Cisco Systems 6901 manual Overview of Supported Security Features, Feature Description

Page 25

Chapter 1 An Overview of the Cisco Unified IP Phone

Understanding Security Features for Cisco Unified IP Phones

Overview of Supported Security Features

Table 1-5provides an overview of the security features that the Cisco Unified IP Phone 6901 and 6911 support. For more information about these features and about Cisco Unified Communications Manager and Cisco Unified IP Phone security, refer to Cisco Unified Communications Manager Security Guide.

 

Note

 

Most security features are available only if a certificate trust list (CTL) is installed on the phone. For

 

 

 

more information about the CTL, refer to “Configuring the Cisco CTL Client” chapter in Cisco Unified

 

 

 

Communications Manager Security Guide.

 

 

 

 

 

Table 1-5

Overview of Security Features

 

 

 

 

 

 

Feature

 

 

 

Description

 

 

 

 

Image authentication

 

Signed binary files (with the extension .zz.sgn) prevent tampering with the firmware

 

 

 

 

image before it is loaded on a phone. Tampering with the image causes a phone to

 

 

 

 

fail the authentication process and reject the new image.

 

 

 

Customer-site certificate installation

Each Cisco Unified IP Phone requires a unique certificate for device authentication.

 

 

 

 

Phones include a manufacturing installed certificate (MIC), but for additional

 

 

 

 

security, you can specify in Cisco Unified Communications Manager

 

 

 

 

Administration that a certificate be installed by using the Certificate Authority

 

 

 

 

Proxy Function (CAPF). See the “Configuring Security on the Cisco Unified IP

 

 

 

 

Phone” section on page 3-10for more information.

 

 

 

 

Device authentication

 

Occurs between the Cisco Unified Communications Manager server and the phone

 

 

 

 

when each entity accepts the certificate of the other entity. Determines whether a

 

 

 

 

secure connection between the phone and a Cisco Unified Communications

 

 

 

 

Manager should occur; and, if necessary, creates a secure signaling path between the

 

 

 

 

entities by using TLS protocol. Cisco Unified Communications Manager will not

 

 

 

 

register phones unless they can be authenticated by the Cisco

 

 

 

 

Unified Communications Manager.

 

 

 

 

File authentication

 

Validates digitally signed files that the phone downloads. The phone validates the

 

 

 

 

signature to make sure that file tampering did not occur after the file creation. Files

 

 

 

 

that fail authentication are not written to Flash memory on the phone. The phone

 

 

 

 

rejects such files without further processing.

 

 

 

Signaling Authentication

Uses the TLS protocol to validate that no tampering has occurred to signaling

 

 

 

 

packets during transmission.

 

 

 

Manufacturing installed certificate

Each Cisco Unified IP Phone contains a unique manufacturing installed certificate

 

 

 

 

(MIC), which is used for device authentication. The MIC is a permanent unique

 

 

 

 

proof of identity for the phone, and allows Cisco Unified Communications Manager

 

 

 

 

to authenticate the phone.

 

 

 

 

 

 

 

 

Cisco Unified IP Phone 6901 and 6911 Administration Guide for Cisco Unified Communications Manager 8.5 (SCCP and SIP)

 

 

 

 

 

 

OL-23874-01

 

 

1-13

 

 

 

 

 

