How can I Configure encrypted phone configuration files.
I already create a security profile with TFTP encrypted config and a existing certificate (MIC), on the side of the phone configuration I only have to put the certificate (MIC)?
thanks for the help
Have you bought/set up the USB security tokens?
I think without those you can sign the configs, but not encrypt.
I don't have the security tokens.
So what can I do to protect the 7900 ip phones when they speak in Configure encrypted phone configuration files, what are my options?
Without security tokens, nothing from CUCM side, you cannot use authentication nor encryption.
You'll have to rely on securing your network on your switches, ISRs, etc.
Wheh you get tokens, search CCO for "communications manager + security guide" to get all the instructions on how to configure the feature.
if this helps, please rate
then to protect my phones with CUCM 7.1 against the latest vulnerabilities can only disable ssh access and use the security mechanisms as the L2 arp inspection, correct?
If you are concerend I would buy the tokens. You need two, they're $99 list price.
Thanks for the advice, but this time I can not make that purchase.
Nevertheless I liked to do everything possible to improve safety in the current infrastructure.