Cisco UC500 series Podręcznik konfiguracji - Strona 5

Przeglądaj online lub pobierz pdf Podręcznik konfiguracji dla System konferencyjny Cisco UC500 series. Cisco UC500 series 50 stron. Sip trunking unified communications 500 series

Cisco UC500 series Podręcznik konfiguracji
Any other equipment on the customer premise, including IP PBXs is the responsibility of
the customer and a supporting VAR. The templates that resulted from the testing efforts,
particularly with respect to LAN topology, are tested recommendations that are subject to
VAR and end-customer requirements. The only exceptions to this are required UC500
SIP trunking parameters that must be configured.

2.4 Supported Line-side Protocols

Line side protocol defines the communication protocol used between the IP
phones and UC500. All IP phones supported on the UC500 can be deployed with
SIP trunks – there may be caveats for certain specific configurations.
2.5

Security

Securing IP Telephony installations such UC500 is a topic that is beyond the
scope of this document. Security is an area in which VARs may provide
additional value to customers, if executed properly. Cisco's IOS firewall, for
example, can be configured on UC500 to enable the appropriate access-lists and
other elements of the firewall.
UC500's IOS cryptographic image may also be configured to enable SSH and
HTTPS (SSL) access to the UC500 management interfaces. Administrative access
to the UC500 management interfaces may also be configured through the use of
local usernames and password, privilege levels, and the use of AAA servers such
as Cisco's Access Control Server (ACS) which provides Radius and TACACS+
services. These configuration efforts may be performed by the VAR or end-
customer through CCA.
The UC500 templates also include Class of Restriction (COR) to enable access
control for different classes of users. International number dialing, for example,
may be restricted to specific phones.
Care should be taken by the VAR or customer to avoid disabling call control,
voicemail, and phone features when enabling security features manually. As an
example, many security administrators will limit access to the HTTP server in
IOS through the use of access control lists (ACLs). If those ACLs, however,
inadvertently prevent IP phones from reaching the HTTP server imbedded in
UC500 then features such as user directories and IP phone services will be
disabled.
2.6

Topology for UC500 Installation

There are several ways in which a UC500 system can be integrated into a
customer's local area network (LAN). The key factor to consider in the
implementation, however, is that the "managed access routers" are generally not
modified according to various CPE scenarios. These provide a SIP NAT ALG
and NAT router for local private network addressing, but do not participate in
local routing decisions for subnets and VLANs defined by the end-customer or
VAR. This enables the SP to provide reliable, consistent, and supportable IAD
configurations across a wide customer base.
© 2008 Cisco Systems, Inc. All rights reserved.