Manuals / Cisco Systems / Communications / Cordless Telephone

Cisco Systems 7940G, 7960G manual Overview of Supported Security Features, Feature Description

Models: 7960G 7940G

1 162
Download 162 pages 37.83 Kb
Page 21
Image 21

Chapter 1 An Overview of the Cisco Unified IP Phone

Understanding Security Features for Cisco Unified IP Phones

Overview of Supported Security Features

 

 

 

Table 1-3provides an overview of the security features that the Cisco Unified IP Phones support. For

 

 

 

more information about these features and about Cisco Unified Communications Manager and

 

 

 

Cisco Unified IP Phone security, refer to Cisco Unified Communications Manager Security Guide.

 

 

 

For information about current security settings on a phone, choose Settings > Security Configuration.

 

 

 

For more information, see the “Security Configuration Menu” section on page 6-12.

 

 

 

 

 

 

Note

Most security features are available only if a certificate trust list (CTL) is installed on the phone. For

 

 

 

more information about the CTL, refer to “Configuring the Cisco CTL Client” chapter in Cisco Unified

 

 

 

Communications Manager Security Guide.

 

 

 

 

Table 1-3

Overview of Security Features

 

 

 

 

 

Feature

 

 

 

Description

 

 

 

Image authentication

 

Signed binary files (with the extension .sbn) prevent tampering with the firmware image

 

 

 

 

before it is loaded on a phone. Tampering with the image causes a phone to fail the

 

 

 

 

authentication process and reject the new image.

 

 

Customer-site certificate

Each Cisco Unified IP Phone requires a unique certificate for device authentication.

installation

 

 

 

Phones include a manufacturing installed certificate (MIC), but for additional security, you

 

 

 

 

can specify in Cisco Unified Communications Manager Administration that a certificate be

 

 

 

 

installed by using the CAPF. Alternatively, you can install an LSC from the Security

 

 

 

 

Configuration menu on the phone. See the “Configuring Security on the Cisco Unified IP

 

 

 

 

Phone” section on page 3-10for more information.

 

 

 

Device authentication

 

Occurs between the Cisco Unified Communications Manager server and the phone when

 

 

 

 

each entity accepts the certificate of the other entity. Determines whether a secure

 

 

 

 

connection between the phone and a Cisco Unified Communications Manager should

 

 

 

 

occur, and, if necessary, creates a secure signaling path between the entities using TLS

 

 

 

 

protocol. Cisco Unified Communications Manager will not register phones unless they can

 

 

 

 

be authenticated by the Cisco Unified Communications Manager.

 

 

 

File authentication

 

Validates digitally-signed files that the phone downloads. The phone validates the

 

 

 

 

signature to make sure that file tampering did not occur after the file creation. Files that

 

 

 

 

fail authentication are not written to Flash memory on the phone. The phone rejects such

 

 

 

 

files without further processing.

 

 

Signaling Authentication

Uses the TLS protocol to validate that no tampering has occurred to signaling packets

 

 

 

 

during transmission.

 

 

Manufacturing installed

Each Cisco Unified IP Phone contains a unique manufacturing installed certificate (MIC),

certificate

 

 

 

which is used for device authentication. The MIC is a permanent unique proof of identity

 

 

 

 

for the phone, and allows Cisco Unified Communications Manager to authenticate the

 

 

 

 

phone.

 

 

Secure SRST reference

After you configure a SRST reference for security and then reset the dependent devices in

 

 

 

 

Cisco Unified Communications Manager Administration, the TFTP server adds the SRST

 

 

 

 

certificate to the phone cnf.xml file and sends the file to the phone. A secure phone then

 

 

 

 

uses a TLS connection to interact with the SRST-enabled router.

 

 

 

 

 

Cisco Unified IP Phone 7960G/7940G Administration Guide for Cisco Unified Communications Manager 7.0 (SCCP)

 

OL-15498-01

1-9

 

 

 

Page 20 Page 22
Page 21
Image 21
Cisco Systems 7940G Overview of Supported Security Features, Communications Manager Security Guide, Feature Description
Page 20 Page 22

7960G, 7940G specifications

Cisco Systems has long been a leader in creating innovative networking and communication solutions. Among their range of Voice over IP (VoIP) phones, the Cisco 7960G and 7940G stand out as robust, versatile devices that cater to the needs of modern businesses. Released in the early 2000s, these models respectively combine functionality, ease of use, and key features tailored for effective communication.

The Cisco 7960G is a high-end model designed for users who demand advanced features and functionalities. It comes with a large backlit LCD display that not only enhances visibility but also provides easy navigation through various options. The phone supports up to six lines, allowing users to manage multiple calls effortlessly. Its user-friendly interface includes programmable feature buttons and a 10/100 Ethernet switch, enabling seamless integration into existing networks.

On the other hand, the Cisco 7940G is a more basic model designed for users who require essential features for their business communications. It includes a monochrome LCD screen and supports a maximum of two lines. Despite its simplicity, the 7940G is equipped with several key features such as integrated speakerphone and mute options, making it ideal for day-to-day communication needs. Both models support Power over Ethernet (PoE), eliminating the need for separate power adapters and ensuring a cleaner, more organized workspace.

In terms of technologies, both the 7960G and 7940G leverage the Session Initiation Protocol (SIP) for signaling and media exchange. They also support secure communication through protocols like Secure Real-time Transport Protocol (SRTP) and Transport Layer Security (TLS). This ensures that businesses can engage in confidential conversations without the risk of interception.

The characteristics that make these models appealing include durability, ease of configuration, and reliability. Organizations can benefit from Cisco’s reliable support and regular updates, ensuring that their communication infrastructure remains robust and secure. With features designed for scalability, both phones can easily integrate into larger systems while maintaining high call quality.

In summary, Cisco’s 7960G and 7940G VoIP phones are exemplary devices that cater to a variety of business communication scenarios. With their blend of functionality, support for essential technologies, and reliable performance, they continue to serve organizations effectively in an increasingly interconnected world. Whether used in a bustling office or as part of a dynamic telecommunications strategy, these models offer excellent value and performance.