Practical Cisco Unified Communications Security
Cisco Press (Verlag)
978-0-13-665445-2 (ISBN)
- Titel z.Zt. nicht lieferbar
- Versandkostenfrei innerhalb Deutschlands
- Auch auf Rechnung
- Verfügbarkeit in der Filiale vor Ort prüfen
- Artikel merken
This guide helps you build foundational knowledge for securing modern Cisco Unified Communications environments that support voice, video, messaging, and meetings, and support different types of real-time collaboration capabilities based on mobile/remote access and mobile devices based on bring-your-own-device (BYOD) initiatives.
Writing for administrators and managers, two Cisco collaboration experts bring together methods and insights to illuminate both the “why” and the “how” of effective collaboration security. Using the proven “Explain, Demonstrate, and Verify” methodology, they explain each threat, demonstrate remediation, and show how to confirm correct implementation. You’ll walk through securing each attack surface in a logical progression, across each Cisco UC application domain.
The authors address key updates to Cisco collaboration architecture, including Expressway, Cisco Meeting Server, encryption enhancements, and advanced business-to-business collaboration. You’ll find quick-reference checklists in each chapter, and links to more detail wherever needed.
Begin by protecting your workforce through basic physical security and life/safety techniques
Understand how attackers seek to compromise your UC system’s network environment—and your best countermeasures
Maintain security across all UC deployment types n Protect core UC applications by locking down and hardening the core operating system
Use encryption to protect media and signaling, and enforce secure authentication
Secure Cisco Unified Communications Manager, Cisco Unity Connection, and Cisco Meeting Server
Deploy Session Border Controllers to provide security controls for VoIP and video traffic
Provide additional protection at the edge of the network
Safeguard cloud-based and hybrid-cloud services
Enable organizations to seamlessly and securely connect to cloud UC services
Allow remote teleworker users to connect safely to local UC resources
Brett Hall, CCIE R&S, Collaboration #20774, is a Customer Solutions Architect supporting Cisco’s product and service offerings for enterprise customers across the U.S. Army and defense agencies. He has more than 20 years’ IT experience and has worked with Cisco to support federal government initiatives for more than 13 years. He also works with Cisco business units to define product and service strategies and helps lead a global team of Cisco architects. To support customer requirements, Brett works with presales teams to engineer solutions that lead to customer adoption. Brett also drives solution development to help support future needs of his customers. Nik Smith, Technical Leader for Collaboration at Cisco, supports Cisco Unified Collaboration (UC) products and service offerings for the public sector, enterprise, and defense agencies. His 24 years of networking experience cover technologies ranging from RF communications and telecommunications to UC. For 14 years, he has supported some of the world’s largest Cisco UC deployments. During this time, he has led several large implementation teams involved in migrating from TDM to VoIP, along with network support and modernization. He now leads a team of UC engineers supporting the public sector, Department of Defense and providing guidance and mentoring to ensure that Cisco delivers best-in-class, highly secure UC capabilities.
Introduction xix
Chapter 1 The Importance of Practical UC Security 1
Identifying the Threat Landscape 2
The Danger of Shadow IT 4
Balancing Operations and Security 5
Minimizing Complexity 7
Visibility and Management 10
Introduction to ACME: Case Study 11
Summary 13
Additional Resources 14
Chapter 2 Physical Security and Life Safety 15
Introduction to Physical Security and Life Safety 15
Life and Safety Considerations 28
Summary 53
Additional Resources 54
Chapter 3 Security Through Network Fundamentals 55
Introduction to Network Security 57
Segmentation 58
Micro Segmentation 59
Secure Network Access 64
Security Features 75
Firewalls and Access Controls 84
Continuous Monitoring 86
Summary 86
Additional Resources 87
Chapter 4 Maintaining Security Across UC Deployment Types 89
Common Enterprise Collaboration Deployment Models and Security Considerations 90
An Overview of How to Secure Cluster Communications 96
NTP Authentication Enablement and Verification 100
Securing Intra-Cluster Signaling and Traffic 103
Securing the Signaling Traffic to IOS Voice and Analog Gateways 110
Securing the Integration with Cisco Emergency Responder 118
Summary 123
Additional Resources 124
Chapter 5 Hardening the Core Cisco UC Appliance Operating Systems 125
Defining the Core UC Applications 126
Hardening the Voice Operating System 138
Performing OS Lockdown via CLI 147
Summary 159
Additional Resources 159
Chapter 6 Core Cisco UC Application Lockdown 161
Types of Users in Cisco Unified Communications Manager and Cisco Unity Connection 162
Strengthening Local User Account Controls 163
Importing End Users from a LDAP Directory 175
Using Single Sign-On to Simplify the Login Experience 186
Synching End Users Between Unity Connection and Unified CM Using
Locking Down the GUI 201
Enabling System Monitoring Using SNMP and Syslog 204
Disaster Recovery Planning and Best Practices 213
Summary 214
Additional Resources 214
Chapter 7 Encrypting Media and Signaling 217
Licensing (Encryption License) and Allowing Export Restrictions Requirements 218
FIPS Considerations When Enabling Secure Signaling and Media Encryption 222
Public Key Infrastructure Overview 222
TFTP File Encryption 237
Overview of the Endpoint Registration Process 239
Applying the Secure Phone Profiles and LSC to the Phones 264
Summary 271
Additional Resources 271
Chapter 8 Securing Cisco Unified Communications Manager (Cisco) 273
Endpoint Hardening 274
Secure Conferencing 276
Conference Now 298
Smart Licensing 298
Summary 302
Additional Resources 303
Chapter 9 Securing Cisco Unity Connection 305
Baseline Security Considerations Overview 306
Securing User Access to the Unity Connection 311
Securely Integrating Unity Connection with Unified CM 316
Preventing Toll Fraud in Unity Connection 325
Summary 336
Additional Resources 337
Chapter 10 Securing Cisco Meeting Server 339
CMS Overview and Deployment Modes 340
Operating System Hardening 342
Infrastructure Considerations 347
Securing CMS Connections 351
Certificate Verification 356
Certificate Assignment 360
Application Programming Interfaces (APIs) 367
Inbound and Outbound Calling 370
Summary 381
Additional Resources 382
Chapter 11 Securing the Edge 383
Business Requirements for the Collaboration Edge 383
Cisco’s Collaboration Edge Architecture 384
Deploying CUBE 388
Security Features Within Expressway 403
Deploying Mobile and Remote Access 406
Defending Against Attacks at the Edge 420
B2B Connectivity 422
Summary 424
Additional Resources 425
Chapter 12 Securing Cloud and Hybrid Cloud Services 427
Business Drivers for Cloud and Hybrid UC Services 428
Coordinating for Governance and Compliance 430
Considerations for Secure Calling 433
Securing Messaging Services 446
Meeting Management and Security Controls 456
Security Across Emerging Features 463
IoT Security 467
Summary 470
Additional Resources 470
Afterword 471
TOC, 9780136654452, 11/5/2020
Erscheinungsdatum | 15.01.2021 |
---|---|
Reihe/Serie | Networking Technology: Security |
Verlagsort | Indianapolis |
Sprache | englisch |
Maße | 100 x 100 mm |
Gewicht | 880 g |
Themenwelt | Informatik ► Netzwerke ► Sicherheit / Firewall |
Naturwissenschaften ► Chemie ► Technische Chemie | |
Technik | |
ISBN-10 | 0-13-665445-2 / 0136654452 |
ISBN-13 | 978-0-13-665445-2 / 9780136654452 |
Zustand | Neuware |
Haben Sie eine Frage zum Produkt? |
aus dem Bereich