Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

IIS Required on Subscribers?

Is there any reason to have IIS services running on the Subscriber Callmanager? We were thinking that if we removed the service from the Subscribers, then we would only be vulnerable to the IIS security holes on one Callmanager server in the cluster. Then if the publisher got hit, at least the phones would remain up until we cleaned/restored the publisher.

We disabled the IIS service on a test lab subscriber and it didn't appear to cause problems, but it is only a test lab environment.

Cisco Employee

Re: IIS Required on Subscribers?

No, IIS is not required on subscriber CallManagers. During CallManager installation, one of the optional items to install says something like "Web Components" which includes CCMAdmin, CCMUser, and other virtual webs. If these are not installed then there is no reason to have IIS running on these servers.

Even if the Web Components are installed, I see no reason why you can't disable the appropriate services, since CCMAdmin/CCMUser/etc wouldn't generally be used except on the server where you typically access them -- usually the publisher.

CreatePlease to create content