Cisco Systems OL-14619-01 manual Disabling and Re-Enabling Security

Page 72

Chapter 6 Integrating Cisco Unity with the Phone System

Integrating with Cisco Unified Communications Manager (by Using SCCP or SIP)

Table 6-4

Cisco Unified Communications Manager Cluster Security Mode Settings for Voice Messaging Ports

 

 

 

 

 

 

Setting

 

 

Effect

 

 

 

 

 

 

Authenticated

 

 

The integrity of call-signaling messages will be ensured because they will be connected to Cisco

 

 

 

 

Unified CM through an authenticated TLS port. However, the privacy of call-signaling messages will

 

 

 

 

not be ensured because they will be sent as clear (unencrypted) text.

 

 

 

 

The media stream is not encrypted.

 

 

 

 

 

 

Encrypted

 

 

The integrity and privacy of call-signaling messages will be ensured because they will be connected to

 

 

 

 

Cisco Unified CM through an authenticated TLS port, and the call-signaling messages will be

 

 

 

 

encrypted.

 

 

 

 

The media stream can be encrypted.

 

 

 

 

 

 

 

 

 

 

 

Caution Both end points must be registered in encrypted mode for the media stream to be encrypted.

 

 

 

 

 

 

However, when one end point is set for non-secure or authenticated mode and the other end

 

 

 

 

 

 

point is set for encrypted mode, the media stream will not be encrypted. Also, if an

 

 

 

 

 

 

intervening device (such as a transcoder or gateway) is not enabled for encryption, the media

 

 

 

 

 

 

stream will not be encrypted.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Disabling and Re-Enabling Security

The authentication and encryption features between Cisco Unity and Cisco Unified CM can be enabled and disabled by changing the Cisco Unified CM Cluster Security Mode for all Cisco Unified CM clusters to Non-Secure, and by changing the applicable settings in the Cisco Unified CM Administration.

Authentication and encryption can be re-enabled by changing the Cisco Unified CM Cluster Security Mode to Authenticated or Encrypted.

Note that after disabling or re-enabling authentication and encryption, it is not necessary to export the Cisco Unity server root certificate and copy it to all Cisco Unified CM server.

Multiple Integrations Can Have Different Security Mode Settings

When Cisco Unity is integrated with multiple Cisco Unified CM clusters, each cluster can have a different setting for Cisco Unified CM Cluster Security Mode. For example, Cluster 1 can be set to Encrypted, and Cluster 2 can be set to Non-Secure.

Settings for Individual Voice Messaging Ports

For troubleshooting purposes, authentication and encryption for Cisco Unity voice messaging ports can be individually enabled and disabled. At all other times, we recommend that the Security Mode setting for all voice messaging ports on the Ports tab be the same as the Cisco Unified CM Cluster Security Mode setting on the Servers tab.

 

