Cisco Unified Contact Center Enterprise Solution Reference ...

More documents

Recommendations

Info

Security Best Practices 7-6 Cisco Unified Contact Center Enterprise 7.x SRND Chapter 7 Securing Unified CCE For the most current security best practices, refer to the latest version of the Security Best Practices Guide for ICM and IPCC Enterprise & Hosted Editions, Release 7.1, available at http://www.cisco.com/univercd/cc/td/doc/product/icm/icmentpr/icm70doc/coreicm7/config7/index .htm The recommendations contained in the Security Best Practices guide are based in part on hardening guidelines published by Microsoft, such as those found in the Windows Server 2003 Security Guide, as well as other third-party vendors' hardening recommendations. It also serves as a reference point for most of the security functionality in the product. The guide is also the installation guide for the Automated Security Hardening bundled with the application installer, Windows Firewall Configuration Utility, and the SSL Configuration Utility. Because of the existence of the Security Best Practices guide, this chapter discusses many areas at a high level without further detail in order to avoid duplicating information available in other sources. Other Security Guides Other documents containing security guidance include, but are not limited to, the documents listed Table 7-1. Table 7-1 Other Security Documentation Security Topic Document and URL Server staging and Active Directory deployment Cisco Security Agent Staging Guide for Cisco ICM/IPCC Enterprise & Hosted Editions, Release 7.1 http://www.cisco.com/univercd/cc/td/doc/product/icm/icmentpr/icm70doc/mic rosf7/index.htm Cisco Security Agent Installation/Deployment Guide for Cisco ICM/IPCC Enterprise & Hosted Editions, Release 7.1 http://www.cisco.com/univercd/cc/td/doc/product/icm/icmentpr/icm70doc/core icm7/config7/index.htm CTI OS encryption CTI OS System Manager's Guide for Cisco ICM/CCE & Hosted Editions, Release 7.1 http://www.cisco.com/univercd/cc/td/doc/product/icm/icmentpr/icm70doc/ctid oc7/ctios7d/index.htm Cisco CAD Installation Guide, Release 7.1 http://www.cisco.com/univercd/cc/td/doc/product/icm/icmentpr/icm46doc/ipcc doc/cadall/cad70d/index.htm WebView User authentication and administration SNMPv3 authentication and encryption WebView Installation and Administration Guide for Cisco ICM/CCE & Hosted Editions, Release 7.1 http://www.cisco.com/univercd/cc/td/doc/product/icm/icmentpr/icm70doc/repo rt7/index.htm SNMP Guide for Cisco ICM/CCE & Hosted Editions, Release 7.1 http://www.cisco.com/univercd/cc/td/doc/product/icm/icmentpr/icm70doc/core icm7/config7/index.htm OL-8669-05
Chapter 7 Securing Unified CCE Network Firewalls TCP/IP Ports OL-8669-05 Table 7-1 Other Security Documentation (continued) Security Topic Document and URL Unified ICM partitioning (Database object/access control) Feature control (Software access control) Validating real-time clients Cisco Unified Contact Center Enterprise 7.x SRND Network Firewalls Unified ICM Administration Guide for Cisco ICM Enterprise, Release 7.1 http://www.cisco.com/univercd/cc/td/doc/product/icm/icmentpr/icm70doc/core icm7/config7/index.htm Note Partitioning is supported only for Unified ICM Enterprise. It is not supported in Unified CCE, Unified ICM Hosted Edition, or Unified CCH Edition. Unified ICM Configuration Guide for Cisco CM Enterprise, Release 7.1 