01-17-2013 03:47 AM - edited 03-16-2019 03:13 PM
Hi,
How can I Configure encrypted phone configuration files.
I already create a security profile with TFTP encrypted config and a existing certificate (MIC), on the side of the phone configuration I only have to put the certificate (MIC)?
thanks for the help
Fred
01-17-2013 05:03 AM
Hi
Have you bought/set up the USB security tokens?
I think without those you can sign the configs, but not encrypt.
Aaron
01-17-2013 06:16 AM
Hi Aoron,
I don't have the security tokens.
So what can I do to protect the 7900 ip phones when they speak in Configure encrypted phone configuration files, what are my options?
best regards
Fred
01-17-2013 06:28 AM
Without security tokens, nothing from CUCM side, you cannot use authentication nor encryption.
You'll have to rely on securing your network on your switches, ISRs, etc.
Wheh you get tokens, search CCO for "communications manager + security guide" to get all the instructions on how to configure the feature.
HTH
java
if this helps, please rate
www.cisco.com/go/pdihelpdesk
01-17-2013 06:48 AM
Hi Jaime,
then to protect my phones with CUCM 7.1 against the latest vulnerabilities can only disable ssh access and use the security mechanisms as the L2 arp inspection, correct?
best regards
Fred
01-17-2013 09:52 AM
If you are concerend I would buy the tokens. You need two, they're $99 list price.
01-17-2013 10:15 AM
Hi Aaron,
Thanks for the advice, but this time I can not make that purchase.
Nevertheless I liked to do everything possible to improve safety in the current infrastructure.
best regards
Fred
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: