Tag Archives: voip security

Cisco Press Meet the Author Webinar – Demystifying CUCM Security By Default

Join me for Cisco Press Meet the Author Webinar for one of the hottest topics in Cisco Unified Communications – Security by Default

Register at to secure your seat!

The session will be recorded in case you miss the live webcast.

Leave a comment

Posted by on January 21, 2014 in UC Security Posts


Tags: , , , , , , , , ,

Cisco Technical Services Newsletter – Chalk Talk on Secure Manageability of Cisco Collaboration Environments

So, here’s a Chalk Talk on Secure Manageability of Cisco Collaboration Environments for those who are interesting in or wanted to get started with secure management.

Here’s an excerpt from the article


Now that your Cisco world class Collaboration Network is set up and functional, it is time to leverage the benefits of the Unified IP environment. With reduction in Total Cost of Ownership (TCO), leveraging converged network for transporting both voice and data and increased Return on Investment (ROI), what can possibly go wrong? Well, if you didn’t think in a holistic way while setting up the management aspect of your Collaboration network, a lot can go wrong. With things on the move, you should concentrate on making sure they keep going as planned. That is, ensure that you have a plan to securely manage the vital assets of your organization’s communications channels.

More often than not, the topic of “secure management” does not come up as early as it should in most network management discussions. Reasons can vary, such as – lack of support from higher management (monetary or manpower) or lack of insight or experience about what goes into secure management of a Collaboration network. With that said, a Secure Collaboration Network can be achievable only if network management is secured. All in all, if a true collaboration experience is to be achieved, it can be only by way of well-rounded security strategy, and secure network management is an indispensable part of any security strategy.

A Collaboration network’s secure management can be looked upon as a task to move away from unsecure management protocols to standards-driven secure management protocols. The following sections discuss the importance of switching from relatively unsecure or weak security posture management protocols to comparatively secure management protocols.

Something’s Just Not Right!

Until now many organizations still stick with clear text, and in turn, vulnerable protocols for managing their Collaboration networks. The burning question is – why use an insecure protocol at all? The answer is pretty straight forward –a default clear text protocol doesn’t require any special software at Network Management Station (NMS) nor any special configuration at the device being managed. While this may sound great at first, it’s not a leading practice or a recommendation for managing an organization’s Collaboration network.


For full article you can view Cisco Technical Services newsletter of Nov 2013 @ or article on Cisco Support Community

And if you’re interested in further details on how you can achieve a secure network construct for your Cisco Collaboration network, you can always refer to Securing Cisco IP Telephony Networks

Leave a comment

Posted by on November 21, 2013 in UC Security Posts


Tags: , , , , , , , ,

Free Webinars on CUCM Endpoint Security and Compliance

Please join Stephen Welsh (UnifiedFX CTO) and myself for a series of educational webinars on Cisco Unified Communications Manager (CUCM) Endpoint Security and Compliance.

This series of webinars is aimed at helping UC and Security community understand, uncomplicate and achieve security for Cisco UC endpoints (IP Phones, Softphones) Learn key principles, leading practices and how to effectively manage Cisco UC endpoints for security compliance.

The Essentials of Endpoint Security and Compliance is a 3 session series with following sessions –

• Session 1: The Impact of Security by Default (5th Sept)

• Session 2: Understanding and Managing ITL & CTL Files (12th Sept)

• Session 3: Leading Practices for Endpoint Security & Compliance (19th Sept)

You can register for the webinars at

Unifed FX’s webinar page

These sessions will be recorded so in case you’re unable to join for the live session(s) you can view the recording later.

Keep up the security!

Leave a comment

Posted by on September 1, 2013 in UC Security Posts


Tags: , , , , , , , , , , , , ,

Understanding Cisco Unified Communications Manager Express Security – Voice Encryption

Voice over IP (VoIP) is not just need of hour for most enterprises; it’s something their business depends on to a degree that without IP communications in place, their business processes and revenue streams will fall apart. In such case, it goes without saying; security of voice networks is one of the chief concerns when it comes to security of intellectual capital and customer data. More often than not, one of the first thoughts is how to secure the VoIP network itself which is leveraged by IP Telephony / Unified Communication (UC) applications.

