Archive for the ‘security’ tag
Cisco released their annual security report this month. Even if you’re not a security expert, there are some excellent articles to read. This years report highlighted security risks in social media (e.g. Facebook, Twitter) and mobile phones.
Notable articles in this year’s report:
- Money Mules: The Linchpins of Cybercrime Networks
- Social Engineering: The “Seven Deadly Weaknesses” That Criminals Exploit
- Criminals Favoring Java Over PDFs
- Global Spam Update: Spam Down Globally, but on the Rise in Europe
- Android and Apple Operating Systems Likely Key Targets in 2011
For users who upgrade CUCM from 4.x to 7.x or 8.x, you’ll notice a new indicator below registered devices:
For H.323 gateways, you’ll see a similar (but different) message:
These indicators denote whether the device can support Cisco criteria for secure signaling and media. The CUCM 7.1(3) Release Notes explain what these messages mean. In order to be classified as “trusted”, a device must meet the following criteria:
- Are all devices that are on the call trusted?
- Is the signaling secure (authenticated and encrypted)?
- Is the media secure?
For calls that involve a device that is not trusted, regardless of signaling and media security, the overall status of the call will stay unsecure, and the phone will not display the Lock icon. For example, if you include an untrusted device in a conference, the system considers its call leg, as well as the conference itself, to be unsecure.
A Trusted Device represents a Cisco device or a third-party device that has passed Cisco security criteria for trusted connections. This includes, but is not limited to, signaling/media encryption, platform hardening, and assurance. If a device is trusted, a Security icon displays, and a secure tone plays on supported devices. Also, the device may provide other features or indicators that are related to secure calls. – CUCM 7.1(3) Release Notes