Cisco Cisco E-Mail Manager Unity Integration Option Installation Guide
Chapter 4 Installation
Security Settings
4-10
Remote Silent Monitoring Installation and Administration Guide
Note
Currently, the Cisco Unified Contact Center Security Wizard’s Windows Firewall
tool is not programmed to automatically create exceptions for RSM. RSM will not
work properly if this tool is used to enable Windows Firewall on the RSM server.
tool is not programmed to automatically create exceptions for RSM. RSM will not
work properly if this tool is used to enable Windows Firewall on the RSM server.
Cisco Security Agent (CSA)
RSM fully supports Cisco Security Agent (CSA) for ICM. It is highly
recommended that CSA for ICM be installed on the RSM server. Refer to the
“Base System Provisioning” topic in Chapter 3, Pre-Installation Tasks.
recommended that CSA for ICM be installed on the RSM server. Refer to the
“Base System Provisioning” topic in Chapter 3, Pre-Installation Tasks.
Network Level Security
Currently, network level IP security (IPsec) encryption is the only supported
method for securing high-level protocols between RSM and other Unified CCE
components.
method for securing high-level protocols between RSM and other Unified CCE
components.
Note
For recommended and supported IP sec tunnel configurations, refer to the
“Support for IPSec (IP Security) in Transport Mode” topic in Chapter 2 of the
Security Best Practices Guide for ICM and IPCC Enterprise & Hosted Editions
document (cf. “Windows Security Hardening” topic, above).
“Support for IPSec (IP Security) in Transport Mode” topic in Chapter 2 of the
Security Best Practices Guide for ICM and IPCC Enterprise & Hosted Editions
document (cf. “Windows Security Hardening” topic, above).
ICM allows IPsec policies to be set up manually (e.g., via the Microsoft 2003
Server security tools), or via the Cisco Network Isolation Utility. Note that RSM
supports only manually configured peer-to-peer IPsec tunnels and does not
support the Cisco Network Isolation Utility.
Server security tools), or via the Cisco Network Isolation Utility. Note that RSM
supports only manually configured peer-to-peer IPsec tunnels and does not
support the Cisco Network Isolation Utility.
IPsec for secure CTI OS and JTAPI communication is described below.
Secure CTI OS Communication Encryption with IPsec
To encrypt CTI OS communications between the RSM server and a PG CTI OS
server, an IPsec tunnel may be configured. If the environment has multiple PGs
that the RSM server is configured to use, this approach may be used with each PG
or only certain ones (e.g., only PGs over a certain insecure network connection).
server, an IPsec tunnel may be configured. If the environment has multiple PGs
that the RSM server is configured to use, this approach may be used with each PG
or only certain ones (e.g., only PGs over a certain insecure network connection).