Cisco Systems OL-14619-01 manual When Data Is Encrypted, Setting Effect

Page 71

Chapter 6 Integrating Cisco Unity with the Phone System

Integrating with Cisco Unified Communications Manager (by Using SCCP or SIP)

The process of authentication and encryption of Cisco Unity voice messaging ports is as follows:

1.Each Cisco Unity voice messaging port connects to the TFTP server, downloads the CTL file, and extracts the certificates for all Cisco Unified CM servers.

2.Each Cisco Unity voice messaging port establishes a network connection to the Cisco Unified CM TLS port through Winsock. By default, the TLS port is 2443, though the port number is configurable.

3.Each Cisco Unity voice messaging port establishes a TLS connection to the Cisco Unified CM server, verifies the device certificate, and authenticates the voice messaging port.

4.Each Cisco Unity voice messaging port registers with the Cisco Unified CM server, specifying whether the voice messaging port will also use media encryption.

When Data Is Encrypted

When a call is made between Cisco Unity and Cisco Unified CM, the call-signaling messages and the media stream are handled in the following manner:

If both end points are set for encrypted mode, the call-signaling messages and the media stream are encrypted.

If one end point is set for authenticated mode and the other end point is set for encrypted mode, the call-signaling messages are authenticated, but neither the call-signaling messages nor the media stream are encrypted.

If one end point is set for non-secure mode and the other end point is set for encrypted mode, neither the call-signaling messages nor the media stream are encrypted.

Cisco Unified Communications Manager Cluster Security Mode Settings in Cisco Unity

 

 

The Cisco Unified CM cluster security mode settings in the Cisco Unity Telephony Integration Manager

 

 

(UTIM) determine how the ports handle call-signaling messages and whether encryption of the media

 

 

stream is possible. Table 6-4describes the effect of the Cluster Security Mode settings in UTIM.

Table 6-4

Cisco Unified Communications Manager Cluster Security Mode Settings for Voice Messaging Ports

 

 

 

Setting

 

Effect

 

 

 

Non-secure

 

The integrity and privacy of call-signaling messages will not be ensured because call-signaling

 

 

messages will be sent as clear (unencrypted) text and will be connected to Cisco Unified CM through

 

 

a non-authenticated port rather than an authenticated TLS port.

 

 

The media stream is not encrypted.

 

 

 

 

 

Design Guide for Cisco Unity Release 5.x

 

 

 

 

 

 

OL-14619-01

 

 

6-15

 

 

 

 

 

Page 70 Page 72
Image 71
Page 70 Page 72
Contents Americas Headquarters Design Guide for Cisco UnityDesign Guide for Cisco Unity Release N T E N T S Workstations Authentication Centralized Voice Messaging Configuration Viii Document Conventions AudienceSupport Policy for Optional Third-Party Software Cisco Product Security Overview Xii Design Guide Overview Product Area Design or Feature DocumentationDesign Guide for Cisco Unity Bridge at Page Design Guide Overview Design Guide for Cisco Unity Release How Cisco Unity Works Cisco Unity ConceptsVoice Messaging Unified MessagingHardware Components of a Cisco Unity System Cisco Unity Supported Platforms List at One or More Cisco Unity ServersNetwork Connection Optional for Some Configurations Domino Where Cisco Unity Stores DataSoftware Components of a Cisco Unity System Voice Messages Are Stored in Domino or ExchangeExchange Enabling Cisco Unity Servers to Communicate with One Another Networking Guide for Cisco Unity at Some Configuration Settings Are Stored in the Registry Availability of Network Resources Name ResolutionAvailability of Message Store Servers Domain Controller Access and AvailabilitySizing and Scaling Cisco Unity Servers Using Firewalls with Cisco UnityNumber of Voice Ports Storage Capacity for Voice MessagesHow Codecs Affect the File Size of Voice Messages Audio CodecsQuality Rating TTS, TTY, Pocket PCs, and Hand-Held ComputersInteroperability Among Multiple Voice-Messaging Systems Audio CodecDeployment Models Unified Messaging with Customer-Provided Infrastructure Multi-Site WAN with Distributed Messaging Voice Messaging with Customer-Provided InfrastructurePhysical Placement and Network Infrastructure Active Directory Considerations Considerations for Customer-Provided InfrastructureDesign Guide for Cisco Unity Release Exchange Considerations All Versions Exchange Considerations That Apply Only Exchange Considerations for Cisco-Provided, Dedicated Infrastructure OL-14619-01 Overview of Cisco Unity with Domino and Notes Domino Address Book Terminology Maximum Number of Cisco Unity SubscribersElement Name Changes That csAdmin Makes to the Domino Address BookChanges That csClient Makes to the Mail File Windows Domains and Domino Domains Server PlacementActive Directory Accounts and Permissions AuthenticationDomino Clusters Domino PermissionsCisco Unity Subscribers and Domino Users Backing Up and Restoring Data Client Access LicensesCisco Unity and the Domino Address Book Message RoutingServers Requirements and Recommendations Unified Messaging ConfigurationsUnified Messaging, No Domino Cluster Unified Messaging, Domino Cluster Voice Messaging ConfigurationCriteria for a Supported Configuration Deploying Cisco Unity for Lotus Domino Establishing Support Policies Administrative Access and ControlNetwork Services Deployment Tasks for Unified Messaging ConfigurationsOperational Tasks Design Guide for Cisco Unity Release Overview Integrating Cisco Unity with the Phone SystemHow an Integration Works Digital Integration with Digital Pimg Units Lines and Cables to Make Physical ConnectionsIntegration with Cisco Unified Communications Manager Dtmf Integration with Analog Pimg Units LAN/WAN Timg IntegrationSerial Integration with Voice Cards Dtmf Integration with Voice CardsConnections for a Serial Integration by Using Voice Cards Settings in the Phone System and in Cisco UnityCall Control General Integration Issues Sccp SIP FeatureIntegrating Cisco Unity with the Phone System Option Considerations Description Cisco Unified Communications Manager Security FeaturesDescription Setting Effect When Data Is EncryptedDisabling and Re-Enabling Security Settings for Individual Voice Messaging PortsPacketization Sccp Integrations Only Sccp SIP Cisco 11 Cisco Unified Communications Manager Fallback with Pstn Cisco Unity to a branch office will fail Integrating by Using SIP SIP Compliance Supported SIP IntegrationsCisco Unity Failover with SIP Trunks Description of Pimg Integrations Dtmf Integration with Analog Pimg Units Description of Timg Integrations Firmware Updates Serial Integrations Setup and ConfigurationCisco Unity Failover Increasing Port CapacityMultiple Integration Support/Branch Office Consolidation Cisco Unity FailbackIntegrating with Multiple Phone Systems Requirements for Integrations with Multiple Phone Systems Using Sccp Phone Systems with Other IntegrationsHow Alternate Extensions Work Optional Integration FeaturesAlternate Extensions Reasons to Use Alternate ExtensionsMWIs for Extensions on a Non-Integrated Phone System Alternate MWIsCentralized Voice Messaging OL-14619-01 OL-14619-01 Failover Cisco Unity Failover and Standby RedundancyStandby Redundancy Cisco Unity Failover and Standby Redundancy Cisco Unity Failover and Standby Redundancy Pstn WAN Diagram of a Standby Redundancy ConfigurationOL-14619-01 Voice-Recognition Access to Cisco Unity OL-14619-01 Migrating to Cisco Unity from Another Voice-Messaging System Migrating to Cisco Unity from Another Voice-Messaging System D E IN-2 IN-3 IN-4
Top Page Image Contents