Cisco Unified Communications Manager Security Guide, Release 8.5(1) - Configuring Encryption to Analog Endpoints [Cisco Unified Communications Manager (CallManager)]

Table Of Contents

Configuring Encryption to Analog Endpoints

Phone Security Profile

Certificate Management

Configuring Encryption to Analog Endpoints

This feature enables you to create a secure SCCP connection for analog phones to a Cisco VG2xx Gateway. The gateway uses Transport Layer Security (TLS) with Cisco Unified Communications Manager for SCCP signaling communication and uses SRTP for voice communication. The existing Cisco Unified Communications Manager TLS functionality, including certificate management, is used for secure SCCP communication.

This chapter contains the following sections:

•Phone Security Profile

•Certificate Management

Phone Security Profile

To establish an encrypted connection to analog phones, you must create a Phone Security Profile for analog phones with the Device Security Mode parameter set to Authenticated or Encrypted. To create a Phone Security Profile, navigate to System > Security Profile > Phone Security Profile in Cisco Unified Communications Manager Administration.

For more information about creating a Phone Security Profile, see Chapter 7, "Configuring a Phone Security Profile" in the Cisco Unified Communications Manager Security Guide.

When you configure an analog phone attached to a Cisco VG2xx gateway, choose the secure analog profile you created for the Device Security Profile parameter. To configure the Device Security Profile parameter, navigate to Device > Phone in Cisco Unified Communications Manager Administration and scroll down to the Protocol Specific Information section for the phone you want to configure.

Certificate Management

For secure analog phones to function, you must import the same CA-signed certificate into Cisco Unified Communications Manager that is being used by the Cisco VG2xx Gateway. For more information about importing certificates, see Chapter 6, "Security," in the Cisco Unified Communications Operating System Administration Guide.

	Cisco Unified Communications Manager Security Guide, Release 8.5(1)
	Configuring Encryption to Analog Endpoints
Cisco Unified Communications Manager Security Guide, Release 8.5(1) Preface Security Basics Security Overview Using Hypertext Transfer Protocol over Secure Sockets Layer (HTTPS) Security by Default Configuring the Cisco CTL Client Certificate Configuration Security for Cisco Unified IP Phones and Cisco Voice-Messaging Ports Phone Security Overview Configuring a Phone Security Profile Configuring Secure and Nonsecure Indication Tone Configuring Encryption to Analog Endpoints Using the Certificate Authority Proxy Function Configuring Encrypted Phone Configuration Files Configuring Digest Authentication for the SIP Phone Phone Hardening Configuring Secure Conference Resources Configuring Voice-Messaging Ports for Security Configuring Secure Call Monitoring and Recording Virtual Private Networks for Cisco Unified IP Phones Configuring Virtual Private Networks Configuring a VPN Gateway Configuring a VPN Group Configuring a VPN Profile VPN Feature Configuration Security for Cisco CTI, JTAPI, and TAPI Applications Configuring Authentication and Encryption for CTI, JTAPI, and TAPI Security for SRST References, Trunks, and Gateways Configuring a Secure Survivable Remote Site Telephony (SRST) Reference Configuring Encryption for Gateways and Trunks Configuring a SIP Trunk Security Profile Configuring Digest Authentication for the SIP Trunk Configuring a Cisco Unified Mobility Advantage Server Security Profile Index	Download this chapter Configuring Encryption to Analog Endpoints Download the complete book Cisco Unified Communications Manager Security Guide, Release 8.5(1) (PDF - 4 MB) Feedback Table Of Contents Configuring Encryption to Analog Endpoints Phone Security Profile Certificate Management Configuring Encryption to Analog Endpoints This feature enables you to create a secure SCCP connection for analog phones to a Cisco VG2xx Gateway. The gateway uses Transport Layer Security (TLS) with Cisco Unified Communications Manager for SCCP signaling communication and uses SRTP for voice communication. The existing Cisco Unified Communications Manager TLS functionality, including certificate management, is used for secure SCCP communication. This chapter contains the following sections: •Phone Security Profile •Certificate Management Phone Security Profile To establish an encrypted connection to analog phones, you must create a Phone Security Profile for analog phones with the Device Security Mode parameter set to Authenticated or Encrypted. To create a Phone Security Profile, navigate to System > Security Profile > Phone Security Profile in Cisco Unified Communications Manager Administration. For more information about creating a Phone Security Profile, see Chapter 7, "Configuring a Phone Security Profile" in the Cisco Unified Communications Manager Security Guide. When you configure an analog phone attached to a Cisco VG2xx gateway, choose the secure analog profile you created for the Device Security Profile parameter. To configure the Device Security Profile parameter, navigate to Device > Phone in Cisco Unified Communications Manager Administration and scroll down to the Protocol Specific Information section for the phone you want to configure. Certificate Management For secure analog phones to function, you must import the same CA-signed certificate into Cisco Unified Communications Manager that is being used by the Cisco VG2xx Gateway. For more information about importing certificates, see Chapter 6, "Security," in the Cisco Unified Communications Operating System Administration Guide.
	Terms & Conditions \| Privacy Statement \| Cookie Policy \| Trademarks