Malicious Call Identification

Malicious Call Identification (MCID), available starting with Cisco CallManager Release 4.0, is an internetwork service that allows users to initiate a sequence of events when they receive calls with a malicious intent from another network (typically, the PSTN). The user who receives a disturbing call can invoke the MCID feature by using a softkey or feature code while connected to the call. The MCID service immediately flags the call as a malicious call with an alarm notification to the Cisco CallManager administrator. The MCID service flags the CDR with the MCID notice and sends a notification to the off-net PSTN that a malicious call is in progress.

The MCID service is an ISDN PRI service, when using PRI connections to the PSTN. The MCID service includes two components:

  • MCID-O An originating component that invokes the feature at the request of the user (victim) and that sends the invocation request to the connected network
  • MCID-T A terminating component that receives the invocation request from the connected network and responds with a success or failure message that indicates whether the service can be performed

Typically, each function runs in separate network entities, and the two service components communicate with each other to allow two networks to identify a call as malicious.

Cisco CallManager supports only the originating component at this time.


MCID is a PRI-based service. If your organization does not use PRI PSTN connections, MCID can still flag calls with malicious intent in the CallManager CDRs.


Configuring MCID

MCID, which is a system feature, comes standard with Cisco CallManager software. MCID does not require special installation or activation.

To configure MCID, follow these general procedures:

Step 1.

Ensure that the CDR flag is set to True.

Step 2.

Configure the alarm.

Step 3.

Configure a softkey template with the Malicious Call Trace softkey.

Step 4.

Assign the MCID softkey template to an IP Phone.

Step 5.

Notify users that the MCID feature is available.

Configuring CallManager to Support CDRs

To enable Cisco CallManager to flag a CDR with the MCID indicator, you must enable the CDR flag. Use the following procedure in Cisco CallManager Administration to enable the CDR flag:

Step 1.

From the drop-down list, choose Service > Service Parameters.

Step 2.

Choose the Cisco CallManager server name.

Step 3.

In the Service field, choose Cisco CallManager. The Service Parameters Configuration window appears.

Step 4.

In the System area, set the CDR Flag Enabled field to True if it is not already enabled, as shown in Figure 17-18.

Figure 17-18. Configuring CallManager Service Parameters to Support CDRs


Step 5.

If you have made a change, click Update.

Configuring MCID Alarms

To provide for the MCID alarm information to appear in the Event Viewer, you need to enable the alarm event level. Use Cisco CallManager Serviceability and the following procedure to activate alarms for MCID:

Step 1.

Choose Application > Serviceability. The Cisco CallManager Serviceability application opens.

Step 2.

Choose Alarm > Configuration. The Alarm Configuration window is displayed.

Step 3.

From the list, choose the Cisco CallManager server.

Step 4.

In the Configured Services drop-down list, choose Cisco CallManager. The Alarm Configuration window updates with configuration fields.

Step 5.

Under Event Viewer, in the Alarm Event Level drop-down list, choose Informational, as shown in Figure 17-19.

Figure 17-19. Configuring MCID Alarms in Windows 2000 Event Viewer


Step 6.

Under Event Viewer, check the Enable Alarm check box.


Step 7.

If you want to enable the alarm for all nodes in the cluster, check the Apply to All Nodes check box.

Step 8.

Click Update to turn on the informational alarm.

Adding the MCID Softkey

For users to trigger MCID alerts, you must add the appropriate softkey to the softkey template configured for their IP Phones. Use this procedure in Cisco CallManager Administration to add the Malicious Call softkey to a template:

Step 1.

Choose Device > Device Settings > Softkey Template. The Find and List Softkey Templates window appears.

Step 2.

Select the Softkey Template assigned to your users. If your users are using one of the built-in softkey templates, you will need to create a new softkey template, as described in Chapter 16, "Configuring User Features, Part 1."

Step 3.

In the upper-right corner of the window, click the Configure Softkey Layout link. The Softkey Layout Configuration window appears.

Step 4.

In the Call States area on the left, choose Connected. The list in the Unselected Softkeys pane changes to display the available softkeys for this call state.


Step 5.

In the Unselected Softkeys pane, choose Toggle Malicious Call Trace, as shown in Figure 17-20.

Figure 17-20. Adding the MCID Softkey


Step 6.

To move the softkey to the Selected keys pane, click the right arrow.

Step 7.

Click Update to ensure that the softkey template is configured.

Part I: Cisco CallManager Fundamentals

Introduction to Cisco Unified Communications and Cisco Unified CallManager

Cisco Unified CallManager Clustering and Deployment Options

Cisco Unified CallManager Installation and Upgrades

Part II: IPT Devices and Users

Cisco IP Phones and Other User Devices

Configuring Cisco Unified CallManager to Support IP Phones

Cisco IP Telephony Users

Cisco Bulk Administration Tool

Part III: IPT Network Integration and Route Plan

Cisco Catalyst Switches

Configuring Cisco Gateways and Trunks

Cisco Unified CallManager Route Plan Basics

Cisco Unified CallManager Advanced Route Plans

Configuring Hunt Groups and Call Coverage

Implementing Telephony Call Restrictions and Control

Implementing Multiple-Site Deployments

Part IV: VoIP Features

Media Resources

Configuring User Features, Part 1

Configuring User Features, Part 2

Configuring Cisco Unified CallManager Attendant Console

Configuring Cisco IP Manager Assistant

Part V: IPT Security

Securing the Windows Operating System

Securing Cisco Unified CallManager Administration

Preventing Toll Fraud

Hardening the IP Phone

Understanding Cryptographic Fundamentals

Understanding the Public Key Infrastructure

Understanding Cisco IP Telephony Authentication and Encryption Fundamentals

Configuring Cisco IP Telephony Authentication and Encryption

Part VI: IP Video

Introducing IP Video Telephony

Configuring Cisco VT Advantage

Part VII: IPT Management

Introducing Database Tools and Cisco Unified CallManager Serviceability

Monitoring Performance

Configuring Alarms and Traces

Configuring CAR

Using Additional Management and Monitoring Tools

Part VIII: Appendix

Appendix A. Answers to Review Questions


Authorized Self-Study Guide Cisco IP Telephony (CIPT)
Cisco IP Telephony (CIPT) (Authorized Self-Study) (2nd Edition)
ISBN: 158705261X
EAN: 2147483647
Year: 2004
Pages: 329 © 2008-2020.
If you may any questions please contact us: