Home » Cisco Manuals » Telephony » Cisco 7941G » Manual Viewer

Cisco 7941G Administration Guide - Page 35

Feature, Description, Each Cisco Unified IP Phone contains a unique manufacturing - firmware download

UPC - 746320949420

Add to My Manuals
Save this manual to your list of manuals

Page 35 highlights

Chapter 1 An Overview of the Cisco Unified IP Phone Understanding Security Features for Cisco Unified IP Phones Table 1-3 Overview of Security Features Feature Image authentication Customer-site certificate installation Device authentication File authentication Signaling Authentication Manufacturing installed certificate Description Signed binary files (with the extension .sbn) prevent tampering with the firmware image before it is loaded on a phone. Tampering with the image causes a phone to fail the authentication process and reject the new image. Each Cisco Unified IP Phone requires a unique certificate for device authentication. Phones include a manufacturing installed certificate (MIC), but for additional security, you can specify in Cisco Unified Communications Manager Administration that a certificate be installed by using the Certificate Authority Proxy Function (CAPF). Alternatively, you can install a Locally Significant Certificate (LSC) from the Security Configuration menu on the phone. See the "Configuring Security on the Cisco Unified IP Phone" section on page 3-18 for more information. Occurs between the Cisco Unified Communications Manager server and the phone when each entity accepts the certificate of the other entity. Determines whether a secure connection between the phone and a Cisco Unified Communications Manager should occur, and, if necessary, creates a secure signaling path between the entities by using Transport Layer Security (TLS) protocol. Cisco Unified Communications Manager will not register phones unless they can be authenticated by the Cisco Unified Communications Manager. Validates digitally signed files that the phone downloads. The phone validates the signature to make sure that file tampering did not occur after the file creation. Files that fail authentication are not written to Flash memory on the phone. The phone rejects such files without further processing. Uses the TLS protocol to validate that no tampering has occurred to signaling packets during transmission. Each Cisco Unified IP Phone contains a unique manufacturing installed certificate (MIC), which is used for device authentication. The MIC is a permanent unique proof of identity for the phone, and allows Cisco Unified Communications Manager to authenticate the phone. Cisco Unified IP Phone 7961G/7961G-GE and 7941G/7941G-GE for Cisco Unified Communications Manager 6.1 OL-14620-01 1-17

