Security and Hot Fix Policy

Table of contents:

Cisco closely monitors security bulletins from Microsoft and evaluates them based on the impact to Cisco CallManager and other IP telephony applications.

When Microsoft posts a security patch, Cisco determines whether the patch affects applications and operating system components in Cisco CallManager and applications that share the same operating system installation process. Cisco then tests the relevant patches to verify correct operation with Cisco applications. This is a list of applications and operating system components that might be affected by a patch:

  • Microsoft Windows 2000 Server (including any Windows component or subcomponent installed by Cisco)
  • Microsoft Internet Information Server (IIS)
  • Microsoft Internet Explorer
  • Microsoft Structured Query Language (SQL) Server 2000


The operating system upgrades provided by Cisco are not the same as upgrades provided by Microsoft. The operating system upgrades and patches provided by Cisco are tailored for IP telephony applications. If a Microsoft service pack (SP) or hot fix is installed for the Cisco IP Telephony Operating System, the applications running on the Cisco IP Telephony Operating System might be adversely affected.

The security patch and hot fix policy for Cisco CallManager specifies that any applicable patch deemed Severity 1 or Critical must be tested and posted to Cisco.com within 24 hours as a hot fix. All other applicable patches are consolidated and posted once a month as incremental service releases. Notification tools (e-mail service) for providing automatic notification of new fixes, operating system updates, and patches for Cisco CallManager and associated products are also available:

  • Cisco CallManager Notification Tool This e-mail service provides automatic notification of new fixes, operating system updates, and service releases that are available for Cisco CallManager and related products, including Cisco CallManager Attendant Console, Cisco IP Manager Assistant (IPMA), and Bulk Administration Tool (BAT). To subscribe, go to http://www.cisco.com/cgi-bin/Software/Newsbuilder/Builder/VOICE.cgi and follow the instructions on the web page.
  • Cisco Product Security Incident Response Team (PSIRT) Advisory Notification Tool This e-mail service provides automatic notification of all Cisco security advisories released by Cisco PSIRT. Advisories that describe security issues that directly impact Cisco products provide a set of actions required to repair these products. To subscribe, go to http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html and follow the instructions on the web page.


The Cisco IP Telephony Operating System configuration and patch process does not currently allow an automated patch-management process.

Operating System Hardening

Part I: Cisco CallManager Fundamentals

Introduction to Cisco Unified Communications and Cisco Unified CallManager

Cisco Unified CallManager Clustering and Deployment Options

Cisco Unified CallManager Installation and Upgrades

Part II: IPT Devices and Users

Cisco IP Phones and Other User Devices

Configuring Cisco Unified CallManager to Support IP Phones

Cisco IP Telephony Users

Cisco Bulk Administration Tool

Part III: IPT Network Integration and Route Plan

Cisco Catalyst Switches

Configuring Cisco Gateways and Trunks

Cisco Unified CallManager Route Plan Basics

Cisco Unified CallManager Advanced Route Plans

Configuring Hunt Groups and Call Coverage

Implementing Telephony Call Restrictions and Control

Implementing Multiple-Site Deployments

Part IV: VoIP Features

Media Resources

Configuring User Features, Part 1

Configuring User Features, Part 2

Configuring Cisco Unified CallManager Attendant Console

Configuring Cisco IP Manager Assistant

Part V: IPT Security

Securing the Windows Operating System

Securing Cisco Unified CallManager Administration

Preventing Toll Fraud

Hardening the IP Phone

Understanding Cryptographic Fundamentals

Understanding the Public Key Infrastructure

Understanding Cisco IP Telephony Authentication and Encryption Fundamentals

Configuring Cisco IP Telephony Authentication and Encryption

Part VI: IP Video

Introducing IP Video Telephony

Configuring Cisco VT Advantage

Part VII: IPT Management

Introducing Database Tools and Cisco Unified CallManager Serviceability

Monitoring Performance

Configuring Alarms and Traces

Configuring CAR

Using Additional Management and Monitoring Tools

Part VIII: Appendix

Appendix A. Answers to Review Questions


Authorized Self-Study Guide Cisco IP Telephony (CIPT)
Cisco IP Telephony (CIPT) (Authorized Self-Study) (2nd Edition)
ISBN: 158705261X
EAN: 2147483647
Year: 2004
Pages: 329

Similar book on Amazon

Flylib.com © 2008-2020.
If you may any questions please contact us: flylib@qtcs.net