Supported Security Features - Cisco 7975G Software Manual
Administration guide for cisco unified communications manager 9.0 (sccp and sip)
Hide thumbs
Also See for 7975G:
- Software manual (227 pages) ,
- Administration manual (217 pages) ,
- Troubleshooting and maintenance (25 pages)
Table of Contents
Advertisement
Cisco Unified IP Phone
Supported Security Features
The following table provides an overview of the security features that the Cisco Unified IP Phone 7975G,
7971G-GE, 7970G, 7965G, and 7945G supports. For more information about these features and about
Cisco Unified Communications Manager and Cisco Unified IP Phone security, see the Cisco
Unified Communications Manager Security Guide.
For information about current security settings on a phone, look at the Security Configuration menus on the
phone (choose Settings > Security Configuration and choose Settings > Device Configuration > Security
Configuration).
Note
Most security features are available only if a CTL is installed on the phone. For more information about
the CTL, see the "Configuring the Cisco CTL Client" chapter in the Cisco Unified Communications
Manager Security Guide.
Table 4: Overview of security features
Feature
Image authentication
Customer-site certificate
installation
Device authentication
File authentication
Signaling authentication
Description
Signed binary files (with the extension .sbn) prevent tampering with the
firmware image before it loads on a phone. Tampering with the image
causes a phone to fail the authentication process and reject the new image.
Each Cisco Unified IP Phone requires a unique certificate for device
authentication. Phones include a manufacturing installed certificate (MIC),
but for additional security, you can specify in Cisco
Unified Communications Manager Administration that a certificate be
installed by using the CAPF (Certificate Authority Proxy Function).
Alternatively, you can install a Locally Significant Certificate (LSC) from
the Security Configuration menu on the phone.
Occurs between the Cisco Unified Communications Manager server and
the phone when each entity accepts the certificate of the other entity.
Determines whether a secure connection between the phone and a
Cisco Unified Communications Manager should occur, and, if necessary,
creates a secure signaling path between the entities that use TLS protocol.
Cisco Unified Communications Manager does not register phones unless
it can authenticate them.
Validates digitally signed files that the phone downloads. The phone
validates the signature to make sure that file tampering did not occur after
file creation. Files that fail authentication are not written to Flash memory
on the phone. The phone rejects such files without further processing.
Uses the TLS protocol to validate that no tampering has occurred to
signaling packets during transmission.
Cisco Unified IP Phone 7975G, 7971G-GE, 7970G, 7965G, and 7945G Administration Guide for Cisco Unified
Supported Security Features
Communications Manager 9.0 (SCCP and SIP)
15
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
