Cisco 7965G, CP-7965G, 7945G Administration Manual

Cisco Unified IP Phone 7965G and 7945G Administration Guide for Cisco

Unified

Communications Manager 6.0

Americas Headquarters

Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000

800 553-NETS (6387)

Fax: 408 527-0883

Text Part Number: OL-12650-01

THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.

THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.

The following information is for FCC compliance of Class A devices: This equipment has been tested and found to comply with the limits for a Class A digital device, pursuant to part 15 of the FCC rules. These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment. This equipment generates, uses, and can radiate radio-frequency energy and, if not installed and used in accordance with the instruction manual, may cause harmful interference to radio communications. Operation of this equipment in a residential area is likely to cause harmful interference, in which case users will be required to correct the interference at their own expense.

The following information is for FCC compliance of Class B devices: The equipment described in this manual generates and may radiate radio-frequency energy. If it is not installed in accordance with Cisco’s installation instructions, it may cause interference with radio and television reception. This equipment has been tested and found to comply with the limits for a Class B digital device in accordance with the specifications in part 15 of the FCC rules. These specifications are designed to provide reasonable protection against such interference in a residential installation. However, there is no guarantee that interference will not occur in a particular installation.

Modifying the equipment without Cisco’s written authorization may result in the equipment no longer complying with FCC requirements for Class A or Class B digital devices. In that event, your right to use the equipment may be limited by FCC regulations, and you may be required to correct any interference to radio or television communications at your own expense.

You can determine whether your equipment is causing interference by turning it off. If the interference stops, it was probably caused by the Cisco equipment or one of its peripheral devices. If the equipment causes interference to radio or television reception, try to correct the interference by using one or more of the following measures:

• Turn the television or radio antenna until the interference stops.

• Move the equipment to one side or the other of the television or radio.

• Move the equipment farther away from the television or radio.

• Plug the equipment into an outlet that is on a different circuit from the television or radio. (That is, make certain the equipment and the television or radio are on circuits controlled by different circuit breakers or fuses.)

Modifications to this product not authorized by Cisco Systems, Inc. could void the FCC approval and negate your authority to operate the product.

The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB’s public domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California.

NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS” WITH ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE.

IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

CCVP, the Cisco Logo, and the Cisco Square Bridge logo are trademarks of Cisco Systems, Inc.; Changing the Way We Work, Live, Play, and Learn is a service mark of Cisco Systems, Inc.; and Access Registrar, Aironet, BPX, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Enterprise/Solver, EtherChannel, EtherFast, EtherSwitch, Fast Step, Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, IP/TV, iQ Expertise, the iQ logo, iQ Net Readiness Scorecard, iQuick Study, LightStream, Linksys, MeetingPlace, MGX, Networking Academy, Network Registrar, Packet, PIX, ProConnect, RateMUX, ScriptShare, SlideCast, SMARTnet, StackWise, The Fastest Way to Increase Your Internet Quotient, and TransPath are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.

All other trademarks mentioned in this document or Website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0704R)

IMPLIED, INCLUDING, WITHOUT

The Java logo is a trademark or registered trademark of Sun Microsystems, Inc. in the U.S. or other countries.

Cisco Unified IP Phone 7965G and 7945G Administration Guide for Cisco Unified Communications Manager 6.0

Preface xi

CONTENTS

CHAPTER

1 An Overview of the Cisco Unified IP Phone 1-1

Understanding the Cisco Unified IP Phone 7965G and 7945G 1-2

What Networking Protocols Are Used? 1-4

What Features are Supported on the Cisco Unified IP Phone 7965G and 7945G? 1-7

Feature Overview 1-8 Configuring Telephony Features 1-8 Configuring Network Parameters Using the Cisco Unified IP Phone 1-9 Providing Users with Feature Information 1-9

Understanding Security Features for Cisco Unified IP Phones 1-9

Overview of Supported Security Features 1-11 Understanding Security Profiles 1-14 Identifying Encrypted and Authenticated Phone Calls 1-14

Establishing and Identifying Secure Conference Calls 1-15 Call Security Interactions and Restrictions 1-15

Supporting 802.1X Authentication on Cisco Unified IP Phones 1-16

Overview 1-17 Required Network Components 1-17 Best Practices—Requirements and Recommendations 1-17

