Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
545
Views
0
Helpful
1
Replies

Disallow access to cucm-ip:8443/cucm-uds/users and encrypt jabber xml

Hythim Ali El Hadad
Level 6
Level 6

‎11-22-2018 11:08 AM - edited ‎03-17-2019 01:45 PM

Hi,

 

The goal is to increase security for my CUCM environment with the following 2 points

1- I need to disallow any one to be able to access this URL as it provides all user information details as mobile no.

cucm-ip:8443/cucm-uds/users

At the same time, Jabber users should be able to access UDS

 

2- Encrypt jabber xml configuration file

Is it simply the same way as IP Phones conf files encryption through phone security profile ? or there is another way ?

 

 

Thanks

Haitham

Labels:
0 Helpful
1 Reply 1

dapo100
Level 1
Level 1

‎11-22-2018 12:09 PM

Hi Hythim,

 

Cisco UDS is a simple repository, I am not aware of a way to allow custom access to certain fields of a given directory ( mobile cell phone number field in the user_id record)

 

You may point your _cisco-uds SRV to a firewall or load balancer, that can intercept the request and via security profiles or iRules to in order to perform the following:

 

1 - check if the HTTP_REQUEST comes from a Jabber CLient

2. if true, allow connection to CUCM server/UDS url

3. If false, drop connection

 

As for the .xml encryption, that will be a global Workstation encryption solution for all the files - I imagine the encryption requirement is there not only for Jabber files, so it should not be something UC specific form the service point of view.

 

0 Helpful
Customers Also Viewed These Support Documents