We have customers deployed with Cisco IP Telephony solutions on data networks. We need to address the security issues in CIPT environments. Went through the SAFE whitepapers on IPT Security. But I have the following to know:
1) Can we upgrade the OS of Call Manager with the latest MS security patches and hot fixes, as and when released from MS? Will there be any application problems? Should we wait for any Cisco notifications (if there are any) on such upgrades?
2) SAFE whitepaper suggests host IDS and host antivirus programs on the Call Manager? Any issues to be taken care of, before such implementations?
This is a genuine concern of the customer for IP Telephony expansion. Any early response will be highly appreciated.
Cisco does not recommend using the MS patches as they are released.
Cisco recommends getting the patches from Cisco, where they are first tested to make sure they don't negatively impact other (IP Telephony) processes.
My understanding regarding anti-virus programs is that any of them (your preference) should be fine, but you'll want to disable them when loading or patching software (as is the usual recommendation for any software load).
You will need an account with access to software upgrades to get there and you will find the recommended call manager security patch processess that may help answer the questions better. FYI CIsco's processes say that the patches Cisco deems critical will be posted within 1 day after MS posts then to there web site.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :