Cisco Cisco Unified Provisioning Manager 8.5 Information Guide
Q&A
© 2009 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 3 of 6
Note:
See the Cisco Unified Provisioning Manager Supported Devices Table for versions that have been certified
Security
Q.
What type of access control does Cisco Unified Provisioning Manager support?
A.
Cisco Unified Provisioning Manager permits web login access based on having a permitted user login and
associated user roles within the system. User roles define access to certain functions for that user of the system
and are predefined. Many of the roles apply only within a specific IP telephony domain (Table 2).
Table 2.
User Roles
Role
Function
Ordering
User can create and place service orders for subscribers within the policy defined by the system configuration.
Advanced ordering
User can override system-determined policies.
Assignment
User may participate in phone assignment during service activation.
Advanced assignment
User may specify a specific phone MAC address during the order process.
Shipping
User may participate in verifying that physical shipment of a product has occurred.
Receiving
User may participate in verifying that physical receipt of a product has occurred.
Maintenance
User can perform purging and export of certain system objects.
Approval
User is responsible for approving orders within a domain.
Administration
User has all administrative access except assigning other administrators.
Q.
Does Cisco Unified Provisioning Manager support external authentication?
A.
Cisco UPM can use its internal authentication database, Lightweight Directory Access Protocol (LDAP) to Active
Directory, or Cisco ACS using the TACACS+ protocol. Different domains can have authentication to different
authentication, authorization, and accounting (AAA) servers.
Q.
Are secure protocols used to communicate with the managed applications?
A.
Cisco Unified Provisioning Manager uses the following protocols to talk to its managed devices:
●
Cisco Unified Communications Manager and Cisco Unity Connection are accessible through HTTP or
HTTPS.
●
Cisco Unified Communications Manager Express and Cisco Unity Express are accessible through Telnet or
Secure Shell (SSH) Protocol.
●
Cisco Unity is accessible through Java Database Connectivity (JDBC).
Q.
Can I delegate some functions to subadministrators in my organization?
A.
Cisco Unified Provisioning Manager uses the concept of IP telephony domains and service areas. Domains are
groupings of subscribers. For each grouping, one or more system users can be permitted to order services for
subscribers within that domain. In addition, rules or policies may be set on a domain; those rules and policies
will apply to services for subscribers in that domain.
Service areas are groupings within an IP telephony domain that are used to structure and manage IP telephony
and messaging services. The service area typically acts as a service offering location and provides a template
mechanism that determines provisioning policies and values used during order processing. This allows
administrative users to configure service areas and helps ensure that service orders follow company policy and
best practices for subscriber service activation.