Home » Cisco Manuals » Telephony » Cisco 7971G-GE » Manual Viewer

Cisco 7971G-GE Administration Guide - Page 26

Understanding Security Profiles

UPC - 746320966588

Add to My Manuals
Save this manual to your list of manuals

Page 26 highlights

Understanding Security Features for Cisco Unified IP Phones Chapter 1 An Overview of the Cisco Unified IP Phone Table 1-3 Overview of Security Features (continued) Feature Security profiles Encrypted configuration files Optional disabling of the web server functionality for a phone Phone hardening 802.1X Authentication Description Defines whether the phone is nonsecure, authenticated, encrypted, or protected. See the "Understanding Security Profiles" section on page 1-12 for more information. Lets you ensure the privacy of phone configuration files. You can prevent access to a phone's web page, which displays a variety of operational statistics for the phone. Additional security options, which you control from Cisco Unified Communications Manager Administration: • Disabling PC port • Disabling Gratuitous ARP (GARP) • Disabling PC Voice VLAN access • Disabling access to the Setting menus, or providing restricted access that allows access to the User Preferences menu and saving volume changes only • Disabling access to web pages for a phone. Note You can view current settings for the PC Port Disabled, GARP Enabled, and Voice VLAN enabled options by looking at the phone's Security Configuration menu. For more information, see the "Device Configuration Menu" section on page 4-10. The Cisco Unified IP Phone can use 802.1X authentication to request and gain access to the network. See the "Supporting 802.1X Authentication on Cisco Unified IP Phones" section on page 1-16 for more information. Related Topics • Understanding Security Profiles, page 1-12 • Identifying Authenticated, Encrypted, and Protected Phone Calls, page 1-13 • Establishing and Identifying Secure Conference Calls, page 1-14 • Device Configuration Menu, page 4-10 • Supporting 802.1X Authentication on Cisco Unified IP Phones, page 1-16 • Security Restrictions, page 1-17 Understanding Security Profiles Cisco Unified IP Phones that support Cisco Unified Communications Manager 7.0 or later use a security profile, which defines whether the phone is nonsecure, authenticated, or encrypted. For information about configuring the security profile and applying the profile to the phone, refer to Cisco Unified Communications Manager Security Guide. To view the security mode that is set for the phone, look at the Security Mode setting in the Security Configuration menu. For more information, see the "Security Configuration Menu" section on page 4-23. 1-12 Cisco Unified IP Phone 7970G/7971G-GE Administration Guide for Cisco Unified Communications Manager 7.0 OL-15299-01

