McDewey

Multi-vendor documentation library · semantic search · MCP endpoint at /mcp

Page 214

↗ View in doc context
page
214
source
cucm/v15/security-guide/security-guide.md
chunk_id
cucm::v15::security-guide::security-guide::214

• Cisco TelePresence Conductor You will not be able to upgrade conference bridges, Media Termination Point (MTP), Xcoder, Prime Collaboration Assurance, Prime Collaboration Provisioning, Cisco Unity Connection, Cisco Meeting Server, Cisco IP Phones, Cisco Room Devices, Cloud services like Fusion Onboarding Service (FOS), Common Identity Service, Smart License Manager (SLM), Push REST service, and Cisco Jabber and Webex App clients along with other third-party applications. If you are upgrading from an earlier release of Unified Communications Manager, make sure that all your devices and applications support the higher version of TLS before you configure it. For example, Unified Communications Manager and IM and Presence Services, Release 9.x supports TLS 1.0 only. Note TLS Configuration Task Flow Complete the following tasks to configure Unified Communications Manager for TLS connections. Procedure Purpose Command or Action By default, Unified Communications Manager supports a minimum TLS version of 1.0. If your security needs require Set Minimum TLS Version, on page 197. Step 1 a higher version of TLS, reconfigure the system to use TLS 1.1 or 1.2. Configure the TLS cipher options that Unified Communications Manager supports. (Optional) Set TLS Ciphers, on page 197. Step 2 Assign TLS connections to a SIP Trunk. Trunks that use this profile use TLS for signaling. You can also use the Configure TLS in a SIP Trunk Security Profile, on page 197. Step 3 secure trunk to add TLS connections to devices, such as conference bridges. Assign a TLS-enabled SIP trunk security profile to a SIP trunk to allow the trunk to support TLS. You can use the Add Secure Profile to a SIP Trunk, on page 198. Step 4 secure trunk to connect resources, such as conference bridges. Assign TLS connections to a phone security profile. Phones that use this profile use TLS for signaling. Configure TLS in a Phone Security Profile, on page 199. Step 5 Assign the TLS-enabled profile that you created to a phone. Add Secure Phone Profile to a Phone, on page 199. Step 6 Assign a TLS-enabled phone security profile to a universal device template. If you have the LDAP directory Add Secure Phone Profile to a Universal Device Template, on page 200. Step 7 synchronization configured with this template, you can provision phones with security through the LDAP sync. Security Guide for Cisco Unified Communications Manager, Release 15 and SUs 196 Basic System Security TLS Configuration Task Flow