http://www.cisco.com/univercd/cc/td/doc/product/icm/icmentpr/icm70doc/core icm7/config7/index.htm Setup and Configuration Guide for Cisco ICM Hosted Edition, Release 7.1 http://www.cisco.com/univercd/cc/td/doc/product/icm/icmhostd/icmhst7/index .htm There are several important factors to consider when deploying firewalls in an Unified CCE network. The application servers making up a Unified CCE solution (with the exception of Cisco Collaboration Servers) are not meant to reside in a demilitarized zone (DMZ) and should be segmented from any externally visible networks and internal corporate networks. The application servers should be placed in data centers, and the applicable firewalls or routers should be configured with access control lists (ACL) to control the traffic that is targeted to the servers, thereby allowing only designated network traffic to pass through. Deploying the application in an environment in which firewalls are in place requires the network administrator to be knowledgeable of which TCP/UDP IP ports are used, firewall deployment and topology considerations, and impact of Network Address Translation (NAT). For an inventory of the ports used across the contact center suite of applications, refer to the following documentation: Cisco Contact Center Product Port Utilization Guides, available at http://www.cisco.com/univercd/cc/td/doc/product/icm/port_uti/ Cisco CRS (IP IVR and IPCC Express) Release 4.0(1) Port Utilization Guide, available at http://www.cisco.com/univercd/cc/td/doc/product/voice/sw_ap_to/apps_4_0/english/administ/inde x.htm Cisco CRS (IP IVR and IPCC Express) Release 4.5(1) Port Utilization Guide, available at http://www.cisco.com/univercd/cc/td/doc/product/voice/sw_ap_to/apps_4_5/english/index.htm Cisco Unified CallManager TCP and UDP Port Usage Guide, available at http://www.cisco.com/univercd/cc/td/doc/product/voice/c_callmg/sec_vir/udp_tcp/ 7-7
Page 1 and 2:
Cisco Unified Contact Center Enterp
Page 3 and 4:
OL-8669-05 Preface xv New or Change
Page 5 and 6:
CHAPTER 2 Deployment Models 2-1 OL-
Page 7 and 8:
OL-8669-05 Cisco Unified Contact Ce
Page 9 and 10:
CHAPTER 5 Cisco Unified Outbound Di
Page 11 and 12:
OL-8669-05 Endpoint Security 7-20 A
Page 13 and 14:
G LOSSARY I NDEX OL-8669-05 Cisco U
Page 15 and 16:
OL-8669-05 Preface This document pr
Page 17 and 18:
Preface Product Documentation DVD O
Page 19 and 20:
Preface Cisco Technical Support & D
Page 21 and 22:
Preface OL-8669-05 Obtaining Additi
Page 23 and 24:
OL-8669-05 Architecture Overview CH
Page 25 and 26:
Chapter 1 Architecture Overview OL-
Page 27 and 28:
Page 29 and 30:
Chapter 1 Architecture Overview ICM
Page 31 and 32:
Chapter 1 Architecture Overview Fig
Page 33 and 34:
Chapter 1 Architecture Overview Cis
Page 35 and 36:
Page 37 and 38:
Chapter 1 Architecture Overview Adm
Page 39 and 40:
Chapter 1 Architecture Overview Mul
Page 41 and 42:
Chapter 1 Architecture Overview Cis
Page 43 and 44:
Chapter 1 Architecture Overview Lab
Page 45 and 46:
Chapter 1 Architecture Overview Fig
Page 47 and 48:
Page 49 and 50:
Page 51 and 52:
Chapter 1 Architecture Overview Con
Page 53 and 54:
Chapter 1 Architecture Overview Non
Page 55 and 56:
OL-8669-05 Deployment Models CHAPTE
Page 57 and 58:
Chapter 2 Deployment Models Unified
Page 59 and 60:
Chapter 2 Deployment Models Parent/
Page 61 and 62:
Chapter 2 Deployment Models OL-8669
Page 63 and 64:
Page 65 and 66:
Chapter 2 Deployment Models IPT: Ce
Page 67 and 68:
