When you are securing an operating system, several threats should be considered. Bugs in the operating system, as well as in the services and applications that come with the operating system, can pose severe security threats. Because applications are installed on top of the operating system, even well-written and secure applications can be affected by vulnerabilities in the underlying operating system. Built-in networking services and applications are especially sensitive because they are exposed to remote attacks. That vulnerability also applies to the IP stack in the Windows operating system. The IP stack has a strategic importance and, unfortunately, also a long tradition of more and less severe security issues. These issues result not only from the particular implementation of the IP protocol, but also from the lack of security mechanisms in the protocol itself. As shown in Figure 20-1, password and account policies as well as insecure Windows configuration settings pose security concerns in the foundation Cisco CallManager operating system.
Figure 20-1. Threats Targeting the Windows Operating System
Microsoft Windows, as the most popular operating system, is well-known to the public. As a result, many known issues are related to its password policies as well as vulnerabilities in the operating system default settings. An attacker might try to log in to the operating system using the Administrator account with commonly used passwords. In Microsoft networking, File and Print Sharing services can be used (and might have been turned on by default in some versions of Windows) to allow access to file shares without any security checking.
Another threat to the system is malicious code execution by viruses, worms, or Trojan horses. Protection against these threats consists of blocking the threats from the system and detecting and eliminating attacks that were not blocked.
Finally and extremely important is the fact that server-operating systems are vulnerable to denial of service (DoS) attacks. If the server operating system cannot resist DoS attacks, an attacker can tear down the whole IP telephony infrastructure with a single, focused attack against Cisco CallManager nodes. Besides other methods (separating the server network from other parts of the network and establishing access control), the server itself should be hardened to resist at least simple and common DoS attacks.
Lowering the Threats in Windows Operating System
You can divide the possible countermeasures against attacks to the operating system itself into measures that eliminate vulnerabilities to certain threats and methods to protect the system against attacks exploiting the remaining vulnerabilities.
The following are practices to reduce possible vulnerabilities:
- Antivirus software
- Cisco Security Agent
To protect against bugs and exploits involving Microsoft Windows, Cisco provides an already hardened version of the Windows operating system called Cisco IP Telephony Operating System. You must keep the Windows 2000 Server up to date to secure the operating system against new security holes. For that reason, Cisco provides operating system upgrades and hot fixes. Cisco CallManager and other Cisco IP telephony applications require these upgrades to function properly.
Cisco uses the Cisco IP Telephony Operating System in several Cisco IP Telephony Application Server components, such as Cisco CallManager, Cisco Emergency Responder (ER), Cisco IP Contact Center (IPCC), and Cisco Interactive Voice Response (IVR). Cisco builds the IP Telephony Operating System upgrades on top of each other and they are incrementally more secure. The upgrades provide changes to, for example, the IP stack, file system, Registry, access control lists (ACLs), and dynamic link library (DLL) engines.
Before you run an operating system upgrade provided by Cisco, read the release notes for that upgrade carefully. The operating system upgrade might not apply to your installation and could harm the running applications. Before upgrading, verify that you are using the proper operating system upgrade for your Cisco CallManager version. It is also a good practice to consider making a backup before upgrading the Cisco IP Telephony Operating System.
Cisco IP Telephony Operating System upgrades can be downloaded from Cisco.com at http://www.cisco.com/cgi-bin/tablebuild.pl/cmva-3des (requires CCO account).
Part I: Cisco CallManager Fundamentals
Introduction to Cisco Unified Communications and Cisco Unified CallManager
Cisco Unified CallManager Clustering and Deployment Options
Cisco Unified CallManager Installation and Upgrades
Part II: IPT Devices and Users
Cisco IP Phones and Other User Devices
Configuring Cisco Unified CallManager to Support IP Phones
Cisco IP Telephony Users
Cisco Bulk Administration Tool
Part III: IPT Network Integration and Route Plan
Cisco Catalyst Switches
Configuring Cisco Gateways and Trunks
Cisco Unified CallManager Route Plan Basics
Cisco Unified CallManager Advanced Route Plans
Configuring Hunt Groups and Call Coverage
Implementing Telephony Call Restrictions and Control
Implementing Multiple-Site Deployments
Part IV: VoIP Features
Configuring User Features, Part 1
Configuring User Features, Part 2
Configuring Cisco Unified CallManager Attendant Console
Configuring Cisco IP Manager Assistant
Part V: IPT Security
Securing the Windows Operating System
Securing Cisco Unified CallManager Administration
Preventing Toll Fraud
Hardening the IP Phone
Understanding Cryptographic Fundamentals
Understanding the Public Key Infrastructure
Understanding Cisco IP Telephony Authentication and Encryption Fundamentals
Configuring Cisco IP Telephony Authentication and Encryption
Part VI: IP Video
Introducing IP Video Telephony
Configuring Cisco VT Advantage
Part VII: IPT Management
Introducing Database Tools and Cisco Unified CallManager Serviceability
Configuring Alarms and Traces
Using Additional Management and Monitoring Tools
Part VIII: Appendix
Appendix A. Answers to Review Questions