Security Restrictions 1-18

Overview of Configuring and Installing Cisco Unified IP Phones 1-18

Configuring Cisco Unified IP Phones in Cisco Unified Communications Manager 1-19

Checklist for Configuring the Cisco Unified IP Phone 7965G and 7945G in Cisco Unified Communications Manager 1-20

Installing Cisco Unified IP Phones 1-23

Checklist for Installing the Cisco Unified IP Phone 7965G and 7945G 1-23

CHAPTER

2 Preparing to Install the Cisco Unified IP Phone on Your Network 2-1

Understanding Interactions with Other Cisco Unified IP Communications Products 2-1

Understanding How the Cisco Unified IP Phone Interacts with Cisco Unified Communications Manager 2-2

Understanding How the Cisco Unified IP Phone Interacts with the VLAN 2-2

Providing Power to the Phone 2-3

Power Guidelines 2-4

Cisco Unified IP Phone 7965G and 7945G Administration Guide for Cisco Unified Communications Manager 6.0

OL-12650-01

Contents

Phone Power Consumption and Display Brightness 2-4 Power Outage 2-5 Obtaining Additional Information about Power 2-5

Understanding Phone Configuration Files 2-5

Understanding the Phone Startup Process 2-7

Adding Phones to the Cisco Unified Communications Manager Database 2-9

Adding Phones with Auto-Registration 2-9 Adding Phones with Auto-Registration and TAPS 2-10 Adding Phones with Cisco Unified Communications Manager Administration 2-11 Adding Phones with BAT 2-11

Using Cisco Unified IP Phones with Different Protocols 2-12

Converting a New Phone from SCCP to SIP 2-12 Converting an In-Use Phone from SCCP to SIP 2-13 Converting an In-Use Phone from SIP to SCCP 2-13 Deploying a Phone in an SCCP and SIP Environment 2-13

CHAPTER

Determining the MAC Address of a Cisco Unified IP Phone 2-13

3 Setting Up the Cisco Unified IP Phone 3-1

Before You Begin 3-1

Network Requirements 3-2 Cisco Unified Communications Manager Configuration 3-2 Safety 3-2

Understanding the Cisco Unified IP Phone 7965G and 7945G Components 3-3

Network and Access Ports 3-4 Handset 3-4 Speakerphone 3-4 Headset 3-4

Audio Quality Subjective to the User 3-5 Connecting a Headset 3-5 Disabling a Headset 3-5 Using External Devices with Your Cisco Unified IP Phone 3-6

Installing the Cisco Unified IP Phone 3-6

Attaching the Cisco Unified IP Phone Expansion Module 7914 (SCCP Phones Only) 3-8

Adjusting the Placement of the Cisco Unified IP Phone 3-9

Adjusting Cisco Unified IP Phone Footstand and Phone Height 3-9 Securing the Phone with a Cable Lock 3-10 Mounting the Phone to the Wall 3-11

Verifying the Phone Startup Process 3-12

Cisco Unified IP Phone 7965G and 7945G Administration Guide for Cisco Unified Communications Manager 6.0

OL-12650-01

Configuring Startup Network Settings 3-13

Configuring Security on the Cisco Unified IP Phone 3-13

Contents

CHAPTER

4 Configuring Settings on the Cisco Unified IP Phone 4-1

Configuration Menus on the Cisco Unified IP Phone 7965G and 7945G 4-1

Displaying a Configuration Menu 4-2 Unlocking and Locking Options 4-3 Editing Values 4-3

Overview of Options Configurable from a Phone 4-4

Network Configuration Menu 4-5

Device Configuration Menu 4-12

CallManager Configuration menu 4-12 SIP Configuration Menu (SIP Phones Only) 4-14

SIP General Configuration Menu 4-14

Line Settings Menu 4-16 Call Preferences Menu 4-17 HTTP Configuration Menu 4-18 Locale Configuration Menu 4-19

NTP Configuration Menu (SIP Phones Only) 4-19 UI Configuration Menu 4-20 Media Configuration Menu 4-22 Power Save Configuration Menu 4-25 Ethernet Configuration Menu 4-26 Security Configuration Menu 4-27 QoS Configuration Menu 4-28 Network Configuration 4-29

Security Configuration Menu 4-32

CTL File Menu 4-33 Trust List Menu 4-35

802.1X Authentication and Status 4-36

CHAPTER

5 Configuring Features, Templates, Services, and Users 5-1

Telephony Features Available for the Phone 5-2

Configuring Corporate and Personal Directories 5-16

Configuring Corporate Directories 5-17 Configuring Personal Directory 5-17

Modifying Phone Button Templates 5-17

Configuring Softkey Templates 5-18

Cisco Unified IP Phone 7965G and 7945G Administration Guide for Cisco Unified Communications Manager 6.0

OL-12650-01

vii

Contents

Setting Up Services 5-18

Adding Users to Cisco Unified Communications Manager 5-19

Managing the User Options Web Pages 5-19

Giving Users Access to the User Options Web Pages 5-19 Specifying Options that Appear on the User Options Web Pages 5-20

CHAPTER

6 Customizing the Cisco Unified IP Phone 6-1

Customizing and Modifying Configuration Files 6-1

Creating Custom Phone Rings 6-2

Ringlist.xml File Format Requirements 6-2 PCM File Requirements for Custom Ring Types 6-3 Configuring a Custom Phone Ring 6-3

Creating Custom Background Images 6-4

List.xml File Format Requirements 6-4 PNG File Requirements for Custom Background Images 6-5 Configuring a Custom Background Image 6-5

Configuring Wideband Codec 6-6

Configuring the Idle Display 6-7

Automatically Disabling the Cisco Unified IP Phone Screen 6-7

7 Viewing Model Information, Status, and Statistics on the Cisco Unified IP Phone 7-1

Model Information Screen 7-2

Status Menu 7-3

Status Messages Screen 7-3 Network Statistics Screen 7-11 Firmware Versions Screen 7-12 Expansion Module(s) Screen (SCCP Phones Only) 7-13 Call Statistics Screen 7-13

CHAPTER

8 Monitoring the Cisco Unified IP Phone Remotely 8-1

Accessing the Web Page for a Phone 8-2

Disabling and Enabling Web Page Access 8-3

Device Information 8-3

Network Configuration 8-5

Network Statistics 8-8

Device Logs 8-10

Streaming Statistics 8-11

Cisco Unified IP Phone 7965G and 7945G Administration Guide for Cisco Unified Communications Manager 6.0

viii

OL-12650-01

Contents

CHAPTER

9 Troubleshooting and Maintenance 9-1

Resolving Startup Problems 9-2

Symptom: The Cisco Unified IP Phone Does Not Go Through its Normal Startup Process 9-2 Symptom: The Cisco Unified IP Phone Does Not Register with Cisco Unified Communications

Manager 9-3

Identifying Error Messages 9-3

Checking Network Connectivity 9-3

Verifying TFTP Server Settings 9-3

Verifying IP Addressing and Routing 9-4

Verifying DNS Settings 9-4

Verifying Cisco Unified Communications Manager Settings 9-4

Cisco Unified Communications Manager and TFTP Services Are Not Running 9-4

Creating a New Configuration File 9-5

Registering the Phone with Cisco Unified Communications Manager 9-6 Symptom: Cisco Unified IP Phone Unable to Obtain IP Address 9-6

Cisco Unified IP Phone Resets Unexpectedly 9-6

Verifying Physical Connection 9-7 Identifying Intermittent Network Outages 9-7 Verifying DHCP Settings 9-7 Checking Static IP Address Settings 9-7 Verifying Voice VLAN Configuration 9-7 Verifying that the Phones Have Not Been Intentionally Reset 9-8 Eliminating DNS or Other Connectivity Errors 9-8 Checking Power Connection 9-8

OL-12650-01

Troubleshooting Cisco Unified IP Phone Security 9-9

General Troubleshooting Tips 9-11

General Troubleshooting Tips for the Cisco Unified IP Phone Expansion Module 7914 (SCCP Phones Only) 9-15

Resetting or Restoring the Cisco Unified IP Phone 9-15

Performing a Basic Reset 9-15 Performing a Factory Reset 9-16

Using the Quality Report Tool 9-17

Monitoring the Voice Quality of Calls 9-17

Using Voice Quality Metrics 9-18 Troubleshooting Tips 9-19

Where to Go for More Troubleshooting Information 9-19

Cleaning the Cisco Unified IP Phone 9-20

Cisco Unified IP Phone 7965G and 7945G Administration Guide for Cisco Unified Communications Manager 6.0

