McDewey

Multi-vendor documentation library · semantic search · MCP endpoint at /mcp

Page 315

↗ View in doc context
page
315
source
cucm/v15/security-guide/security-guide.md
chunk_id
cucm::v15::security-guide::security-guide::316

In addition to the above hardening features, Unified Communications Manager workload performs security audit logging for OS, DB and application software. There are three security audit logs included: • Linux auditd log. • Unified CM Application audit log. • Informix database audit log. There are also configuration settings that allow the system administrator to configure the system to comply with the organization’s infosec requirements. The system administrator-configurable security settings and utilities include, but are not limited to: • Defining password policies. All passwords and PINs are hashed or encrypted and not stored as clear text. • Account lockout settings and credential policy. • Warning banner text. • Enabling TLS/SRTP for signaling and media. • Phone hardening settings. • IPSec to secure connections which do not use TLS. • Changing the self-signed PKI certificates to CA signed. • Enabling FIPS mode or Common Criteria mode. • Enabling SAML Single Sign-On which includes support for smart cards or bio-metric readers. • View all network connections, processes, active packages. • "show network status detail all nodns” Retrieves details on open ports, equivalent to a "netstat -an" Unix command. • "show process list detail” Retrieves a list of all the processes and critical information about each process, equivalent to a "ps -ef" Unix command. • “show packages active” Displays the name and version for installed and active packages. More details on configurable security options are in the Security Guide for Cisco Unified Communications Manager. Cisco’s UC offerings are regularly tested and validated to be compliant with a range of government certifications, including: • Department of Defense Information Network Approved Products List (DoDIN APL) • FIPS 140-2 Level 1 • FedRAMP • Common Criteria • Applicable U.S. Department of Defense Security Technical Implementation Guides (STIGs) For additional information on Cisco government certifications, see https://www.cisco.com/c/en/us/solutions/industries/government/global-government-certifications.html Security Guide for Cisco Unified Communications Manager, Release 15 and SUs 297 Advanced System Security Security Hardening