Field Notice: FN - 64280 - Applications That Access the UCCE Database Need to Be Revised to Add Support for TLS 1.2

Available Languages

Updated:April 12, 2017

Document ID:FN64280

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

NOTICE:

THIS FIELD NOTICE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTY OF MERCHANTABILITY. YOUR USE OF THE INFORMATION ON THE FIELD NOTICE OR MATERIALS LINKED FROM THE FIELD NOTICE IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS FIELD NOTICE AT ANY TIME.

Revision History

Revision	Date	Comment
1.1	12-APR-2017	Updated the Problem Description, Background, Problem Symptoms, and Workaround/Solution Sections
1.0	31-MAR-2017	Initial Public Release

Products Affected

Products Affected
UCCE/ICM 11.6(X)

Problem Description

In order to address the revised Payment Card Industry Data Security Standard (PCI DSS), Unified Contact Center Enterprise (UCCE) Release 11.6 REMOVES support for Transport Layer Security (TLS) protocol 1.0 and 1.1 and ADDS support for TLS 1.2.

Database drivers that give applications access to the UCCE database need to be revised in order to add support for TLS 1.2 or database access operations will fail (even if encryption is not used). OEMs and partners that make products that connect to the UCCE database are required to adjust their interfaces to support TLS 1.2 if they do not already.

Note: There is no impact to customers for UCCE 10.5 and 11.x. These support TLS 1.0, 1.1, and 1.2.

Background

The stricter TLS enforcement is introduced with UCCE Release 11.6.

UCCE database access operations will fail from third-party applications if the database driver supplied does not support TLS 1.2. Applications that access the UCCE database need to be revised in order to add support for TLS 1.2.

Implementation of this change allows uninterrupted access to UCCE data and improves security protection.

Problem Symptoms

UCCE database access operations fail from third-party applications.

TLS 1.2 support in a third-party application needs to be verified with the vendor or confirmed by a test before UCCE 11.6 is deployed to the production environment. This includes third-party application access to Administrative Workstation (AW), Historical Data Server (HDS), Logger, and custom integrations.

The OS Version affected is Windows 2012.

Workaround/Solution

UCCE software partners should proactively add TLS 1.2 support to their applications so that they are prepared to support UCCE with TLS 1.2 at the Release 11.6 first customer shipment, which is expected approximately September 2017. Customers should proactively reach out to third-party application vendors for updates that support TLS 1.2.

The new TLS 1.2 protocol support will be described in the UCCE Release 11.6 documentation.

For More Information

If you require further assistance, or if you have any further questions regarding this field notice, please contact the Cisco Systems Technical Assistance Center (TAC) by one of the following methods:

Receive Email Notification For New Field Notices

Cisco Notification Service—Set up a profile to receive email updates about reliability, safety, network security, and end-of-sale issues for the Cisco products you specify.