CallManager, Unity Connection, IPCC Express Security

Unanswered Question

Dear all gurus,

On one of my customer Cisco IPT engagement, I have been asked the following security questions on Cisco CallManager 7.x, Cisco Unity Connection 7.x, Cisco IP Contact Center Express 7.x and I would greatly appreciated if someone can shed some light on this.

Briefly describe all features and mechanisms that are available  to prevent hacking of the VoIP/PBX system. Especially describe the security  mechanisms in place to monitor and control any of the Cisco IPT components that interfaces to TCP/IP networks.
State the total number of  passwords available in the Cisco IPT components:
• What is the total number of  digits allowed in each password’s field?
• Describe each passwords  hierarchical relationship.
• Describe the functionality of each of these  passwords.
• Which passwords are available as part of the system’s standard  package to the customer/system administrator?
• Which other, if any,  passwords can be made available to the customer/system administrator?

• Can the  customer/system administrator define customer passwords by functionality?  Explain.
• Is the Cisco IPT servers equipped with the ability to track log-in  attempts? Describe.
• Can the Cisco IPT infrastructure automatically shut down the  remote access and/or local access port in the event of failed or incorrect  log-in attempts?
• Explain how this is accomplished, the parameters used to  establish any system thresholds used in conjunction with this feature or similar  feature, any system notification capabilities etc.

Would appreciated your  help on this =)


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)


This Discussion