/mcpDescription Procedure Steps Configure SIP Trunk for SRTP. Enable SIP on Trunks Step 9 Configure your Identity Management Framework. SAML SSO is recommended for Identity Management. However, you can also use LDAP Authentication or Local authentication. Enable SAML SSO Step 10 Assign end users to access control groups to contain roles and access privileges that they need. Configure User Access Step 11 Configure default credential policies for user passwords, user PINs, and application user passwords. Configure Credential Policies Step 12 Ensure authentication of all directory searches to secure the company directory. Configure Contact Search Authentication Step 13 Configure TLS signaling through Phone Security and Trunk Security Profiles. Enable TLS Step 14 Customize the list of encryption ciphers that are supported on your system. Configure Cipher Management Step 15 Configure IPSec Policies for your system. Configure IPSec Policies Step 16 Configure secure gateway for your system. Configure Gateway Security Step 17 Configure OS Hardening. Configure OS Hardening Step 18 Configure FIPS mode, Enhanced Security Mode, and Common Criteria Mode to meet compliance guidelines around encryption and data security. Configure FIPS Step 19 Configure optional security features, such as: • Secure Monitoring and Recording • Secure Conferencing • Secure Tones and Icons • V.150 • Mobile and Remote Access • AS-SIP Configure Security Features Step 20 Security Guide for Cisco Unified Communications Manager, Release 15 and SUs 10 An Introduction to Unified CM Security Security Configurations