Cisco 6901 Administration Manual page 25

Unified ip phone communications manager 8.6 (sccp and sip)

Hide thumbs Also See for 6901:

User manual (62 pages)

User giude (54 pages)

Manual (28 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

Table of Contents

Chapter 1

An Overview of the Cisco Unified IP Phone

Table 1-5

Overview of Security Features (continued)

Feature

Secure SRST reference

Media encryption

Signaling encryption

CAPF (Certificate Authority Proxy

Function)

Security profiles

Encrypted configuration files

Optional disabling of the web server

functionality for a phone

Phone hardening

802.1X Authentication

Voice Quality Metrics

MOS LQK

Avg MOS LQK

Min MOS LQK

Cisco Unified IP Phone 6901 and 6911 Administration Guide for Cisco Unified Communications Manager 8.6 (SCCP and SIP)

OL-24582-01

Description

After you configure a Cisco Unified Survivable Remote Site Telephony (SRST)

reference for security and reset the dependent devices in Cisco Unified

Communications Manager, the TFTP server adds the SRST certificate to the phone

configuration file and sends the file to the phone. A secure phone uses a TLS

connection to interact with the SRST-enabled router.

The configuration file is with one of the following extensions:

•

.cnf.xml

•

.cnf.xml.sgn

•

.cnf.xml.enc.sgn

Uses SRTP to ensure that the media streams between supported devices proves

secure and that only the intended device receives and reads the data. Includes

creating a media master key pair for the devices, delivering the keys to the devices,

and securing the delivery of the keys while the keys are in transport.

Ensures that all SCCP and SIP signaling messages sent between the device and the

Cisco Unified Communications Manager server are encrypted.

Implements parts of the certificate generation procedure that are too

processing-intensive for the phone, and interacts with the phone for key generation

and certificate installation. The CAPF can be configured to request certificates from

customer-specified certificate authorities on behalf of the phone, or it can be

configured to generate certificates locally.

Defines whether the phone is nonsecure, authenticated, encrypted, or protected. See

the

"Understanding Security Profiles" section on page 1-14

Ensures the privacy of phone configuration files.

Prevents access to a phone's web page that displays a variety of operational statistics

for the phone.

Additional security option, which you control from Cisco Unified Communications

Manager:

•

Disabling access to web pages for a phone

Defines the use of 802.1X authentication to request and gain access to the network.

See the

"Supporting 802.1X Authentication on Cisco Unified IP Phones" section on

page 1-16

for more information.

Objective estimate of the Mean Opinion Score (MOS) for Listening Quality (LQK)

that ranks audio quality from 5 (excellent) to 1 (bad). This score is based on

audible-concealment events due to a frame loss in the preceding 8 seconds of the

voice stream.

Note

The MOS LQK score can vary based on the type of codec that the

Cisco Unified IP Phone uses.

Average MOS LQK score for the entire voice stream.

Lowest MOS LQK score from the start of the voice stream.

Understanding Security Features for Cisco Unified IP Phones

for more information.

1-13

Table of Contents

Show Quick Links

Quick Links:
Performing a Factory Reset

Hide quick links:

Table of Contents

Troubleshooting

This manual is also suitable for:

6911

Cisco 6901 Administration Manual page 25

Hide quick links:

Troubleshooting

Related Manuals for Cisco 6901

Related Products for Cisco 6901

This manual is also suitable for:

Table of Contents