Increase EM security?

ALM 3 supports secure and encrypted communications with the Unified Communications Manager (CallManager) from version 7 and up. ALM now supports HTTPS, HTTP Secure Socket Layer.

Many companies implement some kind of security within their local network. VLAN’s, ACL’s or Firewalls are implemented between the voice and data network to tighten security and restrict access to specific segments of the network. When using the Extension Mobility feature, the UserID and PIN are sent from the Cisco IP phone to the CM in clear-text, this can be a major security risk within the network. Using a simple network sniffer an internal or external attacker could gain access to user account information.

ALM moves the user authentication from the Cisco IP Phone to the Windows desktop. Adding three major advantages:

• ALM provides a Single-Sign-On (SSO) solution, the user does not have to remember or maintain multiple accounts, password or codes and manually logon or logoff from the IP Phone
• ALM enables encrypted user authentication to the CallManager using HTTPS
• ALM prevents a manual action required to logon of logoff  via the IP Phone

So why should I use this?

Basically to improve security within the network, minimize the potential risk someone will gain access to user account information and add a higher usability.

And how do I enable this?

A new topic has been added to our support forum describing the configuration steps to follow. Please go trough these instructions first.

My 2nd-generation phones (7940/7960) do not support HTTPS can I still use ALM?

Yes you can. This is a very important point. The “old” Cisco IP Phones do not support HTTPS between the phone and the CallManager. Because ALM moves the authentication process from the phone to the Windows desktop enncyption with HTTPS will be supported.

For more information contact our support desk.