Page 24 Page 26
Image 25
Page 24 Page 26
Contents Text Part Number OL-23874-01 Americas HeadquartersPage N T E N T S Manager Disabling and Enabling Web Page Access Network and Access Port Pinouts C-3 Installing the Bracket E-8 OL-23874-01 Audience OverviewOrganization Chapter DescriptionCisco Unified IP Phone 6900 Series Related DocumentationCisco Product Security Overview Convention Description Document ConventionsItalic font Italic screen fontAn Overview of the Cisco Unified IP Phone 1shows the main components of the Cisco Unified IP Phone Understanding the Cisco Unified IP Phone 6901OL-23874-01 2shows the main components of the Cisco Unified IP Phone OL-23874-01 What Networking Protocols are Used? Dynamic Host Configuration Protocol chapterNetworking Protocol Purpose Usage Notes Communications Manager System GuideUnified IP Phones section on page 1-17for Supporting 802.1X Authentication on CiscoSee the LLDP-MED and Cisco Discovery Protocol 701/technologieswhitepaper0900aecd804cd46dCisco Unified Communications Manager Communications Manager Security GuideSystem Guide Related TopicsConfiguring Telephony Features Feature OverviewRelated Topic Providing Users with Feature InformationOL-23874-01 Topic Reference Refer to the Troubleshooting Guide for Cisco UnifiedCommunications Manager Security, refer to the Cisco Unified Communications ManagerFeature Description Overview of Supported Security FeaturesPhone section on page 3-10for more information Voice Quality Metrics IP Phones section on page 1-17for more informationUnderstanding Security Profiles Establishing and Identifying Protected Calls Overview Supporting 802.1X Authentication on Cisco Unified IP PhonesRequired Network Components Best Practices-Requirements and Recommendations OL-23874-01 Purpose For More Information Communications Manager Administration Communications Manager Administration GuideChapter in the Cisco Unified Communications Manager Installing Cisco Unified IP Phones Terminology Differences User Guide Administration and System GuidesRefer to Cisco Unified IP Phone 6901 A P T E R Cisco Communications Manager Administration Guide Providing Power to the Cisco Unified IP Phone Power Outage Power GuidelinesPower Type Guidelines Obtaining Additional Information About Power Understanding Phone Configuration FilesPurpose Related Topics Understanding the Phone Startup ProcessObtaining an IP Address Method Address? Adding Phones with Auto-RegistrationAdding Phones with Auto-Registration and Taps Procedure Adding Phones Using the BAT Phone TemplateConverting a New Phone from Sccp to SIP Using Cisco Unified IP Phones with Different ProtocolsDeploying a Phone in an Sccp and SIP Environment Determining the MAC Address for a Cisco Unified IP PhoneNetwork Requirements Before You BeginNetwork and Access Ports Cisco Unified Communications Manager ConfigurationSpeakerphone Cisco Unified IP Phone 6911 Only HandsetSee the Network and Access Ports section on Installing the Cisco Unified IP PhoneCisco Unified IP Phone 6901 Cable Connections Cisco Unified IP Phone 6911 Cable Connections 3illustrates the footstand on the Cisco Unified IP Phone FootstandLower Viewing Angle Higher Viewing AngleMounting the Phone to the Wall Configuring Startup Network SettingsVerifying the Phone Startup Process Before You Begin Configuring Security on the Cisco Unified IP PhonePhone Settings Options Configuring Settings on the Cisco Unified IP PhoneOption Description Accessing the IVR and Configuring Your Phone Setting Accessing the Phone Configuration SettingsAction IVR Code Navigating Notes OL-23874-01 Configuring Features, Templates, Services, and Users Features and Services Guide, Barge Feature Description Configuration ReferenceSystem Guide, Cisco Unified IP Phones Unified Communications ManagerUnified Communications Manager Features Features and Services Guide BargeServices Guide Administration Guide, DirectoryManager Features and Services Guide Forward Maximum Hop Count service parameterFeatures and Services Guide,Barge Communications Manager FeaturesPoint Configuration chapter in the Cisco Codes and Forced Authorization CodesConference Bridges chapter Administration Guide, Message Waiting Number/Pattern Configuration chapterConfiguration chapter System Guide, Voice Mail ConnectivityAdministration Guide, Cisco Unified IP Services Guide, MonitoringPhone Configuration chapter Administration Guide, Date/Time Group Administration Guide, Time PeriodAdministration Guide, Cisco Voice-Mail Adding Users to Cisco Unified Communications ManagerManaging the User Options Web Pages Giving Users Access to the User Options Web PagesUnified Communications Manager System Guide Click Save Selected/Changes Specifying Options that Appear on the User Options Web Pages OL-23874-01 Monitoring the Cisco Unified IP Phone Remotely Http//IPaddress Accessing the Web Page for a PhoneDevice Information Disabling and Enabling Web Page AccessUDI Network SetupDescription Vlan Network Statistics Table below Device Logs Message Description Possible Explanation and Action Status MessagesAdding Phones to the Cisco Unified Communi Cations Manager Database section onMessage Description Possible Explanation and Action Message Description Possible Explanation and Action Streaming Statistics Streaming Statistics Area Items Configuring Settings on the Cisco Unified IP Phone chapter OL-23874-01 Resolving Startup Problems Troubleshooting and MaintenanceTroubleshooting and Maintenance Resolving Startup Problems Identifying Error Messages Cisco CallManager and Tftp Services Are Not Running Symptom Cisco Unified IP Phone Unable to Obtain IP Address Verifying Dhcp Settings Cisco Unified IP Phone Resets UnexpectedlyVerifying the Physical Connection Identifying Intermittent Network OutagesVerifying the Voice Vlan Configuration Checking Static IP Address SettingsVerifying that the Phones Have Not Been Intentionally Reset Eliminating DNS or Other Connectivity ErrorsChecking Power Connection General Troubleshooting TipsSummary Explanation Halfduxcollisionexceedthreshold Phone Configuration Settings section on page 4-2for detailsPerforming a Basic Reset Resetting or Restoring the Cisco Unified IP PhonePerforming a Factory Reset Performing a Basic Reset, Performing a Factory Reset,Monitoring the Voice Quality of Calls Using Voice Quality MetricsMetric Change Condition Troubleshooting TipsCleaning the Cisco Unified IP Phone Where to Go for More Troubleshooting InformationOL-23874-01 Providing Information to Users Via a Website How Users Access a Voice Messaging System How Users Configure Phone FeaturesSupporting International Users OL-23874-01 Specification Value or Range Physical and Operating Environment SpecificationsCable Specifications Network Port Connector Network and Access Port PinoutsAccess Port Connector Pin Number FunctionOL-23874-01 Example User Information for These Procedures Basic Phone Administration StepsAdding a User From an External Ldap Directory Proceed to Configuring the Phone section on page D-3Proceed to the section Configuring the Phone, page D-3 Configuring the PhoneOL-23874-01 OL-23874-01 Click Device Associations Performing Final End User Configuration StepsClick Save OL-23874-01 Installing a Wall Mount for the Cisco Unified IP Phone Before You Begin Figure E-2 Preparing the Handset HookswitchNetwork Port on the Phone RJ45 Connector Installing the Phone on Wall Mount PlateFigure E-4 RJ45 Connector in the Wall Mount Jack Figure E-5 Mounting Holes Firmly slide the IP phone down into place Figure E-6 Phone bracket Installing the Bracket Figure E-8 Mounting the Wall Bracket Figure E-9 Attaching the Phone Bracket Figure E-10 Preparing the Handset Hookswitch Figure E-11 Attaching the Cables Figure E-12 Attaching the Phone to the Wall Bracket OL-23874-01 ADA Non-Lockable Wall Mount Kit for 6900 Series Cisco Unified IP Phone Non-Lockable Wall MountPackage includes these items ComponentsInstall Non-Lockable Wall Mount Kit for Phone Figure F-4 Mount the Wall Bracket Figure F-5 Attach Phone Bracket Proceed to Before You Begin, page E-2 Remove Phone from Non-Lockable Wall MountFigure F-7 Figure F-8 Protocol FeaturesProtocol Features Sccp SIP OL-23874-01 Numerics IN-2 IN-3 IN-4 IN-5 IN-6 IN-7 IN-8
Related manuals
Manual 62 pages 9.7 Kb Manual 14 pages 29.4 Kb

