Cisco 9951 Standard Overview - Page 18

Browse online or download pdf Overview for IP Phone Cisco 9951 Standard. Cisco 9951 Standard 30 pages. Cisco systems telephone
Also for Cisco 9951 Standard: Datasheet (7 pages), Release Notes (16 pages), User Manual (12 pages), Setup Manual (4 pages), Administration Manual (8 pages), User Manual (48 pages), Quick Start (2 pages), User Manual (22 pages), Setup (4 pages), Quick Start Manual (8 pages), Quick Start Manual (2 pages), User Manual (23 pages), (Portuguese) Quick Start Manual (2 pages)

Cisco 9951 Standard Overview
Understanding Security Features for Cisco Unified IP Phones
Table 1-6
Overview of Security Features (continued)
Feature
CAPF (Certificate Authority Proxy
Function)
Security profiles
Encrypted configuration files
Optional disabling of the web
server functionality for a phone
Phone hardening
802.1X Authentication
Secure SIP Failover for SRST
Signaling encryption
Related Topics
Cisco Unified IP Phone 8961, 9951, and 9971 Administration Guide for Cisco Unified Communications Manager 8.5 (SIP)
1-18
Description
Implements parts of the certificate generation procedure that are too
processing-intensive for the phone, and interacts with the phone for key generation and
certificate installation. The CAPF can be configured to request certificates from
customer-specified certificate authorities on behalf of the phone, or it can be
configured to generate certificates locally.
Defines whether the phone is nonsecure, authenticated, encrypted, or protected. See
Table
1-6, which provides an overview of the security features that the Cisco Unified
IP Phone 9971 supports. For more information about these features and about
Cisco Unified Communications Manager and Cisco Unified IP Phone security, refer to
the Cisco Unified Communications Manager Security Guide.
Lets you ensure the privacy of phone configuration files.
For security purposes, you can prevent access to a phone's web page (which displays
a variety of operational statistics for the phone) and user options pages. For more
information, see the
Additional security options, which you control from Cisco Unified Communications
Manager Administration:
Disabling PC port
Disabling Gratuitous ARP (GARP)
Disabling PC Voice VLAN access
Disabling access to the Setting menus, or providing restricted access that allows
access to the Preferences menu and saving volume changes only
Disabling access to web pages for a phone
Disabling Bluetooth Accessory Port
The Cisco Unified IP Phone can use 802.1X authentication to request and gain access
to the network. See the
Phones" section on page 1-22
After you configure an SRST reference for security and then reset the dependent
devices in Cisco Unified CM Administration, the TFTP server adds the SRST
certificate to the phone cnf.xml file and sends the file to the phone. A secure phone then
uses a TLS connection to interact with the SRST-enabled router.
Ensures that all SCCP and SIP signaling messages that are sent between the device and
the Cisco Unified CM server are encrypted.
Identifying Secure (Encrypted) Phone Calls, page 1-19
Security Restrictions, page 1-23
Chapter 1
"Enabling and Disabling Web Page Access" section on page
"Supporting 802.1X Authentication on Cisco Unified IP
for more information.
An Overview of the Cisco Unified IP Phone
OL-20861-01
11-3.