Section	Page
Cisco Unified IP Phone 7970G/7971G-GE Administration Guide for Cisco Unified Communications Manager 7.0 (SCCP and SIP)	1
Contents	3
Preface	11
An Overview of the Cisco Unified IP Phone	15
Understanding the Cisco Unified IP Phone 7970 Series	15
What Networking Protocols Are Used?	17
What Features are Supported on the Cisco Unified IP Phone 7970 Series?	21
Feature Overview	21
Configuring Telephony Features	22
Configuring Network Parameters Using the Cisco Unified IP Phone	22
Providing Users with Feature Information	22
Understanding Security Features for Cisco Unified IP Phones	22
Overview of Supported Security Features	24
Understanding Security Profiles	26
Identifying Authenticated, Encrypted, and Protected Phone Calls	27
Establishing and Identifying Secure Conference Calls	28
Establishing and Identifying Protected Calls	28
Call Security Interactions and Restrictions	29
Supporting 802.1X Authentication on Cisco Unified IP Phones	30
Overview	30
Required Network Components	30
Best Practices-Requirements and Recommendations	31
Security Restrictions	31
Overview of Configuring and Installing Cisco Unified IP Phones	32
Configuring Cisco Unified IP Phones in Cisco Unified Communications Manager	32
Checklist for Configuring the Cisco Unified IP Phone 7970 Series in Cisco Unified Communications Manager	33
Installing Cisco Unified IP Phones	35
Checklist for Installing the Cisco Unified IP Phone 7970 Series	35
Preparing to Install the Cisco Unified IP Phone on Your Network	39
Understanding Interactions with Other Cisco Unified IP Communications Products	40
Understanding How the Cisco Unified IP Phone Interacts with Cisco Unified Communications Manager	40
Understanding How the Cisco Unified IP Phone Interacts with the VLAN	41
Providing Power to the Phone	41
Power Guidelines	42
Phone Power Consumption and Display Brightness	43
Power Outage	43
Obtaining Additional Information about Power	44
Understanding Phone Configuration Files	44
Understanding the Phone Startup Process	45
Adding Phones to the Cisco Unified Communications Manager Database	47
Adding Phones with Auto-Registration	48
Adding Phones with Auto-Registration and TAPS	49
Adding Phones with Cisco Unified Communications Manager Administration	50
Adding Phones with BAT	50
Using Cisco Unified IP Phones with Different Protocols	50
Converting a New Phone from SCCP to SIP	51
Converting an In-Use Phone from SCCP to SIP	51
Converting an In-Use Phone from SIP to SCCP	51
Deploying a Phone in an SCCP and SIP Environment	52
Determining the MAC Address of a Cisco Unified IP Phone	52
Setting Up the Cisco Unified IP Phone	53
Before You Begin	53
Network Requirements	53
Cisco Unified Communications Manager Configuration	54
Understanding the Cisco Unified IP Phone 7970 Series Components	54
Network and Access Ports	54
Handset	55
Speakerphone	55
Headset	55
Audio Quality Subjective to the User	56
Connecting a Headset	56
Disabling a Headset	56
Using External Devices	56
Installing the Cisco Unified IP Phone	57
Attaching the Cisco Unified IP Phone Expansion Module 7914	59
Adjusting the Placement of the Cisco Unified IP Phone	60
Adjusting Cisco Unified IP Phone Footstand and Phone Height	60
Securing the Phone with a Cable Lock	60
Mounting the Phone to the Wall	61
Verifying the Phone Startup Process	62
Configuring Startup Network Settings	63
Configuring Security on the Cisco Unified IP Phone	64
Configuring Settings on the Cisco Unified IP Phone	67
Configuration Menus on the Cisco Unified IP Phone 7970 Series	67
Displaying a Configuration Menu	68
Unlocking and Locking Options	69
Editing Values	69
Overview of Options Configurable from a Phone	70
Network Configuration Menu	71
Device Configuration Menu	76
Unified CM Configuration	77
SIP Configuration Menu (SIP Phones Only)	78
SIP General Configuration Menu	79
Line Settings Menu (SIP Phones Only)	80
Call Preferences Menu (SIP Phones Only)	80
HTTP Configuration Menu	81
Locale Configuration Menu	82
NTP Configuration Menu (SIP Phones Only)	83
UI Configuration Menu	83
Media Configuration Menu	85
Power Save Configuration Menu	88
Ethernet Configuration Menu	89
Security Configuration Menu	89
QoS Configuration Menu	91
Network Configuration	91
Security Configuration Menu	95
CTL File Menu	96
Trust List Menu	97
802.1X Authentication and Status	97
Configuring Features, Templates, Services, and Users	101
Telephony Features Available for the Phone	101
Configuring Corporate and Personal Directories	116
Configuring Corporate Directories	117
