Cisco Cisco Unified Contact Center Enterprise 9.0(2) Release Notes
30
Release Notes for Cisco IPCC/ICM Enterprise & Hosted Editions Release 7.0(0) Installer Update C November 24, 2008
New and Changed Information
It is required that the CSA service be Stopped before you perform any install or upgrade activity. The
CSA service can be stopped or started from the Windows Service Control Panel. Unlike CSA 4.0, there
is no need in CSA 4.5.1 to suspend the CSA service before stopping it. In the 7.0(0) release, ICM Setup
as well as System IPCC Setup automate the stopping and starting of the CSA service. Setup for other
ICM Server Applications/Options (CTI OS, Support Tools, and so forth) warns the user to stop CSA,
and a manual stop/disable of the CSA service is required. CSA does not protect the host while the service
is stopped. The CSA service should be enabled/started after the install activity is over. It is strongly
recommended that this practice also be followed during other installation and upgrade activities, such as
for supported third-party products.
CSA service can be stopped or started from the Windows Service Control Panel. Unlike CSA 4.0, there
is no need in CSA 4.5.1 to suspend the CSA service before stopping it. In the 7.0(0) release, ICM Setup
as well as System IPCC Setup automate the stopping and starting of the CSA service. Setup for other
ICM Server Applications/Options (CTI OS, Support Tools, and so forth) warns the user to stop CSA,
and a manual stop/disable of the CSA service is required. CSA does not protect the host while the service
is stopped. The CSA service should be enabled/started after the install activity is over. It is strongly
recommended that this practice also be followed during other installation and upgrade activities, such as
for supported third-party products.
CSA support for the ICM Network Gateway (SS7 Gateway Node) is added with the 7.0(0) release
(beginning with the CSA 4.5.1 engine).
(beginning with the CSA 4.5.1 engine).
ICM Setup Checks 'sa' Account Password
ICM 7.0 Setup checks for blank MS SQL Server 2000 "sa" account passwords. Leaving this password
blank is a severe security hole that has already been exploited by the slammer worm. When a user installs
Microsoft SQL Server 2000, that setup warns against leaving the password blank, but still allows a user
to override the warning.
blank is a severe security hole that has already been exploited by the slammer worm. When a user installs
Microsoft SQL Server 2000, that setup warns against leaving the password blank, but still allows a user
to override the warning.
Most, perhaps all, customers will have already set the password before installing ICM. To be secure,
ICM Setup checks the password value. If it is not blank, the password is not changed. If it is blank, then
the sa password is set to a random string of 6 characters from the following sets ([a-z] [A-Z]). A dialog
in Setup displays the following text: "The Microsoft SQL Server sa password was found to be blank. For
your protection, the sa password has been set to this random string: xxxxxx. This password will not be
displayed again, so please record the value if you use the sa login."
ICM Setup checks the password value. If it is not blank, the password is not changed. If it is blank, then
the sa password is set to a random string of 6 characters from the following sets ([a-z] [A-Z]). A dialog
in Setup displays the following text: "The Microsoft SQL Server sa password was found to be blank. For
your protection, the sa password has been set to this random string: xxxxxx. This password will not be
displayed again, so please record the value if you use the sa login."
The sa account is not needed if all access to the system is through Windows Authentication. If a database
administrator wants to use the sa account, and does not know the random password, the administrator
can still change it by logging into the SQL Server using Windows authentication.
administrator wants to use the sa account, and does not know the random password, the administrator
can still change it by logging into the SQL Server using Windows authentication.
Note that Cisco recommends that users configure SQL Server to use “Windows Only authentication”
versus “mixed mode authentication”. Please refer to the Security Best Practices Guide for Cisco
ICM/IPCC Enterprise & Hosted Editions for more information.
versus “mixed mode authentication”. Please refer to the Security Best Practices Guide for Cisco
ICM/IPCC Enterprise & Hosted Editions for more information.
Quality of Service (QoS)
ICM Release 7.0(0) supports DSCP (Diffserv Codepoint) marking, and if deployed with Windows
Packet Scheduler, 802.1p marking and traffic shaping for both the private and public network interface.
Packet Scheduler, 802.1p marking and traffic shaping for both the private and public network interface.
Enabling ICM QoS with Windows Packet Scheduler requires that the NIC adaptors NOT be configured
with more than one IP address because of a restriction in the Windows Packet Scheduler. Refer to
Microsoft knowledge base article 892494.
with more than one IP address because of a restriction in the Windows Packet Scheduler. Refer to
Microsoft knowledge base article 892494.
Another restriction of using Windows Packet Scheduler is that the shaping bandwidth reservation cannot
exceed 80% of the NIC bandwidth, and this may limit the number of customer instances to be installed
in a hosted environment.
exceed 80% of the NIC bandwidth, and this may limit the number of customer instances to be installed
in a hosted environment.
Note that the use of UDP heartbeat is replaced with TCP keep-alive when QoS is enabled in ICM.