Section	Page
Cisco Unified IP Phone 7961G/7961G-GE and 7941G/7941G-GE Administration Guide for Cisco Unified Communications Manager 6.1	1
Contents	5
Preface	13
An Overview of the Cisco Unified IP Phone	19
Understanding the Cisco Unified IP Phone 7961G/7961G-GE and 7941G/7941G-GE	20
What Networking Protocols are Used?	23
What Features are Supported on the Cisco Unified IP Phone 7961G/7961G-GE and 7941G/7941G-GE?	28
Feature Overview	29
Configuring Telephony Features	30
Configuring Network Parameters Using the Cisco Unified IP Phone	30
Providing Users with Feature Information	31
Understanding Security Features for Cisco Unified IP Phones	31
Overview of Supported Security Features	34
Understanding Security Profiles	38
Identifying Encrypted and Authenticated Phone Calls	38
Establishing and Identifying Secure Conference Calls	39
Call Security Interactions and Restrictions	39
Supporting 802.1X Authentication on Cisco Unified IP Phones	41
Overview	42
Required Network Components	42
Best Practices-Requirements and Recommendations	43
Security Restrictions	44
Overview of Configuring and Installing Cisco Unified IP Phones	44
Configuring Cisco Unified IP Phones in Cisco Unified Communications Manager	45
Checklist for Configuring the Cisco Unified IP Phone 7961G/7961G-GE and 7941G/7941G-GE in Cisco Unified Communications Manager	45
Installing Cisco Unified IP Phones	50
Checklist for Installing the Cisco Unified IP Phone 7961G/7961G-GE and 7941G/7941G-GE	51
Preparing to Install the Cisco Unified IP Phone on Your Network	55
Understanding Interactions with Other Cisco Unified IP Telephony Products	56
Understanding How the Cisco Unified IP Phone Interacts with Cisco Unified Communications Manager	56
Understanding How the Cisco Unified IP Phone Interacts with the VLAN	57
Providing Power to the Cisco Unified IP Phone	58
Power Guidelines	59
Power Outage	61
Obtaining Additional Information about Power	61
Understanding Phone Configuration Files	62
Understanding the Phone Startup Process	64
Adding Phones to the Cisco Unified Communications Manager Database	68
Adding Phones with Auto-Registration	69
Adding Phones with Auto-Registration and TAPS	70
Adding Phones with Cisco Unified Communications Manager Administration	71
Adding Phones with BAT	72
Using Cisco Unified IP Phones with Different Protocols	73
Converting a New Phone from SCCP to SIP	73
Converting an In-Use Phone from SCCP to SIP	74
Converting an In-Use Phone from SIP to SCCP	74
Deploying a Phone in an SCCP and SIP Environment	75
Determining the MAC Address for a Cisco Unified IP Phone	75
Setting Up the Cisco Unified IP Phone	77
Before You Begin	78
Network Requirements	78
Cisco Unified Communications Manager Configuration	78
Understanding the Cisco Unified IP Phone 7961G/7961G-GE and 7941G/7941G-GE Components	79
Network and Access Ports	79
Handset	80
Speakerphone	81
Headset	81
Audio Quality Subjective to the User	82
Connecting a Headset	82
Disabling a Headset	82
Using External Devices with Your Cisco Unified IP Phone	82
Installing the Cisco Unified IP Phone	83
Attaching the Cisco Unified IP Phone Expansion Module 7914 (SCCP Phones Only)	87
Adjusting the Placement of the Cisco Unified IP Phone	89
Adjusting Cisco Unified IP Phone Placement on the Desktop	89
Securing the Phone with a Cable Lock	89
Mounting the Phone to the Wall	90
Verifying the Phone Startup Process	92
Configuring Startup Network Settings	94
Configuring Security on the Cisco Unified IP Phone	94
Configuring Settings on the Cisco Unified IP Phone	97
Configuration Menus on the Cisco Unified IP Phone	97
Displaying a Configuration Menu	98
Unlocking and Locking Options	99
Editing Values	100
Overview of Options Configurable from a Phone	101
Network Configuration Menu	103
Device Configuration Menu	112
CallManager Configuration Menu	112
SIP Configuration Menu (SIP Phones Only)	113
SIP General Configuration Menu	114
Line Settings Menu	116
Call Preferences Menu	117
HTTP Configuration Menu	119
Locale Configuration Menu	121
NTP Configuration Menu	122
UI Configuration Menu	123
Media Configuration Menu	126
Ethernet Configuration Menu	132
Security Configuration Menu	133
QoS Configuration Menu	135
Network Configuration Menu	136
Security Configuration Menu	141
CTL File Menu	143
Trust List Menu	145
802.1X Authentication and Status	146
Configuring Features, Templates, Services, and Users	149
Telephony Features Available for the Cisco Unified IP Phone	150
Configuring Corporate and Personal Directories	173
Configuring Corporate Directories	174
Configuring Personal Directory	174
Modifying Phone Button Templates	175
Configuring Softkey Templates	176
Setting Up Services	177
Adding Users to Cisco Unified Communications Manager	178
Managing the User Options Web Pages	178
Giving Users Access to the User Options Web Pages	179
Specifying Options that Appear on the User Options Web Pages	179
Customizing the Cisco Unified IP Phone	181
Customizing and Modifying Configuration Files	181
Creating Custom Phone Rings	182
Ringlist.xml File Format Requirements	183
PCM File Requirements for Custom Ring Types	184
Configuring a Custom Phone Ring	184
Creating Custom Background Images	185
List.xml File Format Requirements	185
PNG File Requirements for Custom Background Images	186
Configuring a Custom Background Image	187
Configuring Wideband Codec	188
Viewing Model Information, Status, and Statistics on the Cisco Unified IP Phone	191
Model Information Screen	192
Status Menu	193
Status Messages Screen	194
Network Statistics Screen	202
Firmware Versions Screen	204
Expansion Module Status Screen (SCCP Phones Only)	205
Call Statistics Screen	206
Monitoring the Cisco Unified IP Phone Remotely	211
Accessing the Web Page for a Phone	212
Disabling and Enabling Web Page Access	213
Device Information	214
Network Configuration	216
Network Statistics	221
Device Logs	224
Streaming Statistics	224
Troubleshooting and Maintenance	229
Resolving Startup Problems	230
Symptom: The Cisco Unified IP Phone Does Not Go Through its Normal Startup Process	230
Symptom: The Cisco Unified IP Phone Does Not Register with Cisco Unified Communications Manager	231
Identifying Error Messages	232
Checking Network Connectivity	232
Verifying TFTP Server Settings	232
Verifying IP Addressing and Routing	233
Verifying DNS Settings	233
Verifying Cisco Unified Communications Manager Settings	233
Cisco Unified Communications Manager and TFTP Services Are Not Running	234
Creating a New Configuration File	235
Registering the Phone with Cisco Unified Communications Manager	236
Symptom: Cisco Unified IP Phone Unable to Obtain IP Address	236
Cisco Unified IP Phone Resets Unexpectedly	236
Verifying the Physical Connection	237
Identifying Intermittent Network Outages	237
Verifying DHCP Settings	237
Checking Static IP Address Settings	238
Verifying the Voice VLAN Configuration	238
Verifying that the Phones Have Not Been Intentionally Reset	238
Eliminating DNS or Other Connectivity Errors	239
Checking Power Connection	240
Troubleshooting Cisco Unified IP Phone Security	240
General Troubleshooting Tips	242
General Troubleshooting Tips for the Cisco Unified IP Phone Expansion Module 7914 (SCCP Phones Only)	245
Resetting or Restoring the Cisco Unified IP Phone	246
Performing a Basic Reset	246
Performing a Factory Reset	247
Using the Quality Report Tool	249
Monitoring the Voice Quality of Calls	249
Using Voice Quality Metrics	250
Troubleshooting Tips	251
Where to Go for More Troubleshooting Information	252
Cleaning the Cisco Unified IP Phone	253
Providing Information to Users Via a Website	255
How Users Obtain Support for the Cisco Unified IP Phone	256
Giving Users Access to the User Options Web Pages	256
How Users Access the Online Help System on the Cisco Unified IP Phone	256
How Users Get Copies of Cisco Unified IP Phone Manuals	257
How Users Subscribe to Services and Configure Phone Features	258
How Users Access a Voice Messaging System	258
How Users Configure Personal Directory Entries	259
Installing and Configuring the Cisco Unified IP Phone Address Book Synchronizer	259
Feature Support by Protocol for Cisco Unified IP Phone 7961G/7961G-GE and 7941G/7941G-GE	263
Supporting International Users	273
Adding Language Overlays to Phone Buttons	273
Installing the Cisco Unified Communications Manager Locale Installer	274
Technical Specifications	275
Physical and Operating Environment Specifications	275
Cable Specifications	276

