Cisco Unified Contact Center Enterprise Solution Reference ...

More documents

Recommendations

Info

Virus Protection Virus Protection Antivirus Applications 7-16 Cisco Unified Contact Center Enterprise 7.x SRND Chapter 7 Securing Unified CCE A number of third-party antivirus applications are supported for the Unified CCE system. For a list of applications and versions supported on your particular release of the Unified CCE software, refer to the Hardware and System Software Specifications Guide (formerly, the Bill of Materials) and the Cisco Voice Portal Bill of Materials as well as the Cisco Unified CCX and Cisco Unified CallManager product documentation for the applications supported. Note Deploy only the supported applications for your environment, otherwise a software conflict might arise, especially when an application such as the Cisco Security Agent is installed on the Unified CCE systems. Configuration Guidelines Antivirus applications have numerous configuration options that allow very granular control of what and how data should be scanned on a server. With any antivirus product, configuration is a balance of scanning versus the performance of the server. The more you choose to scan, the greater the potential performance overhead. The role of the system administrator is to determine what the optimal configuration requirements will be for installing an antivirus application within a particular environment. Refer to the Security Best Practices Guide and your particular antivirus product documentation for more detailed configuration information on a Unified ICM environment. The following list highlights some general best practices: Upgrade to the latest supported version of the third-party antivirus application. Newer versions improve scanning speed over previous versions, resulting in lower overhead on servers. Avoid scanning of any files accessed from remote drives (such as network mappings or UNC connections). Where possible, each of these remote machines should have its own antivirus software installed, thus keeping all scanning local. With a multi-tiered antivirus strategy, scanning across the network and adding to the network load should not be required. Due to the higher scanning overhead of heuristics scanning over traditional antivirus scanning, use this advanced scanning option only at key points of data entry from untrusted networks (such as email and Internet gateways). Real-time or on-access scanning can be enabled, but only on incoming files (when writing to disk). This is the default setting for most antivirus applications. Implementing on-access scanning on file reads will yield a higher impact on system resources than necessary in a high-performance application environment. While on-demand and real-time scanning of all files gives optimum protection, this configuration does have the overhead of scanning those files that cannot support malicious code (for example, ASCII text files). Cisco recommends excluding files or directories of files, in all scanning modes, that are known to present no risk to the system. Also, follow the recommendations for which specific Unified ICM files to exclude in a Unified ICM or Unified CCE implementation, as provided in the Security Best Practices for Cisco Intelligent Contact Management Software, available at http://www.cisco.com/en/US/partner/products/sw/custcosw/ps1001/prod_technical_reference _list.html OL-8669-05
