Securing Cisco IP Telephony Networks: Securi Cisco IP Teleph Networ

Front Cover
Cisco Press, Aug 31, 2012 - Computers - 696 pages

The real-world guide to securing Cisco-based IP telephony applications, devices, and networks

Cisco IP telephony leverages converged networks to dramatically reduce TCO and improve ROI. However, its critical importance to business communications and deep integration with enterprise IP networks make it susceptible to attacks that legacy telecom systems did not face. Now, there’s a comprehensive guide to securing the IP telephony components that ride atop data network infrastructures–and thereby providing IP telephony services that are safer, more resilient, more stable, and more scalable.

Securing Cisco IP Telephony Networks provides comprehensive, up-to-date details for securing Cisco IP telephony equipment, underlying infrastructure, and telephony applications. Drawing on ten years of experience, senior network consultant Akhil Behl offers a complete security framework for use in any Cisco IP telephony environment. You’ll find best practices and detailed configuration examples for securing Cisco Unified Communications Manager (CUCM), Cisco Unity/Unity Connection, Cisco Unified Presence, Cisco Voice Gateways, Cisco IP Telephony Endpoints, and many other Cisco IP Telephony applications. The book showcases easy-to-follow Cisco IP Telephony applications and network security-centric examples in every chapter.

This guide is invaluable to every technical professional and IT decision-maker concerned with securing Cisco IP telephony networks, including network engineers, administrators, architects, managers, security analysts, IT directors, and consultants.

  • Recognize vulnerabilities caused by IP network integration, as well as VoIP’s unique security requirements
  • Discover how hackers target IP telephony networks and proactively protect against each facet of their attacks
  • Implement a flexible, proven methodology for end-to-end Cisco IP Telephony security
  • Use a layered (defense-in-depth) approach that builds on underlying network security design
  • Secure CUCM, Cisco Unity/Unity Connection, CUPS, CUCM Express, and Cisco Unity Express platforms against internal and external threats
  • Establish physical security, Layer 2 and Layer 3 security, and Cisco ASA-based perimeter security
  • Complete coverage of Cisco IP Telephony encryption and authentication fundamentals
  • Configure Cisco IOS Voice Gateways to help prevent toll fraud and deter attacks
  • Secure Cisco Voice Gatekeepers and Cisco Unified Border Element (CUBE) against rogue endpoints and other attack vectors
  • Secure Cisco IP telephony endpoints–Cisco Unified IP Phones (wired, wireless, and soft phone) from malicious insiders and external threats

This IP communications book is part of the Cisco PressŪ Networking Technology Series. IP communications titles from Cisco Press help networking professionals understand voice and IP telephony technologies, plan and design converged networks, and implement network solutions for increased productivity.


What people are saying - Write a review

User Review - Flag as inappropriate

Very well written Akhil. Keep it up!

User Review - Flag as inappropriate

This is one of the best technical book and great reference for implementing and securing Cisco Unified Communications products CUCM, Cisco unity/unity connection, Presence, Gateway and End points.
This book covers all the best practices and methodologies you should put into operation to secure and Toll fraud on UC network.
Security of any network is dependent on how strong you build and protect your network elements and Unified Communications products and IP Phone endpoints against internal and external threats/attacks and this book really helped me to understand and construct end to end security of my UC network, CUCM, Presence, Gateways and IP Phones.
I found this book very valuable and helped me to configure toll restriction policies as per my
client requirement. I would like to thank Akhil Behl, the Author of this book for his great effort, Time and sharing his knowledge. Wishing him all the very best.


Cisco IP Telephony Application and Device Security
Cisco IP Telephony Network Management Security
Cisco IP Telephony Security Controls
Cisco IP Telephony Security Overview
Trusted Relay Point TRP
JTAPI Client Config
CUCM Security Audit Logs
Secure Voicemail Ports
Secure LDAP LDAPS for Cisco Unity Connection
Cisco Voice Gateway Security
Cisco IP Telephony Endpoint Security

Physical Security Issues
Cisco IP Telephony Layer 3 Security
Perimeter Security with Cisco Adaptive
Stateful Firewall
Cisco Unified Presence Security
Cisco IP Telephony Application and Device Security
Cisco IP Telephony Network Management Security
Cisco IP Telephony Security Essentials

Other editions - View all

Common terms and phrases

About the author (2012)

Akhil Behl , CCIE No. 19564, is a Senior Network Consultant in Cisco Services, focusing

on Cisco Collaboration and Security Architectures. He leads collaboration and security

projects worldwide for Cisco Services and the Collaborative Professional Services (CPS)

portfolio for the commercial segment. Prior to his current role, he spent ten years working

in various roles at Linksys as a Technical Support Lead, as an Escalation Engineer at

Cisco Technical Assistance Center (TAC), and as a Network Consulting Engineer in Cisco

Advanced Services.

Akhil has a bachelor of technology degree in electronics and telecommunications from

IP University, India, and a master’s degree in business administration from Symbiosis

Institute, India. He is a dual Cisco Certified Internetwork Expert (CCIE) in Voice and

Security. He also holds many other industry certifications, such as Project Management

Professional (PMP), Information Technology Infrastructure Library (ITIL) professional,

VMware Certified Professional (VCP), and Microsoft Certified Professional (MCP).

Over the course of his career, he has presented and contributed in various industry

forums such as Interop, Enterprise Connect, Cloud Connect, Cloud Summit, Computer

Society of India (CSI), Cisco Networkers, and Cisco SecCon. He also has several research

papers published to his credit in various international journals.

Bibliographic information