DescriptionFeature
You can prevent access to a phone web page, which displays a variety of
operational statistics for the phone.
Optional disabling of the web
server functionality for a
phone
Additional security options, which you control from Cisco Unified
Communications Manager Administration:
•
Disable PC port
•
Disable PC Voice VLAN access
•
Disable access to web pages for a phone
You can view current settings for the PC Port Disabled, GARP
Enabled, and Voice VLAN enabled options by looking at the phone
Configuration menu.
Note
Phone hardening
The Cisco IP Phone can use 802.1X authentication to request and gain access
to the network.
802.1X Authentication
When connected to Cisco Unified Communications Manager Release 10.5(2)
and later, the phones support AES 256 encryption support for TLS and SIP
for signaling and media encryption. This enables phones to initiate and
support TLS 1.2 connections using AES-256 based ciphers that conform to
SHA-2 (Secure Hash Algorithm) standards and are Federal Information
Processing Standards (FIPS) compliant. The new ciphers are:
•
For TLS connections:
â—¦
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
â—¦
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
•
For sRTP:
â—¦
AEAD_AES_256_GCM
â—¦
AEAD_AES_128_GCM
For more information, see the Cisco Unified Communications Manager
documentation.
AES 256 Encryption
Related Topics
Cisco Unified Communications Manager Documentation, on page xiii
Cisco IP Phone Security, on page 95
802.1x Authentication, on page 103
View Security Profiles, on page 97
Cisco IP Phone 7800 Series Administration Guide for Cisco Unified Communications Manager
99
Supported Security Features
To Next Page
Loading...