Chapter 7 Securing Unified CCE Intrusion Prevention Cisco Security Agent Agents Modes OL-8669-05 Cisco Unified Contact Center Enterprise 7.x SRND Intrusion Prevention Schedule regular disk scans only during low usage times and at times when application activity is lowest. To determine when application purge activity is scheduled, refer to the Security Best Practices guide listed in the previous item. Guidelines for configuring antivirus applications for Cisco Unified CallManager are available at the following locations: http://cisco.com/en/US/partner/products/sw/voicesw/ps556/products_implementation_design_guides _list.html http://cisco.com/en/US/partner/products/sw/voicesw/ps556/products_user_guide_list.html Cisco Security Agent provides threat protection for servers, also known as endpoints. It identifies and prevents malicious behavior, thereby eliminating known and unknown (“day zero”) security risks and helping to reduce operational costs. The Cisco Security Agent aggregates and extends multiple endpoint security functions by providing host intrusion prevention, distributed firewall capabilities, malicious mobile code protection, operating system integrity assurance, and audit log consolidation (in managed mode), all within a single product. Unlike antivirus applications, Cisco Security Agent analyzes behavior rather than relying on signature matching, but both remain critical components to a multi-layered approach to host security. Cisco Security Agent should not be considered a substitute for antivirus applications. Deploying Cisco Security Agent on Unified CCE components involves obtaining a number of application-compatible agents and implementing them according to the desired mode. Note The Cisco Security Agent Policy provided for Unified CCE is limited to servers and may not be deployed on Agent Desktops. Customers may choose to deploy the CSA product in their enterprise and modify the default desktop security policies in the Management Center to allow legitimate application activity on their desktop endpoints, including that of the Agent Desktop software deployed. The Cisco Security Agent can be deployed in two modes: Standalone mode — A standalone agent can be obtained directly from the Cisco Software Center for each voice application and can be implemented without communication capability to a central Cisco Security Agent Management Center (MC). Managed mode — An XML export file specific to the agent and compatible with each voice application in the deployed solution, can be downloaded from the same location and imported into an existing Cisco Unified Operations Management Center for Cisco Security Agents, part of the Cisco Unified Operations VPN/Security Management Solution (VMS) bundle. The advanced Cisco Unified Operations Management Center for Cisco Security Agents incorporates all management functions for agents in core management software that provides a centralized means of defining and distributing policies, providing software updates, and maintaining communications to the agents. Its role-based, web browser manage-from-anywhere access makes it easy for administrators to control thousands of agents per MC. 7-17
Page 1 and 2:
Cisco Unified Contact Center Enterp
Page 3 and 4:
OL-8669-05 Preface xv New or Change
Page 5 and 6:
CHAPTER 2 Deployment Models 2-1 OL-
Page 7 and 8:
OL-8669-05 Cisco Unified Contact Ce
Page 9 and 10:
CHAPTER 5 Cisco Unified Outbound Di
Page 11 and 12:
OL-8669-05 Endpoint Security 7-20 A
Page 13 and 14:
G LOSSARY I NDEX OL-8669-05 Cisco U
Page 15 and 16:
OL-8669-05 Preface This document pr
Page 17 and 18:
Preface Product Documentation DVD O
Page 19 and 20:
Preface Cisco Technical Support & D
Page 21 and 22:
Preface OL-8669-05 Obtaining Additi
Page 23 and 24:
OL-8669-05 Architecture Overview CH
Page 25 and 26:
Chapter 1 Architecture Overview OL-
Page 27 and 28:
Page 29 and 30:
Chapter 1 Architecture Overview ICM
Page 31 and 32:
Chapter 1 Architecture Overview Fig
Page 33 and 34:
Chapter 1 Architecture Overview Cis
Page 35 and 36:
Page 37 and 38:
Chapter 1 Architecture Overview Adm
Page 39 and 40:
Chapter 1 Architecture Overview Mul
Page 41 and 42:
Chapter 1 Architecture Overview Cis
Page 43 and 44:
Chapter 1 Architecture Overview Lab
Page 45 and 46:
Chapter 1 Architecture Overview Fig
Page 47 and 48:
Page 49 and 50:
Page 51 and 52:
