Solved: Re: Security Endpoint Protection running on Cisco UCOS

dtran · ‎02-12-2020

Hello all,

I am running Cisco UCM 10.5 and Cisco Unity Connection 10.5

I am looking into installing CrowdStrike security endpoint protection on these systems. Has anyone running CrowdStrike or any type of security endpoint protection on your UC systems ? any compatibility issues or concerns that I should be worried about ?

Thanks in advance !!!

Danny

Terry Cheema · ‎02-24-2020

Hi Danny,

As my friend Jaime as mentioned you can't install any 3rd party components on Cisco UC Linux based OS. The reason is these come with all the Cisco recommended hardening rules/iptables applied out of the box. . The shell/root access to these apps is locked and only limited to Cisco TAC support personnel. We can not access the shell to modify any services etc. So at platform level you can not apply any further security hardening.

Regards UCCE its a different beast - with windows/sql etc. different components you can apply malware protection to this solution.

Refer here for security guide on UCCE: https://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cust_contact/contact_center/icm_enterprise/icm_enterprise_12_5_1/configuration/guide/ucce_b_125-security-guide/ucce_b_125-security-guide_chapter_01010.html

Having said all the above you can apply security at different levels for UC applications -

Application level - like appropriate access control CSS/Toll Fraud etc. (you can look at hardening each UC application like CUCM, Expressways etc.)

Network Level - Port security/Network security like firewalls etc.

Please let us know if you have more questions.

-Terry

View solution in original post

Jaime Valencia · ‎02-12-2020

You cannot install any 3rd party app on the Cisco UC apps that runs Linux.

Only installation packages the system will accept have to come directly from Cisco (with very few exception like COP files for 3rd party endpoints) and have to be signed by Cisco to be recognized by the system as valid.

HTH

java

if this helps, please rate

dtran · ‎02-12-2020

Hi Jaime,

Thanks Jaime !!! I appreciate your response !!!

Danny

dtran · ‎02-24-2020

Hey Jaime,

Quick question for you, hope you can help..

You have mentioned "You cannot install any 3rd party app on the Cisco UC apps that runs Linux". How do you protect Cisco Linux base systems that run UC or UCCE apps from Ransomeware ? How do you protect the UCOS from virus infection or Ransomeware ?

Thanks Jaime !!!

Danny

Terry Cheema · ‎02-24-2020

Hi Danny,

As my friend Jaime as mentioned you can't install any 3rd party components on Cisco UC Linux based OS. The reason is these come with all the Cisco recommended hardening rules/iptables applied out of the box. . The shell/root access to these apps is locked and only limited to Cisco TAC support personnel. We can not access the shell to modify any services etc. So at platform level you can not apply any further security hardening.

Regards UCCE its a different beast - with windows/sql etc. different components you can apply malware protection to this solution.

Refer here for security guide on UCCE: https://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cust_contact/contact_center/icm_enterprise/icm_enterprise_12_5_1/configuration/guide/ucce_b_125-security-guide/ucce_b_125-security-guide_chapter_01010.html

Having said all the above you can apply security at different levels for UC applications -

Application level - like appropriate access control CSS/Toll Fraud etc. (you can look at hardening each UC application like CUCM, Expressways etc.)

Network Level - Port security/Network security like firewalls etc.

Please let us know if you have more questions.

-Terry

dtran · ‎02-25-2020

Hi Terry,

Thanks Terry !!! I appreciate your inputs !!!

Danny