Cisco Cisco IP Contact Center Release 4.6.1 Design Guide
8-16
Cisco Unified Contact Center Enterprise 7.0, 7.1, and 7.2 SRND
OL-8669-16
Chapter 8 Securing Unified CCE
Intrusion Prevention
•
Schedule regular disk scans only during low usage times and at times when application activity is
lowest. To determine when application purge activity is scheduled, refer to the Security Best
Practices guide listed in the previous item.
lowest. To determine when application purge activity is scheduled, refer to the Security Best
Practices guide listed in the previous item.
Guidelines for configuring antivirus applications for Unified CM are available at the following
locations:
locations:
Intrusion Prevention
Cisco Security Agent
Cisco Security Agent provides threat protection for servers, also known as endpoints. It identifies and
prevents malicious behavior, thereby eliminating known and unknown (“day zero”) security risks and
helping to reduce operational costs. The Cisco Security Agent aggregates and extends multiple endpoint
security functions by providing host intrusion prevention, distributed firewall capabilities, malicious
mobile code protection, operating system integrity assurance, and audit log consolidation (in managed
mode), all within a single product.
prevents malicious behavior, thereby eliminating known and unknown (“day zero”) security risks and
helping to reduce operational costs. The Cisco Security Agent aggregates and extends multiple endpoint
security functions by providing host intrusion prevention, distributed firewall capabilities, malicious
mobile code protection, operating system integrity assurance, and audit log consolidation (in managed
mode), all within a single product.
Unlike antivirus applications, Cisco Security Agent analyzes behavior rather than relying on signature
matching, but both remain critical components to a multi-layered approach to host security. Cisco
Security Agent should not be considered a substitute for antivirus applications.
matching, but both remain critical components to a multi-layered approach to host security. Cisco
Security Agent should not be considered a substitute for antivirus applications.
Deploying Cisco Security Agent on Unified CCE components involves obtaining a number of
application-compatible agents and implementing them according to the desired mode.
application-compatible agents and implementing them according to the desired mode.
Note
The Cisco Security Agent Policy provided for Unified CCE is limited to servers and may not be deployed
on Agent Desktops. Customers may choose to deploy the CSA product in their enterprise and modify
the default desktop security policies in the Management Center to allow legitimate application activity
on their desktop endpoints, including that of the Agent Desktop software deployed.
on Agent Desktops. Customers may choose to deploy the CSA product in their enterprise and modify
the default desktop security policies in the Management Center to allow legitimate application activity
on their desktop endpoints, including that of the Agent Desktop software deployed.
Agents Modes
The Cisco Security Agent can be deployed in two modes:
•
Standalone mode — A standalone agent can be obtained directly from the Cisco Software Center
for each voice application and can be implemented without communication capability to a central
Cisco Security Agent Management Center (MC).
for each voice application and can be implemented without communication capability to a central
Cisco Security Agent Management Center (MC).
•
Managed mode — An XML export file specific to the agent and compatible with each voice
application in the deployed solution, can be downloaded from the same location and imported into
an existing Cisco Unified Operations Management Center for Cisco Security Agents, part of the
Cisco Unified Operations VPN/Security Management Solution (VMS) bundle.
application in the deployed solution, can be downloaded from the same location and imported into
an existing Cisco Unified Operations Management Center for Cisco Security Agents, part of the
Cisco Unified Operations VPN/Security Management Solution (VMS) bundle.
The advanced Cisco Unified Operations Management Center for Cisco Security Agents incorporates all
management functions for agents in core management software that provides a centralized means of
defining and distributing policies, providing software updates, and maintaining communications to the
agents. Its role-based, web browser manage-from-anywhere access makes it easy for administrators to
control thousands of agents per MC.
management functions for agents in core management software that provides a centralized means of
defining and distributing policies, providing software updates, and maintaining communications to the
agents. Its role-based, web browser manage-from-anywhere access makes it easy for administrators to
control thousands of agents per MC.