Cisco Unified IP Phone Security Features

 

Implementing security in the Cisco Unified Communications Manager system prevents identity theft of the phone and Cisco Unified Communications Manager server, prevents data tampering, and prevents call signal and media stream tampering.

 

To alleviate these threats, the Cisco IP telephony network establishes and maintains authenticated and encrypted communication streams between a phone and the server, digitally signs files before they are transferred to a phone, and encrypts media streams and call signaling between Cisco Unified IP Phones.

 

The Cisco Unified IP Phone uses the Phone security profile, which defines whether the device is nonsecure, authenticated, or encrypted. For information on applying the security profile to the phone, see Cisco Unified Communications Manager Security Guide.

 

If you configure security-related settings in Cisco Unified Communications Manager Administration, the phone configuration file contains sensitive information. To ensure the privacy of a configuration file, you must configure it for encryption. For detailed information, see Configuring Encrypted Phone Configuration Fileschapter in Cisco Unified Communications Manager Security Guide.

 

The following table shows where you can find additional information about security in this and other documents.



Topic


Reference


Detailed explanation of security, including set up, configuration, and troubleshooting information for Cisco Unified Communications Manager and Cisco Unified IP Phones

 


See Troubleshooting Guide for Cisco Unified Communications Manager


Security features supported on the Cisco Unified IP Phones

 

 

See Supported Security Features

 

Restrictions regarding security features



See 
Security Restrictions


 View a security profile name


 See Security Profiles
 

 

Identify phone calls for which security is implemented

 

See Authenticated, Encrypted, and Protected Phone Calls

 

 

TLS connection

 

 See these sections:

 


Security and the phone startup process        

 

See Phone Startup Process


Security and phone configuration files

 

See Cisco Unified Communications Manager Phone Addition Methods


Change the TFTP Server 1 or TFTP Server 2 option on the phone when security is implemented.

 

See Network Configuration Menu

 

Understand security icons in the Unified CM1 through Unified CM5 options in the Device Configuration Menu on the phone

 

See Unified CM Configuration Menu

 

Items on the Security Configuration menu that you access from the Device Configuration menu on the phone

 

See Security Configuration Menu

 

Items on the Security Configuration menu that you access from the Settings menu on the phone

 

See Security Configuration Menu

 

Unlock the CTL and ITL files 

 

See Unlock CTL and ITL Files

 

Disable access to phone web pages


See 
Control Web Page Access 

 

Delete the CTL file from the phone

 

See Cisco Unified IP Phone Reset or Restore

 

Reset or restore the phone

 

See Cisco Unified IP Phone Reset or Restore

 

Cisco Extension Mobility HTTPS support

 

See Network Protocols 

 

802.1X Authentication for Cisco Unified IP Phones


See these sections: