Cisco Cisco Unified Contact Center Enterprise 9.0(2) Design Guide
8-5
Cisco Unified Contact Center Enterprise 7.0, 7.1, and 7.2 SRND
OL-8669-16
Chapter 8 Securing Unified CCE
Security Best Practices
to obtain all relevant patches and updates to this operating system from Cisco. The security hardening
specifications for this operating system can be found in the Cisco Unified Communications Solution
Reference Network Design (SRND) guide and other Unified CM product documentation, available at
specifications for this operating system can be found in the Cisco Unified Communications Solution
Reference Network Design (SRND) guide and other Unified CM product documentation, available at
The approach to securing the Unified CCE solution as it pertains to the various layers listed above differs
from one group of servers to another. It is useful to keep this in mind as you design, deploy, and maintain
these servers in your environment. Cisco is constantly enhancing its Unified Communications products
with the eventual goal of having them all support the same customized operating system, antivirus
applications, and security path management techniques. Some examples of these enhancements include
the support of Cisco's host-based intrusion prevention software (Cisco Security Agent) and default
server hardening provided by the customized operating system or applications.
from one group of servers to another. It is useful to keep this in mind as you design, deploy, and maintain
these servers in your environment. Cisco is constantly enhancing its Unified Communications products
with the eventual goal of having them all support the same customized operating system, antivirus
applications, and security path management techniques. Some examples of these enhancements include
the support of Cisco's host-based intrusion prevention software (Cisco Security Agent) and default
server hardening provided by the customized operating system or applications.
Security Best Practices
As part of the Unified CCE 7.0 documentation set, Cisco has released a best-practices guide for the
primary group of servers, which covers a number of areas pertaining to the new implementation in the
release along with some general guidance for securing a Unified CCE deployment. The best-practices
guide includes the following topics:
primary group of servers, which covers a number of areas pertaining to the new implementation in the
release along with some general guidance for securing a Unified CCE deployment. The best-practices
guide includes the following topics:
•
Encryption Support
•
IPSec and NAT Support
•
Windows Firewall Configuration
•
Automated Security Hardening
•
Updating Microsoft Windows
•
SQL Server Hardening
•
SSL Encryption
•
Intrusion Prevention (CSA)
•
Microsoft Baseline Security Analysis
•
Auditing
•
Anti-Virus Guidelines and Recommendations
•
Secure Remote Administration
•
Additional Security Best Practices
–
WebView and IIS Hardening (Windows 2000)
–
Sybase EAServer (Jaguar) Hardening
–
RMS Listener Hardening
–
WMI Service Hardening
–
SNMP Hardening
–
Other
For the most current security best practices, refer to the latest version of the Security Best Practices
Guide for ICM and IPCC Enterprise & Hosted Editions, available at
Guide for ICM and IPCC Enterprise & Hosted Editions, available at