6901 specifications

Cisco Systems 6901 is a versatile, compact, and powerful router designed to meet the networking needs of small to medium-sized businesses, as well as enterprise branch offices. This model is part of Cisco's ISR (Integrated Services Router) portfolio, which is known for its capability to integrate multiple services into a single platform, ensuring high efficiency and cost-effectiveness.

One of the main features of the Cisco 6901 is its ability to support advanced routing protocols, including RIP, EIGRP, OSPF, and BGP. This versatility allows for seamless integration into various network architectures, facilitating efficient communication and data transfer across multiple locations. The device is also built to handle high-bandwidth applications, making it an ideal choice for businesses that rely on robust network performance.

In terms of connectivity, Cisco 6901 offers multiple Ethernet ports, supporting both 10/100/1000 Mbps speeds. This ensures that users can connect a variety of devices, ranging from office computers to network printers, all while maintaining optimal network performance. Additionally, the router supports both LAN and WAN interfaces, providing flexibility in deployment options.

Security is a crucial aspect of networking, and the Cisco 6901 does not disappoint in this regard. It comes equipped with advanced security features, including firewall capabilities, intrusion prevention, and VPN support. These features ensure that sensitive business data is protected from unauthorized access, while also providing secure remote access for employees.

Another essential characteristic of the Cisco 6901 is its support for various multimedia applications. The router comes with Quality of Service (QoS) features that prioritize voice, video, and data traffic, ensuring high-quality performance for applications such as VoIP and video conferencing. This is particularly valuable in today's business landscape, where effective communication is critical for success.

The Cisco 6901 is also designed for ease of management and configuration. It features a user-friendly interface that simplifies the setup process, along with comprehensive monitoring tools that enable administrators to keep an eye on network performance and address any issues proactively.

In summary, the Cisco Systems 6901 is a powerful, feature-rich router that combines advanced routing capabilities with robust security measures and multimedia support. Its flexibility, ease of management, and comprehensive service integration make it an excellent choice for businesses seeking to enhance their networking infrastructure. With the Cisco 6901, organizations can achieve efficient communication, secure data exchange, and high-performance network operations, positioning themselves well for future growth.
Top Page Image Contents