Table Of Contents
A - C - D - E - I - L - M - N - O - P - R - S - T - U - V - W -
Index
A
account policy
account lockout settings for phone access 8-7
phone password settings 8-6
accounts, defining policy for logons, passwords, and lockouts 8-5
ACE/Server return codes 7-12
administration account
limiting use of 6-2
using to log on to the Cisco Unity Administrator 6-2
Anonymous authentication, how it works with the Cisco Unity Administrator 7-4
audit policies, changing 1-2
authentication
Anonymous 7-4
Integrated Windows 7-2
overview 7-2
PCA passwords 7-9
authentication and encryption
best practice 5-4
settings in CiscoUnity 5-3
C
call signaling, modification threat 5-1
CA root certificate
adding to Domain Group Policy 9-7
exporting 9-7
changing
Cisco PCA passwords 8-4
Cisco Unity Administrator passwords 8-3
phone passwords 8-4
Cisco CallManager
call signaling modification 5-1
device authentication as a security feature 5-2
identity theft 5-1
man-in-the-middle attacks on connection to CiscoUnity 5-1
media (RTP) stream modification 5-1
media encryption as a security feature 5-3
network traffic sniffing (eavesdropping) 5-1
security connection with CiscoUnity 5-1
security issues 5-1
signaling authentication as a security feature 5-2
signaling encryption as a security feature 5-3
Cisco Certificate Trust List (CTL) file 5-2
Cisco PCA
authentication, how it works 7-9
passwords 7-9
passwords, changing 8-4
preventing unauthorized access 7-10
Cisco Security Agent
description 3-1
policies 3-1
Cisco Unity Administrator
accounts used to access 6-2
limiting use of administration account 6-2
passwords, changing 8-3
preventing unauthorized access 7-8
security concerns 6-2
using appropriate accounts 6-3
using class of service to restrict access 6-2
Cisco Unity conversation, preventing unauthorized access 8-3
Cisco Unity server, securing 1-1
configuring IIS for Integrated Windows authentication 7-6
D
DCOM dynamic port allocation, restricting 1-9
defining policies for logon, password, and lockout 8-5
distributing root certificate 9-6
dynamic port allocation, restricting 1-9
E
eavesdropping CiscoCallManager connections 5-1
encryption
best practice 5-4
settings in CiscoUnity 5-3
used for media protection 5-3
used for signaling protection 5-3
enhanced phone security
ACE/Server return codes 7-12
Cisco Unity Greetings Administrator, incompatibility 7-13
class of service settings 7-12
setting up 7-13
event log settings, changing 1-3
exporting CA root certificate 9-7
I
identity theft of CiscoCallManager server 5-1
identity theft of CiscoUnity voice messaging port 5-1
IIS
configuring for Integrated Windows authentication 7-6
Lockdown wizard, hardening the Cisco Unity server with 2-4
securing 2-3
installing SSL certificate 9-5
Integrated Windows authentication, how it works with the Cisco Unity Administrator 7-2
Internet Explorer, securing 2-3
IP phones
network traffic sniffing (eavesdropping) 5-1
securing connection with CiscoUnity 5-1
security issues 5-1
issuing SSL certificate 9-4
L
local security policies, changing 1-2, 1-3
lockouts
policy for accessing Cisco Unity by phone 8-7
policy for Cisco Unity Administrator access 8-5
logon policy 8-5
M
man-in-the-middle attacks for CiscoCallManager connections 5-1
media stream, modification threat 5-1
Microsoft software, securing 2-1
MSDE 2000, securing 2-2
MSMQ, securing 2-5
N
network traffic sniffing CiscoCallManager connections 5-1
NTLM authentication 7-2
O
operating system, securing 1-1
P
passwords
policy for accessing Cisco Unity by phone 8-6
policy for Cisco Unity Administrator access 8-5
TUI 8-2
web applications 8-2
phone access, account lockout policy 8-7
phone passwords
changing 8-4
default 8-3
securing 8-1
toll fraud 8-1
policies
Cisco Security Agent 3-1
logon, password, and lockout 8-5
port allocation, restricting dynamic 1-9
ports, voice messaging
best practice 5-4
CiscoCallManager security features 5-2
identity theft 5-1
security mode settings 5-3
private messages, how Cisco Unity handles them 10-1
R
restriction tables, best practices for use 4-1
root certificate, distributing to trusted root store 9-6
RSA SecurID overview 7-11
RTP stream, modification threat 5-1
S
Secure Real Time Protocol (SRTP) 5-3
securing
passwords 8-1
Windows 1-1
security mode settings
best practice 5-4
voice messaging ports 5-3
security policy, Windows, applying 1-2
security template, Windows, applying 1-2
security updates, installing Microsoft 2-5
server, securing 1-1
service packs, installing Microsoft 2-5
services, changing the startup type 1-3
setting up enhanced phone security 7-13
SQL Server 2000, securing 2-2
SSL
certificate, installing 9-5
certificate, issuing 9-4
certificate request, submitting 9-4
startup type for services, changing 1-3
T
TCP/IP filtering, configuring 1-9
TCP ports, securing 1-5
threats for connection to CiscoCallManager or IP phones 5-1
toll fraud
preventing by using restriction tables 4-1
preventing with account policy 8-7
Transport Layer Security (TLS) protocol 5-2
trusted root store 9-6
TUI
preventing unauthorized access 8-3
private message handling 10-1
U
UDP ports, securing 1-5
updates, installing Microsoft 2-5
URLScan tool, hardening the Cisco Unity server with 2-4
user rights, changing 1-2
V
voice messaging ports
best practice 5-4
CiscoCallManager security features 5-2
identity theft 5-1
security mode settings 5-3
vulnerabilities for connection to CiscoCallManager or IP phones 5-1
W
Windows
applying a security policy 1-2
applying a security template 1-2
securing 1-1
TCP/IP filtering, configuring 1-9
Windows NT Challenge/Response authentication 7-2