Contents

APPENDIX

A Providing Information to Users Via a Website A-1

How Users Obtain Support for the Cisco Unified IP Phone A-1

How Users Access the Online Help System on the Phone A-1

How Users Get Copies of Cisco Unified IP Phone Manuals A-2

Accessing Cisco 7900 Series Unified IP Phone eLearning Tutorials (SCCP Phones Only) A-2

How Users Subscribe to Services and Configure Phone Features A-3

How Users Access a Voice Messaging System A-3

How Users Configure Personal Directory Entries A-4

Installing and Configuring the Cisco Unified IP Phone Address Book Synchronizer A-4

B Feature Support by Protocol for the Cisco Unified IP Phone 7965G and 7945G B-1

C Supporting International Users C-1

Adding Language Overlays to Phone Buttons C-1

Installing the Cisco Unified Communications Manager Locale Installer C-1

D Technical Specifications D-1

NDEX

Physical and Operating Environment Specifications D-1

Cable Specifications D-2

Network and Access Port Pinouts D-2

Cisco Unified IP Phone 7965G and 7945G Administration Guide for Cisco Unified Communications Manager 6.0

OL-12650-01

Overview

Preface

Cisco Unified IP Phone 7965G and 7945G Administration Guide for Cisco Unified Communications Manager 6.0 provides the information you need to understand, install, configure, manage, and

troubleshoot the phones in the Cisco Unified IP Phone 7965G and 7945G on a Voice-over-IP (VoIP) network.

Because of the complexity of an IP telephony network, this guide does not provide complete and detailed information for procedures that you need to perform in Cisco network devices.

Unified Communications Manager or other

Audience

Network engineers, system administrators, or telecom engineers should review this guide to learn the steps required to properly set up the Cisco Unified IP Phone 7965G and 7945G on the network.

The tasks described are administration-level tasks and are not intended for end-users of the phones. Many of the tasks involve configuring network settings and affect the phone’s ability to function in the network.

Because of the close interaction between the Cisco Unified IP Phone and Cisco

Unified Communications Manager, many of the tasks in this manual require familiarity with

Cisco

Unified Communications Manager.

Organization

This manual is organized as follows:

Chapter 1, “An Overview of the Cisco Unified IP Phone”

Chapter 2, “Preparing to Install the Cisco Unified IP Phone on Your Network”

Provides a conceptual overview and description of the Cisco

Describes how the Cisco Unified IP Phone interacts with other key IP telephony components, and provides an overview of the tasks required prior to installation.

Unified IP Phone.

Cisco Unified IP Phone 7965G and 7945G Administration Guide for Cisco Unified Communications Manager 6.0

OL-12650-01

Preface

Chapter 3, “Setting Up the Cisco Unified IP Phone”

Chapter 4, “Configuring Settings on the Cisco Unified IP Phone”

Chapter 5, “Configuring Features, Templates, Services, and Users”

Chapter 6, “Customizing the Cisco Unified IP Phone”

Chapter 7, “Viewing Model Information, Status, and Statistics on the Cisco Unified IP Phone”

Chapter 8, “Monitoring the Cisco Unified IP Phone Remotely”

Chapter 9, “Troubleshooting and Maintenance” Provides tips for troubleshooting the

Appendix A, “Providing Information to Users Via a Website”

Appendix B, “Feature Support by Protocol for the Cisco Unified IP Phone 7965G and 7945G”

Appendix C, “Supporting International Users” Provides information about setting up phones in

Appendix D, “Technical Specifications” Provides technical specifications of the

Describes how to properly and safely install and configure the Cisco network.

Describes how to configure network settings, verify status, and make global changes to the Cisco

Unified IP Phone.

Provides an overview of procedures for configuring telephony features, configuring directories, configuring phone button and softkey templates, setting up services, and adding users to Cisco

Unified Communications Manager.

Explains how to customize phone ring sounds, background images, and the phone idle display at your site.

Explains how to view model information, status messages, network statistics, and firmware information from the

Describes the information that you can obtain from the phone’s web page to remotely monitor the operation of a phone and to assist with troubleshooting.

Cisco

Unified IP Phone.

Provides suggestions for setting up a website for providing users with important information about their Cisco

Provides information about feature support for the Cisco Unified IP Phone 7965G and 7945G using the SCCP or SIP protocol with Cisco Unified Communications Manager Release 6.0.

non-English environments.

Cisco

Unified IP Phones.

Unified IP Phone.

Unified IP Phone on your

Cisco Unified IP Phone.

Related Documentation

For more information about Cisco Unified IP Phones or Cisco Unified Communications Manager, refer to the following publications:

Cisco Unified IP Phone 7900 Series

These publications are available at the following URL:

http://www.cisco.com/en/US/products/hw/phones/ps379/tsd_products_support_series_home.html

• Cisco Unified IP Phone 7965 Series Phone Guide

• Cisco Unified IP Phone Features A–Z

Cisco Unified IP Phone 7965G and 7945G Administration Guide for Cisco Unified Communications Manager 6.0

xii

OL-12650-01

Preface

• Cisco Unified IP Phone Expansion Module 7914 Phone Guide

• Installing the Wall Mount Kit for the Cisco Unified IP Phone

• Regulatory Compliance and Safety Information for the Cisco Unified IP Phone 7900 Series

Cisco Unified Communications Manager Administration

Related publications are available at the following URL:

http://www.cisco.com/en/US/products/sw/voicesw/ps556/tsd_products_support_series_home.html

Cisco Unified Communications Manager Business Edition

Related publications are available at the following URL:

http://www.cisco.com/en/US/products/ps7273/tsd_products_support_series_home.html

Obtaining Documentation, Obtaining Support, and Security Guidelines

For information on obtaining documentation, obtaining support, providing documentation feedback, security guidelines, and also recommended aliases and general Cisco documents, see the monthly What’s New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:

http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html

Cisco Product Security Overview

This product contains cryptographic features and is subject to United States and local country laws governing import, export, transfer and use. Delivery of Cisco cryptographic products does not imply third-party authority to import, export, distribute or use encryption. Importers, exporters, distributors and users are responsible for compliance with U.S. and local country laws. By using this product you agree to comply with applicable laws and regulations. If you are unable to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:

http://www.cisco.com/wwl/export/crypto/tool/stqrg.html. If you require further assistance please

Document Conventions

This document uses the following conventions:

Convention Description

boldface font Commands and keywords are in boldface.

italic font Arguments for which you supply values are in italics.

[ ] Elements in square brackets are optional.

{ x | y | z } Alternative keywords are grouped in braces and separated by vertical bars.

Cisco Unified IP Phone 7965G and 7945G Administration Guide for Cisco Unified Communications Manager 6.0

OL-12650-01

xiii

Convention Description

[ x | y | z ] Optional alternative keywords are grouped in brackets and separated by

vertical bars.

string A nonquoted set of characters. Do not use quotation marks around the string

or the string will include the quotation marks.

screen font Terminal sessions and information the system displays are in screen font.

boldface screen font Information you must enter is in boldface screen font.

italic screen font Arguments for which you supply values are in italic screen font.

^ The symbol ^ represents the key labeled Control—for example, the key

combination ^D in a screen display means hold down the Control key while you press the D key.

< > Nonprinting characters, such as passwords are in angle brackets.

Note Means reader take note. Notes contain helpful suggestions or references to material not covered in the

publication.

Preface

Caution Means reader be careful. In this situation, you might do something that could result in equipment

damage or loss of data.

Warnings use the following convention:

Warning

IMPORTANT SAFETY INSTRUCTIONS

This warning symbol means danger. You are in a situation that could cause bodily injury. Before you work on any equipment, be aware of the hazards involved with electrical circuitry and be familiar with standard practices for preventing accidents. Use the statement number provided at the end of each warning to locate its translation in the translated safety warnings that accompanied this device.

Statement 1071

Cisco Unified IP Phone 7965G and 7945G Administration Guide for Cisco Unified Communications Manager 6.0

xiv

OL-12650-01

CHAPTER

An Overview of the Cisco Unified IP Phone

The Cisco Unified IP Phone 7965G and 7945G are full-featured telephones that provide voice communication over an Internet Protocol (IP) network. These phones function much like digital business phones, allowing you to place and receive phone calls and to access features such as mute, hold, transfer, speed dial, call forward, and more. In addition, because Cisco data network, they offer enhanced IP telephony features, including access to network information and services, and customizeable features and services. The phones also support security features that include file authentication, device authentication, signaling encryption, and media encryption.

