McDewey

Multi-vendor documentation library · semantic search · MCP endpoint at /mcp

Page 238

↗ View in doc context
page
238
source
cucm/v15/security-guide/security-guide.md
chunk_id
cucm::v15::security-guide::security-guide::237

Identity Management Use SAML Single Sign-On (SSO) to access a defined set of Cisco applications after signing into one of those applications. SAML describes the exchange of security-related information between trusted business partners. It's an authentication protocol used by service providers (such as Cisco Unified Communications Manager) to authenticate a user. With SAML, an identity provider and a service provider exchanges security authentication information. This feature provides secure mechanisms to use common credentials and relevant information across various applications. For more information on Identity management, see Manage SAML Single Sign-On in Administration Guide for Cisco Unified Communications Manager. Contact Search Authentication Contact Search Authentication requires you to authenticate yourselves before searching the directory for other users. Navigate to the following topics for more information on Contact Search Authentication. 1. Confirm Phone Support for Contact Search Authentication, on page 236 2. Enable Contact Search Authentication, on page 236 3. Configure Secure Directory Server for Contact Search, on page 236 Identity Management Overview Identity Management is an essential component of your Cisco Collaboration deployment. Because Identity is often the main target for hackers, it’s essential to configure secure authentication and authorization services in order to secure your system. Cisco Unified Communications Manager provides a number of options for managing identity, authentication and authorization for services. • SAML SSO Deployment with Third-Party Identity Provider • LDAP authentication • Local DB Authentication SAML SSO Deployment SAML SSO improves your enterprise security, while improving productivity at the same time. Using the SAML 2.0 protocol, SAML SSO connects your Cisco Collaboration infrastructure to a third-party Identity Provider for secure login and authentication services for administrator and client logins across domains and across products. Worker productivity is improved as the Identity Provider stores a single login—once you login successfully to one of your Collaboration applications, you can access any of them without having to login again. SAML SSO provides the following benefits to your Identity Framework: • Reduces password fatigue by removing the need for entering different user name and password combinations. • Transfers the authentication from your system that hosts the applications to a third party system. • Protects and secures authentication information. SAML SSO provides encryption functions to protect authentication information passed between the IdP, service provider, and user. SAML SSO can also hide authentication messages passed between the IdP and the service provider from any external user. Security Guide for Cisco Unified Communications Manager, Release 15 and SUs 220 User Security Identity Management Overview