Cisco 7925G Administration Guide - Page 25
Feature, Description, Each Cisco Unified IP Phone contains a unique manufacturing - reset
UPC - 882658201943
View all Cisco 7925G manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 25 highlights
Chapter 1 Overview of the Cisco Unified Wireless IP Phone 7925G Understanding Security Features for Cisco Unified IP Phones Table 1-3 Description of Security Features (continued) Feature Manufacturing installed certificate Secure Cisco Unified SRST reference Media encryption Signaling encryption by using TLS CAPF (Certificate Authority Proxy Function) Security profiles Encrypted configuration files Optional disabling of the web server functionality for a phone Phone hardening Description Each Cisco Unified IP Phone contains a unique manufacturing installed certificate (MIC), which is used for device authentication. The MIC is a permanent unique proof of identity for the phone, and allows Cisco Unified Communications Manager to authenticate the phone. After you configure a SRST reference for security and then reset the dependent devices in Cisco Unified Communications Manager Administration, the TFTP server adds the SRST certificate to the phone cnf.xml file and sends the file to the phone. A secure phone then uses a TLS connection to interact with the SRST-enabled router. Uses SRTP to ensure that the media streams between supported devices proves secure and that only the intended device receives and reads the data. Includes creating a media master key pair for the devices, delivering the keys to the devices, and securing the delivery of the keys while the keys are in transport. Ensures that all SCCP signaling messages that are sent between the device and the Cisco Unified Communications Manager server are encrypted. Implements parts of the certificate generation procedure that are too processing-intensive for the phone, and it interacts with the phone for key generation and certificate installation. The CAPF can be configured to request certificates from customer-specified certificate authorities on behalf of the phone, or it can be configured to generate certificates locally. Defines whether the phone is non-secure, authenticated, or encrypted. See the "Understanding Security Profiles" section on page 1-12 for more information. Lets you ensure the privacy of phone configuration files. You can prevent access to a phone web page, which displays a variety of operational statistics for the phone. Additional security options, which you control from Cisco Unified Communications Manager Administration: • Disabling Gratuitous ARP (GARP) • Disabling access to the Setting menus • Disabling access to web pages for a phone Note You can view current settings for the GARP Enabled, and Web Access options by looking at the phone's Device Information menu. For more information, see the "Viewing Security Information" section on page 8-1. OL-15984-01 Cisco Unified Wireless IP Phone 7925G Administration Guide for Cisco Unified Communications Manager 7.0(1) 1-11