Match case Limit results 1 per page

1-17

Cisco Unified IP Phone 7961G/7961G-GE and 7941G/7941G-GE for Cisco Unified Communications Manager 6.1

OL-14620-01

Chapter 1

An Overview of the Cisco Unified IP Phone

Understanding Security Features for Cisco Unified IP Phones

Table 1-3

Overview of Security Features

Feature

Description

Image authentication

Signed binary files (with the extension .sbn) prevent tampering with

the firmware image before it is loaded on a phone. Tampering with

the image causes a phone to fail the authentication process and

reject the new image.

Customer-site certificate

installation

Each Cisco Unified IP Phone requires a unique certificate for device

authentication. Phones include a manufacturing installed certificate

(MIC), but for additional security, you can specify in Cisco

Unified Communications Manager Administration that a certificate

be installed by using the Certificate Authority Proxy Function

(CAPF). Alternatively, you can install a Locally Significant

Certificate (LSC) from the Security Configuration menu on the

phone. See the

“Configuring Security on the Cisco Unified IP

Phone” section on page 3-18

for more information.

Device authentication

Occurs between the Cisco Unified Communications Manager server

and the phone when each entity accepts the certificate of the other

entity. Determines whether a secure connection between the phone

and a Cisco Unified Communications Manager should occur, and, if

necessary, creates a secure signaling path between the entities by

using Transport Layer Security (TLS) protocol. Cisco

Unified Communications Manager will not register phones unless

they can be authenticated by the Cisco Unified Communications

Manager.

File authentication

Validates digitally signed files that the phone downloads. The phone

validates the signature to make sure that file tampering did not occur

after the file creation. Files that fail authentication are not written to

Flash memory on the phone. The phone rejects such files without

further processing.

Signaling Authentication

Uses the TLS protocol to validate that no tampering has occurred to

signaling packets during transmission.

Manufacturing installed

certificate

Each Cisco Unified IP Phone contains a unique manufacturing

installed certificate (MIC), which is used for device authentication.

The MIC is a permanent unique proof of identity for the phone, and

allows Cisco Unified Communications Manager to authenticate the

phone.