Filter
Top Products
6-13
Design Guide for Cisco Unity Release 5.x
OL-14619-01
Chapter 6 Integrating Cisco Unity with the Phone System
Integrating with Cisco Unified Communications Manager (by Using SCCP or SIP)
• Identity theft of the Cisco Unity voice messaging port, in which a non-Cisco Unity device presents
itself to Cisco Unified
CM as a Cisco Unity voice messaging port.
• Identity theft of the Cisco Unified CM server, in which a non-Cisco Unified CM server presents
itself to Cisco
Unity voice messaging ports as a Cisco Unified CM server.
Note SIP integrations do not support Cisco Unified CM authentication or encryption.
See the following sections for additional details:
• Cisco Unified Communications Manager Security Features, page 6-13
• When Data Is Encrypted, page 6-15
• Cisco Unified Communications Manager Cluster Security Mode Settings in Cisco Unity, page 6-15
• Disabling and Re-Enabling Security, page 6-16
• Multiple Integrations Can Have Different Security Mode Settings, page 6-16
• Settings for Individual Voice Messaging Ports, page 6-16
Cisco Unified Communications Manager Security Features
Cisco Unified CM 4.1(3) or later can secure the connection with Cisco Unity against these threats. The
Cisco Unified
CM security features that Cisco Unity can take advantage of are described in Table 6-3.
Table 6-3 Cisco Unified Communications Manager Security Features That Are Used by Cisco Unity
Security Feature Description
Signaling
authentication
Uses the Transport Layer Security (TLS) protocol to validate that no tampering has occurred to
signaling packets during transmission. Signaling authentication relies on the creation of the Cisco
Certificate Trust List (CTL) file.
This feature protects against:
• Man-in-the-middle attacks that modify the information flow between Cisco Unified CM and the
Cisco
Unity voice messaging ports.
• Modification of the call signaling.
• Identity theft of the Cisco Unity voice messaging port.
• Identity theft of the Cisco Unified CM server.
Device
authentication
Validates the identity of the device. This process occurs between Cisco Unified CM and Cisco Unity
voice messaging ports when each device accepts the certificate of the other device. When the
certificates are accepted, a secure connection between the devices is established. Device authentication
relies on the creation of the Cisco Certificate Trust List (CTL) file.
This feature protects against:
• Man-in-the-middle attacks that modify the information flow between Cisco Unified CM and the
Cisco
Unity voice messaging ports.
• Modification of the media stream.
• Identity theft of the Cisco Unity voice messaging port.
• Identity theft of the Cisco Unified CM server.