Page 69 and 70:
Page 71 and 72:
Page 73 and 74:
Chapter 2 Deployment Models Treatme
Page 75 and 76:
Chapter 2 Deployment Models Alterna
Page 77 and 78:
Page 79 and 80:
Chapter 2 Deployment Models IVR: Tr
Page 81 and 82:
Page 83 and 84:
Page 85 and 86:
Page 87 and 88:
Page 89 and 90:
Chapter 2 Deployment Models Connect
Page 91 and 92:
Page 93 and 94:
Chapter 2 Deployment Models Traditi
Page 95 and 96:
Page 97 and 98:
Page 99 and 100:
Chapter 2 Deployment Models Using I
Page 101 and 102:
Page 103 and 104:
OL-8669-05 CHAPTER Design Considera
Page 105 and 106:
Chapter 3 Design Considerations for
Page 107 and 108:
Page 109 and 110:
Page 111 and 112:
Page 113 and 114:
Page 115 and 116:
Page 117 and 118:
Page 119 and 120:
Page 121 and 122:
Page 123 and 124:
Page 125 and 126:
Page 127 and 128:
Page 129 and 130:
Page 131 and 132:
Page 133 and 134:
Page 135 and 136:
Page 137 and 138:
Page 139 and 140:
Page 141 and 142:
Page 143 and 144:
Page 145 and 146:
Page 147 and 148:
Page 149 and 150:
Page 151 and 152:
Page 153 and 154:
OL-8669-05 CHAPTER Unified Contact
Page 155 and 156:
Chapter 4 Unified Contact Center En
Page 157 and 158:
Page 159 and 160:
Page 161 and 162: Chapter 4 Unified Contact Center En
Page 181 and 182: OL-8669-05 Cisco Unified Outbound D
Page 183 and 184: Chapter 5 Cisco Unified Outbound Di
Page 193 and 194: OL-8669-05 Cisco Unified Mobile Age
Page 195 and 196: Chapter 6 Cisco Unified Mobile Agen
Page 207 and 208: OL-8669-05 Securing Unified CCE CHA
Page 209 and 210: Chapter 7 Securing Unified CCE Secu
Page 211: Chapter 7 Securing Unified CCE OL-8
Page 215 and 216: Chapter 7 Securing Unified CCE Netw
Page 217 and 218: Chapter 7 Securing Unified CCE OL-8
Page 219 and 220: Chapter 7 Securing Unified CCE IPSe
Page 223 and 224: Chapter 7 Securing Unified CCE Intr
Page 229 and 230: OL-8669-05 Sizing Call Center Resou
Page 231 and 232: Chapter 8 Sizing Call Center Resour
Page 249 and 250: OL-8669-05 CHAPTER Sizing Unified C
Page 251 and 252: Chapter 9 Sizing Unified CCE Compon
Page 263 and 264:
Chapter 9 Sizing Unified CCE Compon
Page 265 and 266:
Chapter 9 Sizing Unified CCE Compon
Page 267 and 268:
OL-8669-05 CHAPTER Cisco Unified Co
Page 269 and 270:
Chapter 10 Sizing Cisco Unified Cal
Page 271 and 272:
Page 273 and 274:
Page 275 and 276:
Page 277 and 278:
Page 279 and 280:
OL-8669-05 CHAPTER Cisco Unified Co
Page 281 and 282:
Chapter 11 Bandwidth Provisioning a
Page 283 and 284:
Page 285 and 286:
Page 287 and 288:
Page 289 and 290:
Page 291 and 292:
Page 293 and 294:
Page 295 and 296:
Page 297 and 298:
Page 299 and 300:
Page 301 and 302:
Page 303 and 304:
Page 305 and 306:
Page 307 and 308:
Page 309 and 310:
Page 311 and 312:
Page 313 and 314:
Numerics 3DES Triple Data Encryptio
Page 315 and 316:
DiffServ Differentiated Services DM
Page 317 and 318:
MDF Main distribution frame MDS Mes
Page 319 and 320:
SRND Solution Reference Network Des
Page 321 and 322:
Symbols .NET CIL API 4-14 Numerics
Page 323 and 324:
security 7-5 sizing call center res
Page 325 and 326:
CTI Desktop Toolkit 4-4, 4-5, 4-12
Page 327 and 328:
H H.323 3-15 hardening of phones 7-
Page 329 and 330:
modes for outbound dialer 5-3 MoH 6
Page 331 and 332:
public network 11-3, 11-7, 11-10, 1
Page 333 and 334:
Peripheral Gateway (PG) 9-15 Periph
Page 335:
website for technical support and d
show all

Cisco Unified Contact Center Enterprise Solution Reference ...

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?