Configuring Personal Directory	117
Modifying Phone Button Templates	117
Modifying a Phone Button Template for Personal Address Book or Fast Dials	118
Configuring Softkey Templates	119
Setting Up Services	120
Adding Users to Cisco Unified Communications Manager	120
Managing the User Options Web Pages	121
Giving Users Access to the User Options Web Pages	121
Specifying Options that Appear on the User Options Web Pages	121
Customizing the Cisco Unified IP Phone	123
Customizing and Modifying Configuration Files	123
Creating Custom Phone Rings	124
Ringlist.xml File Format Requirements	124
PCM File Requirements for Custom Ring Types	125
Configuring a Custom Phone Ring	125
Creating Custom Background Images	125
List.xml File Format Requirements	126
PNG File Requirements for Custom Background Images	127
Configuring a Custom Background Image	127
Configuring Wideband Codec	128
Configuring the Idle Display	129
Automatically Disabling the Cisco Unified IP Phone Touchscreen	129
Viewing Model Information, Status, and Statistics on the Cisco Unified IP Phone	133
Model Information Screen	134
Status Menu	135
Status Messages Screen	135
Network Statistics Screen	141
Firmware Versions Screen	143
Expansion Module(s) Screen	144
Call Statistics Screen	145
Monitoring the Cisco Unified IP Phone Remotely	149
Accessing the Web Page for a Phone	149
Disabling and Enabling Web Page Access	151
Device Information	151
Network Configuration	152
Network Statistics	156
Device Logs	158
Streaming Statistics	158
Troubleshooting and Maintenance	163
Resolving Startup Problems	163
Symptom: The Cisco Unified IP Phone Does Not Go Through its Normal Startup Process	164
Symptom: The Cisco Unified IP Phone Does Not Register with Cisco Unified Communications Manager	164
Identifying Error Messages	165
Checking Network Connectivity	165
Verifying TFTP Server Settings	165
Verifying IP Addressing and Routing	165
Verifying DNS Settings	166
Verifying Cisco Unified Communications Manager Settings	166
Cisco CallManager and TFTP Services Are Not Running	166
Creating a New Configuration File	167
Registering the Phone with Cisco Unified Communications Manager	167
Symptom: Cisco Unified IP Phone Unable to Obtain IP Address	168
Cisco Unified IP Phone Resets Unexpectedly	168
Verifying Physical Connection	168
Identifying Intermittent Network Outages	168
Verifying DHCP Settings	169
Checking Static IP Address Settings	169
Verifying Voice VLAN Configuration	169
Verifying that the Phones Have Not Been Intentionally Reset	169
Eliminating DNS or Other Connectivity Errors	169
Checking Power Connection	170
Troubleshooting Cisco Unified IP Phone Security	170
General Troubleshooting Tips	172
General Troubleshooting Tips for the Cisco Unified IP Phone Expansion Module 7914	174
Resetting or Restoring the Cisco Unified IP Phone	175
Performing a Basic Reset	175
Performing a Factory Reset	176
Using the Quality Report Tool	176
Monitoring the Voice Quality of Calls	177
Using Voice Quality Metrics	177
Troubleshooting Tips	178
Where to Go for More Troubleshooting Information	179
Cleaning the Cisco Unified IP Phone	179
Providing Information to Users Via a Website	181
How Users Obtain Support for the Cisco Unified IP Phone	181
Giving Users Access to the User Options Web Pages	181
How Users Access the Online Help System on the Phone	182
How Users Get Copies of Cisco Unified IP Phone Manuals	182
Accessing Cisco 7900 Series Unified IP Phone eLearning Tutorials (SCCP Phones Only)	182
How Users Subscribe to Services and Configure Phone Features	183
How Users Access a Voice-Messaging System	183
How Users Configure Personal Directory Entries	184
Installing and Configuring the Cisco Unified IP Phone Address Book Synchronizer	184
Feature Support by Protocol for the Cisco Unified IP Phones 7970 Series	187
Supporting International Users	193
Adding Language Overlays to Phone Buttons	193
Installing the Cisco Unified Communications Manager Locale Installer	193
Support for International Call Logging	194
Technical Specifications	195
Physical and Operating Environment Specifications	195
Cable Specifications	196
Network and Access Port Pinouts	196
Basic Phone Administration Steps	199
Example User Information for these Procedures	199
Adding a User to Cisco Unified Communications Manager	200
Adding a User From an External LDAP Directory	200
Adding a User Directly to Cisco Unified Communications Manager	200
Configuring the Phone	201
Performing Final End User Configuration Steps	205