Chapter 1 Architecture Overview Con
Page 53 and 54:
Chapter 1 Architecture Overview Non
Page 55 and 56:
OL-8669-05 Deployment Models CHAPTE
Page 57 and 58:
Chapter 2 Deployment Models Unified
Page 59 and 60:
Chapter 2 Deployment Models Parent/
Page 61 and 62:
Chapter 2 Deployment Models OL-8669
Page 63 and 64:
Page 65 and 66:
Chapter 2 Deployment Models IPT: Ce
Page 67 and 68:
Page 69 and 70:
Page 71 and 72:
Page 73 and 74:
Chapter 2 Deployment Models Treatme
Page 75 and 76:
Chapter 2 Deployment Models Alterna
Page 77 and 78:
Page 79 and 80:
Chapter 2 Deployment Models IVR: Tr
Page 81 and 82:
Page 83 and 84:
Page 85 and 86:
Page 87 and 88:
Page 89 and 90:
Chapter 2 Deployment Models Connect
Page 91 and 92:
Page 93 and 94:
Chapter 2 Deployment Models Traditi
Page 95 and 96:
Page 97 and 98:
Page 99 and 100:
Chapter 2 Deployment Models Using I
Page 101 and 102:
Page 103 and 104:
OL-8669-05 CHAPTER Design Considera
Page 105 and 106:
Chapter 3 Design Considerations for
Page 107 and 108:
Page 109 and 110:
Page 111 and 112:
Page 113 and 114:
Page 115 and 116:
Page 117 and 118:
Page 119 and 120:
Page 121 and 122:
Page 123 and 124:
Page 125 and 126:
Page 127 and 128:
Page 129 and 130:
Page 131 and 132:
Page 133 and 134:
Page 135 and 136:
Page 137 and 138:
Page 139 and 140:
Page 141 and 142:
Page 143 and 144:
Page 145 and 146:
Page 147 and 148:
Page 149 and 150:
Page 151 and 152:
Page 153 and 154:
OL-8669-05 CHAPTER Unified Contact
Page 155 and 156:
Chapter 4 Unified Contact Center En
Page 157 and 158:
Page 159 and 160:
Page 161 and 162:
Page 163 and 164:
Page 165 and 166:
Page 167 and 168:
Page 169 and 170:
Page 171 and 172: Chapter 4 Unified Contact Center En
Page 181 and 182: OL-8669-05 Cisco Unified Outbound D
Page 183 and 184: Chapter 5 Cisco Unified Outbound Di
Page 193 and 194: OL-8669-05 Cisco Unified Mobile Age
Page 195 and 196: Chapter 6 Cisco Unified Mobile Agen
Page 207 and 208: OL-8669-05 Securing Unified CCE CHA
Page 209 and 210: Chapter 7 Securing Unified CCE Secu
Page 211 and 212: Chapter 7 Securing Unified CCE OL-8
Page 213 and 214: Chapter 7 Securing Unified CCE Netw
Page 215 and 216: Chapter 7 Securing Unified CCE Netw
Page 219 and 220: Chapter 7 Securing Unified CCE IPSe
Page 221: Chapter 7 Securing Unified CCE OL-8
Page 229 and 230: OL-8669-05 Sizing Call Center Resou
Page 231 and 232: Chapter 8 Sizing Call Center Resour
Page 249 and 250: OL-8669-05 CHAPTER Sizing Unified C
Page 251 and 252: Chapter 9 Sizing Unified CCE Compon
Page 267 and 268: OL-8669-05 CHAPTER Cisco Unified Co
Page 269 and 270: Chapter 10 Sizing Cisco Unified Cal
Page 271 and 272: Chapter 10 Sizing Cisco Unified Cal
Page 273 and 274:
Chapter 10 Sizing Cisco Unified Cal
Page 275 and 276:
Page 277 and 278:
Page 279 and 280:
OL-8669-05 CHAPTER Cisco Unified Co
Page 281 and 282:
Chapter 11 Bandwidth Provisioning a
Page 283 and 284:
Page 285 and 286:
Page 287 and 288:
Page 289 and 290:
Page 291 and 292:
Page 293 and 294:
Page 295 and 296:
Page 297 and 298:
Page 299 and 300:
Page 301 and 302:
Page 303 and 304:
Page 305 and 306:
Page 307 and 308:
Page 309 and 310:
Page 311 and 312:
Page 313 and 314:
Numerics 3DES Triple Data Encryptio
Page 315 and 316:
DiffServ Differentiated Services DM
Page 317 and 318:
MDF Main distribution frame MDS Mes
Page 319 and 320:
SRND Solution Reference Network Des
Page 321 and 322:
Symbols .NET CIL API 4-14 Numerics
Page 323 and 324:
security 7-5 sizing call center res
Page 325 and 326:
CTI Desktop Toolkit 4-4, 4-5, 4-12
Page 327 and 328:
H H.323 3-15 hardening of phones 7-
Page 329 and 330:
modes for outbound dialer 5-3 MoH 6
Page 331 and 332:
public network 11-3, 11-7, 11-10, 1
Page 333 and 334:
Peripheral Gateway (PG) 9-15 Periph
Page 335:
website for technical support and d
show all

Cisco Unified Contact Center Enterprise Solution Reference ...

Create successful ePaper yourself

Delete template?

Save as template?