Cisco 7961G Administration Manual page 41

For cisco callmanager 4.1(3)

Hide thumbs Also See for 7961G:

Administration manual (260 pages)

Phone manual (92 pages)

Datasheet (8 pages)

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

Table of Contents

Chapter 1

An Overview of the Cisco IP Phone

Most security features are available only if a certificate trust list (CTL) is installed

Note

on the phone. For more information about the CTL, refer to the

Cisco CallManager Security Guide.

•

Cisco IP Phone Administration Guide for Cisco CallManager, Cisco IP Phone 7961G/7961G-GE and 7941G/7941G-GE

OL-6966-01

Image authentication—Signed binary files (with the extension.sbn) prevent

tampering with the firmware image before it is loaded on a phone. Tampering

with the image causes a phone to fail the authentication process and reject the

new image.

Customer-site certificate installation—Each Cisco IP Phone requires a

unique certificate for device authentication. Phones include a manufacturing

installed certificate, but for additional security, you can specify in Cisco

CallManager Administration that a certificate be installed by using the CAPF.

Alternatively, you can initiate the installation of an LSC from the Security

Configuration menu on the phone.

Device authentication—Occurs between the Cisco CallManager server and

the phone when each entity accepts the certificate of the other entity.

Determines whether a secure connection between the phone and a

Cisco CallManager should occur, and, if necessary, creates a secure signaling

path between the entities using TLS protocol. Cisco CallManager will not

File authentication—Validates digitally-signed files that the phone

downloads. The phone validates the signature to make sure that file

tampering did not occur after the file creation. Files that fail authentication

are not written to Flash memory on the phone. The phone rejects such files

without further processing.

Signaling Authentication—Uses the TLS protocol to validate that no

tampering has occurred to signaling packets during transmission.

Manufacturing installed certificate—Each Cisco IP Phone contains a unique

manufacturing installed certificate (MIC), which is used for device

authentication. The MIC is a permanent unique proof of identity for the

phone, and allows Cisco CallManager to authenticate the phone.

Understanding Security Features for Cisco IP Phones

1-13

Table of Contents

Chapters

Table of Contents

Troubleshooting

This manual is also suitable for:

7961g-ge 7941g 7941g-ge

Cisco 7961G Administration Manual page 41

Chapters

Troubleshooting

Related Manuals for Cisco 7961G

Related Products for Cisco 7961G

This manual is also suitable for:

Table of Contents