration tips for phone security profiles5-1 deleting CTL file3-17 disabling the GARP setting9-1 disabling the PC Port setting9-2 disabling the PC Voice VLAN Access setting9-2 disabling the Setting Access setting9-2 disabling the Web Access setting9-1 encrypted configuration file7-1 interaction with CAPF6-2 secure conference support10-5 security icons1-6 understanding security4-1 viewing security settings4-2 computer telephony integration (CTI) configuration checklist (table) for securing12-5 secure user groups adding application users and end users12-7 conference bridge conference list10-3 configuration checklist (table) for security10-9 configuration tips for security10-8 configuring minimum Meet-Me security10-11 configuring packet capture on a secure conference bridge10-12 configuring security10-10 minimum Meet-Me security level10-3 security10-1 security icons10-3 security interactions10-6 security requirements10-2 security restrictions10-6 configuration file encryption1-21 CTL client CAPF service3-5 cluster security mode updating3-13 configuration checklist (table)3-3 configuration settings (table)3-13 configuration tips3-2 configuring CTL client3-8 TLS port3-5 CTL Provider service3-4 deleting CTL file on phone3-17 installing1-13, 3-6 migrating3-7 overview3-1 security mode verifying3-15 security token changing password3-17 configuring CTL client3-8 setting the Smart Card service3-16 uninstalling3-18 upgrading3-7 verifying3-18 version determining3-18 CTL file deleting entry3-12 deleting on phone3-17 updating3-11 CTL Provider activating service3-4 D device authentication configuration settings (table) for SCCP phone5-4 for SIP phones5-6 for SIP trunk15-4 configuring for phones5-3 configuring for SIP trunk15-3 overview1-16 digest authentication associating digest user with a phone8-4 cluster ID16-2 configuration checklist (table) for phones8-1 for SIP trunk16-1 configuration settings (table) for application user digest credentials16-3 for end user8-3 for SIP phones5-6 for SIP realm16-5 for SIP trunk15-4 configuring a SIP realm16-4 configuring digest credentials for application user16-2 for end user8-3 configuring for phones5-3 configuring for SIP trunk15-3 configuring service parameters8-2 deleting a SIP realm16-5 finding a SIP realm16-3 overview1-16 E encrypted configuration file configuration checklist (table)7-5 configuration settings (table) for manual key7-7 configuration tips7-4 configuring manual key distribution7-6 disabling7-9 enabling7-6 entering symmetric key7-7 manual key configuration checklist (table)7-7 manual key distribution7-2 phone support7-4 symmetric key encryption with public key7-3 understanding7-1 using symmetric key encryption w/public key7-8 verifying7-9 encryption configuration checklist (table) for gateways and trunks14-3 configuration settings (table) for SCCP phone5-4 for SIP phone5-6 for SIP trunk15-4 configuring for phones5-3 configuring SRTP allowed check box14-5 configuring with barge1-13 for H.323/H.225/H.245 trunk14-2 for H.323 gateway14-2 for MGCP gateway14-1 for SIP trunk14-3 installing1-13 interactions1-6, 1-7, 10-6 overview1-21 restrictions1-6, 1-7, 10-6 signaling configuring for phones5-3 configuring for SIP trunk15-3 with CTI/JTAPI/TAPI applications12-3 etoken changing password3-17 configuring CTL client3-8 F file authentication configuring for phones5-3 overview1-16 H HTTPS overview2-1 virtual directories (table)2-1 with Internet Explorer2-2 with Netscape2-5 I image authentication overview1-16 integrity overview1-16 IPSec configuration checklist (table) for IPSec14-3 configuring14-4 gateway or trunk considerations14-5 infrastructure considerations14-4 recommendations14-4, 14-5 J JTAPI configuration checklist (table) for securing12-5 configuring security service parameters12-13 L locally significant certificate (LSC) finding phones using6-7 with CTI/JTAPI/TAPI applications12-4 M media encryption (See also encryption) overview1-21 MGCP gateway configuration checklist (table) for security14-3 configuring14-4, 14-5 P phone hardening configuring9-2 disabling the GARP setting9-1 disabling the PC Port setting9-2 disabling the PC Voice VLAN Access setting9-2 disabling the Setting Access setting9-2 disabling the Web Access setting9-1 port CTL Provider3-5 Ethernet phone3-5 SIP secure3-5 S secure conference Cisco Unified IP Phone support10-5 conference bridge requirements10-2 conference list10-3 configuration checklist (table)10-9 configuration tips10-8 configuring minimum Meet-Me security10-11 configuring packet capture10-12 configuring secure conference bridge10-10 CTI support10-6 interactions10-6 minimum Meet-Me security level10-3 restrictions10-6 security icons10-3 security overview10-1 trunks and gateways10-6 secure sockets layer (SSL) installing1-13 with HTTPS2-1 security adding a subscriber node to a secure cluster1-27 authentication overview1-16 authorization overview1-16 best practices1-11 certificate types1-13 configuration checklist for authentication and encryption (table)1-23 CTL client overview3-1 encryption overview1-21 external CAs1-13 features list1-5 HTTPS2-1 installing1-13 interactions1-6, 1-7, 10-6 rebooting the cluster1-12 rebooting the server1-12 resetting devices1-12 restarting Cisco Unified Communications Manager service1-12 restrictions1-6, 1-7, 10-6 SCCP calls (table)1-5 SIP calls (table)1-6 system requirements1-5 terminology (table)1-2 tokens3-1, 3-6, 3-8, 3-11, 3-17 using barge with encryption1-13 where to find more information1-27 security mode cluster configuring3-13 verifying3-15 security profile applying for SIP trunk15-7 applying to phones5-9 configuration settings (table) for SCCP phone5-4 for SIP phones5-6 for SIP trunk15-4 configuration tips for phones5-1 configuring for phones5-3 configuring for SIP trunk15-3 deleting for phones5-10 deleting for SIP trunk15-8 finding for phones5-2 finding for SIP trunk15-2 finding phones that use5-11 overview for phones5-1 overview for SIP trunk15-1 security token configuring CTL client3-8 signaling authentication overview1-16 signaling encryption overview1-21 Site Administrator Security Token (SAST)3-1 SRST configuration checklist (table) for securing13-3 configuration tips for securing13-2 overview for securing13-1 troubleshooting certificate deleted on gateway13-5 SRST reference configuration settings (table) for security13-5 configuring13-3 troubleshooting deleting secured reference13-5 T TAPI configuration checklist (table) for securing12-5 configuring security service parameters12-13 Tftp service3-1 TLS Proxy server3-1 transport layer security (TLS) port3-5 transport security configuration settings (table) for SCCP phone5-4 for SIP phone5-6 for SIP trunk15-4 configuring for SIP phones5-3 configuring for SIP trunk15-3 troubleshooting deleting CTL file on phone3-17 SRST certificate deleted on gateway13-5 V voice messaging configuration checklist (table) for security11-3 security overview11-1 security requirements11-1 voice messaging port applying a security profile11-3 applying a security profile using the Wizard11-4 configuration checklist (table) for security11-3 security overview11-1
	Terms & Conditions \| Privacy Statement \| Cookie Policy \| Trademarks