Cisco Cisco IPCC Web Option Leaflet
8-7
Cisco Unified Contact Center Enterprise 7.5 SRND
Chapter 8 Securing Unified CCE
Network Firewalls
Network Firewalls
There are several important factors to consider when deploying firewalls in an Unified CCE network.
The application servers making up a Unified CCE solution (with the exception of Cisco Collaboration
Servers) are not meant to reside in a demilitarized zone (DMZ) and should be segmented from any
externally visible networks and internal corporate networks. The application servers should be placed in
data centers, and the applicable firewalls or routers should be configured with access control lists (ACL)
to control the traffic that is targeted to the servers, thereby allowing only designated network traffic to
pass through.
The application servers making up a Unified CCE solution (with the exception of Cisco Collaboration
Servers) are not meant to reside in a demilitarized zone (DMZ) and should be segmented from any
externally visible networks and internal corporate networks. The application servers should be placed in
data centers, and the applicable firewalls or routers should be configured with access control lists (ACL)
to control the traffic that is targeted to the servers, thereby allowing only designated network traffic to
pass through.
Deploying the application in an environment in which firewalls are in place requires the network
administrator to be knowledgeable of which TCP/UDP IP ports are used, firewall deployment and
topology considerations, and impact of Network Address Translation (NAT).
administrator to be knowledgeable of which TCP/UDP IP ports are used, firewall deployment and
topology considerations, and impact of Network Address Translation (NAT).
TCP/IP Ports
For an inventory of the ports used across the contact center suite of applications, refer to the following
documentation:
documentation:
•
Port Utilization Guide for Cisco ICM/IPCC Enterprise and Hosted Editions, available at
•
Cisco Unified Contact Center Express Port Utilization Guide, available at
•
Cisco Unified Communications Manager TCP and UDP Port Usage Guide, available at
Unified ICM
partitioning
(Database
object/access
control)
partitioning
(Database
object/access
control)
ICM Administration Guide for Cisco ICM Enterprise
Note
Partitioning is supported only for Unified ICM Enterprise. It is not
supported in Unified CCE, Unified ICM Hosted Edition, or Unified
CCH Edition.
supported in Unified CCE, Unified ICM Hosted Edition, or Unified
CCH Edition.
Feature control
(Software access
control)
(Software access
control)
ICM Configuration Guide for Cisco ICM Enterprise
Validating real-time
clients
clients
Setup and Configuration Guide for Cisco IPCC Hosted Edition
Table 8-2
Other Security Documentation (continued)
Security Topic
Document and URL