Design Guide for Cisco Unity Release 5.x

6-16

OL-14619-01

Page 71 Page 73
Image 72
Page 71 Page 73
Contents Design Guide for Cisco Unity Americas HeadquartersDesign Guide for Cisco Unity Release N T E N T S Workstations Authentication Centralized Voice Messaging Configuration Viii Audience Document ConventionsSupport Policy for Optional Third-Party Software Cisco Product Security Overview Xii Product Area Design or Feature Documentation Design Guide OverviewDesign Guide for Cisco Unity Bridge at Page Design Guide Overview Design Guide for Cisco Unity Release Cisco Unity Concepts How Cisco Unity WorksUnified Messaging Voice MessagingHardware Components of a Cisco Unity System One or More Cisco Unity Servers Cisco Unity Supported Platforms List atNetwork Connection Optional for Some Configurations Where Cisco Unity Stores Data Software Components of a Cisco Unity SystemVoice Messages Are Stored in Domino or Exchange DominoExchange Enabling Cisco Unity Servers to Communicate with One Another Networking Guide for Cisco Unity at Some Configuration Settings Are Stored in the Registry Name Resolution Availability of Network ResourcesDomain Controller Access and Availability Availability of Message Store ServersUsing Firewalls with Cisco Unity Sizing and Scaling Cisco Unity ServersStorage Capacity for Voice Messages Number of Voice PortsAudio Codecs How Codecs Affect the File Size of Voice MessagesTTS, TTY, Pocket PCs, and Hand-Held Computers Interoperability Among Multiple Voice-Messaging SystemsAudio Codec Quality RatingDeployment Models Unified Messaging with Customer-Provided Infrastructure Voice Messaging with Customer-Provided Infrastructure Multi-Site WAN with Distributed MessagingPhysical Placement and Network Infrastructure Considerations for Customer-Provided Infrastructure Active Directory ConsiderationsDesign Guide for Cisco Unity Release Exchange Considerations All Versions Exchange Considerations That Apply Only Exchange Considerations for Cisco-Provided, Dedicated Infrastructure OL-14619-01 Overview of Cisco Unity with Domino and Notes Maximum Number of Cisco Unity Subscribers Domino Address Book TerminologyChanges That csAdmin Makes to the Domino Address Book Element NameChanges That csClient Makes to the Mail File Server Placement Windows Domains and Domino DomainsAuthentication Active Directory Accounts and PermissionsDomino Permissions Cisco Unity Subscribers and Domino UsersDomino Clusters Client Access Licenses Cisco Unity and the Domino Address BookMessage Routing Backing Up and Restoring DataUnified Messaging Configurations Unified Messaging, No Domino ClusterServers Requirements and Recommendations Voice Messaging Configuration Criteria for a Supported ConfigurationUnified Messaging, Domino Cluster Deploying Cisco Unity for Lotus Domino Administrative Access and Control Network ServicesDeployment Tasks for Unified Messaging Configurations Establishing Support PoliciesOperational Tasks Design Guide for Cisco Unity Release Integrating Cisco Unity with the Phone System OverviewHow an Integration Works Lines and Cables to Make Physical Connections Integration with Cisco Unified Communications ManagerDigital Integration with Digital Pimg Units Dtmf Integration with Analog Pimg Units Timg Integration LAN/WANDtmf Integration with Voice Cards Serial Integration with Voice CardsSettings in the Phone System and in Cisco Unity Connections for a Serial Integration by Using Voice CardsCall Control General Integration Issues Feature Sccp SIPIntegrating Cisco Unity with the Phone System Option Considerations Cisco Unified Communications Manager Security Features DescriptionDescription When Data Is Encrypted Setting EffectSettings for Individual Voice Messaging Ports Disabling and Re-Enabling SecurityPacketization Sccp Integrations Only Sccp SIP Cisco 11 Cisco Unified Communications Manager Fallback with Pstn Cisco Unity to a branch office will fail Integrating by Using SIP Supported SIP Integrations Cisco Unity Failover with SIP TrunksSIP Compliance Description of Pimg Integrations Dtmf Integration with Analog Pimg Units Description of Timg Integrations Setup and Configuration Firmware Updates Serial IntegrationsIncreasing Port Capacity Cisco Unity FailoverCisco Unity Failback Multiple Integration Support/Branch Office ConsolidationIntegrating with Multiple Phone Systems Using Sccp Phone Systems with Other Integrations Requirements for Integrations with Multiple Phone SystemsOptional Integration Features Alternate ExtensionsReasons to Use Alternate Extensions How Alternate Extensions WorkAlternate MWIs MWIs for Extensions on a Non-Integrated Phone SystemCentralized Voice Messaging OL-14619-01 OL-14619-01 Cisco Unity Failover and Standby Redundancy FailoverStandby Redundancy Cisco Unity Failover and Standby Redundancy Cisco Unity Failover and Standby Redundancy Diagram of a Standby Redundancy Configuration Pstn WANOL-14619-01 Voice-Recognition Access to Cisco Unity OL-14619-01 Migrating to Cisco Unity from Another Voice-Messaging System Migrating to Cisco Unity from Another Voice-Messaging System D E IN-2 IN-3 IN-4
Top Page Image Contents