Cisco Cisco Unified Contact Center Management Portal 8.5(2) Leaflet
8-18
Cisco Unified Contact Center Enterprise 7.5 SRND
Chapter 8 Securing Unified CCE
Patch Management
Upon the release of a Critical or Important security update from Microsoft, Cisco assesses the impact on
the Unified ICM-based applications. For the security updates categorized by Cisco as Impacting, Cisco
continues to test its products to further determine if there are any potential conflicts. An impact
assessment bulletin is published typically a few days after Microsoft releases the security updates. This
impact assessment bulletin can be found under Cisco Event Responses at:
the Unified ICM-based applications. For the security updates categorized by Cisco as Impacting, Cisco
continues to test its products to further determine if there are any potential conflicts. An impact
assessment bulletin is published typically a few days after Microsoft releases the security updates. This
impact assessment bulletin can be found under Cisco Event Responses at:
Customers should follow Microsoft's guidelines regarding when and how to apply these updates. Cisco
recommends that Contact Center customers separately assess all security patches released by Microsoft
and install those deemed appropriate for their environments. Cisco will continue to provide a service of
separately assessing and, where necessary, validating higher-severity security patches that may be
relevant to the Contact Center software products.
recommends that Contact Center customers separately assess all security patches released by Microsoft
and install those deemed appropriate for their environments. Cisco will continue to provide a service of
separately assessing and, where necessary, validating higher-severity security patches that may be
relevant to the Contact Center software products.
For all application servers running on the Unified CM Operating System, refer to the Cisco Unified
CallManager Security Patch Process, available at
CallManager Security Patch Process, available at
For information on tracking Cisco-supported operating system files, SQL Server, and security files, refer
to Cisco IP Telephony Operating System, SQL Server, Security Updates, available at
to Cisco IP Telephony Operating System, SQL Server, Security Updates, available at
The Security Patch and Hotfix Policy for Unified CM specifies that any applicable patch deemed
Severity 1 or Critical must be tested and posted to
Severity 1 or Critical must be tested and posted to
within 24 hours as Hotfixes.
All applicable patches are consolidated and posted once per month as incremental Service Releases.
A notification tool (email service) for providing automatic notification of new fixes, OS updates, and
patches for Unified CM and associated products is available at
patches for Unified CM and associated products is available at
Automated Patch Management
Unified CCE servers (except for the applications installed on the CIPT OS) support integration with
Microsoft's Windows Server Update Services, whereby customers control which patches can be
deployed to those servers and when the patches can be deployed.
Microsoft's Windows Server Update Services, whereby customers control which patches can be
deployed to those servers and when the patches can be deployed.
The recommendation is to selectively approve updates and determine when they get deployed on
production servers. The Windows Automatic Update Client (installed by default on all Windows hosts)
can be configured to retrieve updates by polling a server that is running Microsoft Window Update
Services in place of the default Windows Update Web site.
production servers. The Windows Automatic Update Client (installed by default on all Windows hosts)
can be configured to retrieve updates by polling a server that is running Microsoft Window Update
Services in place of the default Windows Update Web site.
For more configuration and deployment information, refer to the Deployment Guide and other
step-by-step guides found at
step-by-step guides found at
More information is also available on this topic in the Security Best Practices Guide for Cisco Unified
ICM/CCE & Hosted Editions, Release 7.x.
ICM/CCE & Hosted Editions, Release 7.x.
Note
The Cisco Unified Communications Operating System configuration and patch process does not
currently allow for an automated patch management process.
currently allow for an automated patch management process.