So what is that may be the most commonly sought after yet elusive security control which plays an indispensable role in securing a VoIP network? Your guess is as good as mine, it is encryption! Now, you are well within your rights to ask why elusive? The simple answer is – where encryption can help you succeed and protect the privacy of communications, it can also be detrimental for various functions / organizations e.g. monitoring secure calls is not a trivial task and encrypting all endpoints has an impact on platform sizing and performance.

In this article we discuss about the security of Cisco Unified Communications Manager Express (CUCME) which is an integral part of Cisco UC; and more so of Cisco Express Call processing regime.

To read the full article visit

To learn in depth about Cisco Collaboration Infrastructure, endpoint, device and application security refer to Securing Cisco IP Telephony Networks

1 Comment

Posted by on May 12, 2013 in UC Security Posts


Tags: , , , , , , , , , ,

Cisco Live Tweet Chat – Cisco UC Security

Yes, you read it right! I’ll be hosting a Tweet Chat session on 07 May 2013 at 10 am PST on Cisco UC Security.

Please join me on the Tweet Chat and feel free to ask any questions you have or clarify any doubts related to Cisco UC Security.

Here’s the link to the chat and

So, what are you waiting for? Join me on the Cisco Collaboration Security Tweet Chat on 7 May 2013 at 10 am PST – tweet to @cisco_support using hash tag #ciscoucsecurity

Leave a comment

Posted by on May 3, 2013 in UC Security Posts


Tags: , , , , , , , , , , ,

Best Practices for Deploying Secure Cisco IP Telephony Solutions

IP telephony is slowly but surely becoming part of the modern day organization’s day-to day-operations. In fact, some organizations depend on it to the extent of their core business or processes based on IP communications. Sadly though, the security aspect pertinent to IP based communications network, applications, and underlying infrastructure is usually not taken into consideration (or is ignored) when enterprises and businesses think of deploying unified communications.

On the same lines of thought, why should anyone for that matter think of securing an IP telephony network? The answer is simple however manifold:

  1. To protect the information flowing in IP communication channels from eavesdropping and reconnaissance attacks as well as from manipulation or injection attacks.
  2. To ensure that the investment in their on-premise or off-premise infrastructure pays off (ROI) and doesn’t end up in a rogue’s hands, utilizing it for malicious purposes.
  3. To lower Total Cost of Ownership (TCO) by leveraging IP communications to offset PSTN/Toll calls and reducing Moving, Addition, Configuration, and Deletion (MACD) and at the same time, keeping conversations safe.
  4. Attacks on the telephony network may result in monetary and reputation loss. Moreover, it can directly or indirectly impact the business continuity and clientage.

Today, many organizations depend on a number of IP telephony services like voice calls, instant messaging, conferencing, and video conferencing. A typical IP telephony network can face several threats like toll fraud, reconnaissance attacks, eavesdropping, Denial of Service (DoS) attack, and call hijack. While most organizations do consider that their network needs protection from internal or external threats, such a notion is missing (usually) when it comes to their IP telephony applications/devices.

Read the full article at

For more insight to Cisco IP Telephony Security refer to Cisco Press book Securing Cisco IP Telephony Networks

Leave a comment

Posted by on April 8, 2013 in UC Security Posts


Tags: , , , , , , , , , , , , , , , , , , , ,

Audio review and intro of ‘Securing Cisco IP Telephony Networks’

I’ve to admit, this is pretty cool!

There’s now an audio review and intro available for the book ‘Securing Cisco Telephony Networks’ thanks to

To listen to audio preview click here Audio Preview of Securing Cisco IP Telephony Networks

Leave a comment

Posted by on April 3, 2013 in UC Security Audio


Tags: , , , , , , , , , , , , , , , , , ,