The Cisco Unified Communications system takes a layered approach to protecting against various attacks, including denial of service (DOS), privacy, and toll fraud. Security features include:
•
Encryption of signaling and media—Ensures that the signaling and the actual phone conversations are protected against unintended interception by third parties.
•Catalyst Integrated Security Features (CISF)—Includes private VLANs, port security, DHCP snooping, IPSource Guard, secure Address Resolution Protocol (ARP) detection, and dynamic ARP inspection. These features protect the network against attacks such as man-in-the-middle attacks and other spoofing.
•Integration with firewalls—Ensures that system platforms are accessible only by authorized devices. The firewall acts as a guardian between all IP devices and the Cisco Unified Communications system platforms, ensuring that only specific transactions are allowed.
•Secure platforms—Provides features, such as host-based intrusion detection, optional security scripts, and anti-virus software, that ensure that the platform is hardened against intruders and malicious code.
•Enhanced phone security features—Provides configurable levels of security. Options include configuring the phone to ignore Gratuitous Address Resolution Protocol (GARP) requests, disabling the PC port on the phone, disabling access to network configuration settings on a phone, and configuring a phone to accept only digitally signed firmware images.