Cisco Unified MeetingPlace, Release 7.0 -- Overview of Security Tasks

From DocWiki

Jump to: navigation, search

Main page: Cisco Unified MeetingPlace, Release 7.0

Up one level: Configuration




While your company may already have guidelines for securing its computer systems and preventing toll fraud, we also recommend that you perform the tasks listed in Table: Security Recommendations for Cisco Unified MeetingPlace.


Table: Security Recommendations for Cisco Unified MeetingPlace
Recommendation Where to Find Information
Toll Fraud Prevention

Restrict dial-out privileges to specific users.

Monitor dial-out usage.

We recommend that you configure Cisco Unified Communications Manager with a Calling Search Space that does the following:

  • Allows dial-out calls to meeting participants and the help desk Attendant.
  • Prevents toll fraud by blocking unwanted dial-out calls, for example, to international or premium-rate telephone numbers.
System Security

Secure the physical location of the servers. Keep the servers in areas protected by lock or card-key systems to prevent unauthorized access to the systems.

-

Use the Cisco Security Agent on the Application Server.

Use the Secure Socket Layer (SSL) on the Application Server.

Keep the database current. Deactivate or delete the user profiles of employees who leave the company.

Change the default passwords for the admin profile.

On the router that connects Cisco Unified MeetingPlace to the external network, limit external SSH access to Cisco Unified MeetingPlace to the following:

  • Safe IP address in your company or organization
  • Third-party support personnel
  • Cisco IP addresses:
    • 128.107.0.0/16
    • 198.133.219.0/24


Even if you believe that the SSH login credentials are safe, denial of service attacks may still be launched against your system.

  • Documentation for your specific router and software release

Complete as many of these tasks as are appropriate for your user base.

Web Server Security

Use the Cisco Security Agent on the Web Servers, especially those in the DMZ.

Use McAfee VirusScan Enterprise on the Web Servers, especially those in the DMZ.

Enable SSL on the Web Servers.

Rating: 5.0/5 (1 vote cast)

Personal tools