SKIP THE SHIPPING
Use code NOSHIP during checkout to save 40% on eligible eBooks, now through January 5. Shop now.
Register your product to gain access to bonus material or receive a coupon.
This eBook includes the following formats, accessible from your Account page after purchase:
EPUB The open industry format known for its reflowable content and usability on supported mobile devices.
PDF The popular standard, used most often with the free Acrobat® Reader® software.
This eBook requires no passwords or activation to read. We customize your eBook by discreetly watermarking it with your name, making it uniquely yours.
Master the foundations of modern Cisco Unified Communications (UC) system security
This guide helps you build foundational knowledge for securing modern Cisco Unified Communications environments that support voice, video, messaging, and meetings, and support different types of real-time collaboration capabilities based on mobile/remote access and mobile devices based on bring-your-own-device (BYOD) initiatives.
Writing for administrators and managers, two Cisco collaboration experts bring together methods and insights to illuminate both the why and the how of effective collaboration security. Using the proven Explain, Demonstrate, and Verify methodology, they explain each threat, demonstrate remediation, and show how to confirm correct implementation. You'll walk through securing each attack surface in a logical progression, across each Cisco UC application domain.
The authors address key updates to Cisco collaboration architecture, including Expressway, Cisco Meeting Server, encryption enhancements, and advanced business-to-business collaboration. You'll find quick-reference checklists in each chapter, and links to more detail wherever needed.
Download the sample pages (includes Chapter 3)
Introduction xix
Chapter 1 The Importance of Practical UC Security 1
Identifying the Threat Landscape 2
The Danger of Shadow IT 4
Balancing Operations and Security 5
Minimizing Complexity 7
Visibility and Management 10
Introduction to ACME: Case Study 11
Summary 13
Additional Resources 14
Chapter 2 Physical Security and Life Safety 15
Introduction to Physical Security and Life Safety 15
Life and Safety Considerations 28
Summary 53
Additional Resources 54
Chapter 3 Security Through Network Fundamentals 55
Introduction to Network Security 57
Segmentation 58
Micro Segmentation 59
Secure Network Access 64
Security Features 75
Firewalls and Access Controls 84
Continuous Monitoring 86
Summary 86
Additional Resources 87
Chapter 4 Maintaining Security Across UC Deployment Types 89
Common Enterprise Collaboration Deployment Models and Security Considerations 90
An Overview of How to Secure Cluster Communications 96
NTP Authentication Enablement and Verification 100
Securing Intra-Cluster Signaling and Traffic 103
Securing the Signaling Traffic to IOS Voice and Analog Gateways 110
Securing the Integration with Cisco Emergency Responder 118
Summary 123
Additional Resources 124
Chapter 5 Hardening the Core Cisco UC Appliance Operating Systems 125
Defining the Core UC Applications 126
Hardening the Voice Operating System 138
Performing OS Lockdown via CLI 147
Summary 159
Additional Resources 159
Chapter 6 Core Cisco UC Application Lockdown 161
Types of Users in Cisco Unified Communications Manager and Cisco Unity Connection 162
Strengthening Local User Account Controls 163
Importing End Users from a LDAP Directory 175
Using Single Sign-On to Simplify the Login Experience 186
Synching End Users Between Unity Connection and Unified CM Using
Locking Down the GUI 201
Enabling System Monitoring Using SNMP and Syslog 204
Disaster Recovery Planning and Best Practices 213
Summary 214
Additional Resources 214
Chapter 7 Encrypting Media and Signaling 217
Licensing (Encryption License) and Allowing Export Restrictions Requirements 218
FIPS Considerations When Enabling Secure Signaling and Media Encryption 222
Public Key Infrastructure Overview 222
TFTP File Encryption 237
Overview of the Endpoint Registration Process 239
Applying the Secure Phone Profiles and LSC to the Phones 264
Summary 271
Additional Resources 271
Chapter 8 Securing Cisco Unified Communications Manager (Cisco) 273
Endpoint Hardening 274
Secure Conferencing 276
Conference Now 298
Smart Licensing 298
Summary 302
Additional Resources 303
Chapter 9 Securing Cisco Unity Connection 305
Baseline Security Considerations Overview 306
Securing User Access to the Unity Connection 311
Securely Integrating Unity Connection with Unified CM 316
Preventing Toll Fraud in Unity Connection 325
Summary 336
Additional Resources 337
Chapter 10 Securing Cisco Meeting Server 339
CMS Overview and Deployment Modes 340
Operating System Hardening 342
Infrastructure Considerations 347
Securing CMS Connections 351
Certificate Verification 356
Certificate Assignment 360
Application Programming Interfaces (APIs) 367
Inbound and Outbound Calling 370
Summary 381
Additional Resources 382
Chapter 11 Securing the Edge 383
Business Requirements for the Collaboration Edge 383
Cisco's Collaboration Edge Architecture 384
Deploying CUBE 388
Security Features Within Expressway 403
Deploying Mobile and Remote Access 406
Defending Against Attacks at the Edge 420
B2B Connectivity 422
Summary 424
Additional Resources 425
Chapter 12 Securing Cloud and Hybrid Cloud Services 427
Business Drivers for Cloud and Hybrid UC Services 428
Coordinating for Governance and Compliance 430
Considerations for Secure Calling 433
Securing Messaging Services 446
Meeting Management and Security Controls 456
Security Across Emerging Features 463
IoT Security 467
Summary 470
Additional Resources 470
Afterword 471
TOC, 9780136654452, 11/5/2020