A Cisco Unified IP Phone, like other network devices, must be configured and managed. These phones encode G.711a, G.711µ, G.722, G.729a, G.729ab, iLBC, and decode G.711a, G.711u, G.722, iLBC, G.729, G729a, G729b, and G729ab. These phones also support uncompressed wideband (16bits, 16kHz) audio.

This chapter includes the following topics:

• Understanding the Cisco Unified IP Phone 7965G and 7945G, page 1-2

• What Networking Protocols Are Used?, page 1-4

• What Features are Supported on the Cisco Unified IP Phone 7965G and 7945G?, page 1-7

Unified IP Phones are connected to your

OL-12650-01

• Understanding Security Features for Cisco Unified IP Phones, page 1-9

• Overview of Configuring and Installing Cisco Unified IP Phones, page 1-18

Caution Using a cell, mobile, or GSM phone, or two-way radio in close proximity to a Cisco Unified IP Phone

might cause interference. For more information, refer to the manufacturer documentation of the interfering device.

Cisco Unified IP Phone 7965G and 7945G Administration Guide for Cisco Unified Communications Manager 6.0

1-1

Chapter 1 An Overview of the Cisco Unified IP Phone

Understanding the Cisco Unified IP Phone 7965G and 7945G

Figure 1-1 shows the main components of the Cisco Unified IP Phone 7965G.

Figure 1-2 shows the main components of the Cisco Unified IP Phone 7945G.

Figure 1-1 Cisco Unified IP Phone 7965G

Figure 1-2 Cisco Unified IP Phone 7945G

101112131415

184913

Cisco Unified IP Phone 7965G and 7945G Administration Guide for Cisco Unified Communications Manager 6.0

1-2

101112131415

184912

OL-12650-01

Chapter 1 An Overview of the Cisco Unified IP Phone

Understanding the Cisco Unified IP Phone 7965G and 7945G

1 Programmable

buttons

Depending on configuration, programmable buttons provide access to:

• Phone lines (line buttons)

• Speed-dial numbers (speed-dial buttons, including the BLF speed-dial

feature)

• Web-based services (for example, a Personal Address Book button)

• Phone features (for example, a Privacy button)

Buttons illuminate to indicate status:

Green, steady—Active call or two-way intercom call

Green, flashing—Held call

Amber, steady—Privacy in use, one-way intercom call, DND active, or logged into Hunt Group

Amber, flashing—Incoming call or reverting call

Red, steady—Remote line in use (shared line or BLF status)

2 Footstand

Allows you to adjust the angle of the phone base.

adjustment button

3 Display button Awakens the phone screen from sleep mode.

No color—Ready for input

Green steady—Sleep mode

4 Messages button Auto-dials your voice message service (varies by service).

5 Directories button Opens/closes the Directories menu. Use it to access call logs and directories.

6 Help button Activates the Help menu.

7 Settings button Opens/closes the Settings menu. Use it to change phone screen and ring

settings.

8 Services button Opens/closes the Services menu.

9 Volume button Controls the handset, headset, and speakerphone volume (off-hook) and the

ringer volume (on-hook).

10 Speaker button Toggles the speakerphone on or off.

11 Mute button Toggles the Mute feature on or off.

12 Headset button Toggles the headset on or off.

Cisco Unified IP Phone 7965G and 7945G Administration Guide for Cisco Unified Communications Manager 6.0

OL-12650-01

1-3

What Networking Protocols Are Used?

Chapter 1 An Overview of the Cisco Unified IP Phone

13 4-way navigation

pad and Select button (center)

Allows you to scroll through menus and highlight items. Use the Select button to select an item that is highlighted on the screen.

Navigation button

• Scroll up and down to see menus and highlight items.

• Scroll right and left to scroll horizontally in multi-column displays.

Select button—scroll to highlight a line using the Navigation button, and then:

• Press to open a menu.

• Press to play a ringer item.

• Press to access other features as described on the screen.

Note The Select button does not take action on all menu items.

14 Keypad Allows you to dial phone numbers, enter letters, and choose menu items.

15 Softkey buttons Each activates a softkey option (displayed on your phone screen).

16 Handset light strip Indicates an incoming call or new voice message.

17 Phone screen Shows phone features.

What Networking Protocols Are Used?

Cisco Unified IP Phones support several industry-standard and Cisco networking protocols required for voice communication.

Table 1-1 provides an overview of the networking protocols that the Cisco

Unified IP Phone 7965G and 7945G supports.

Table 1-1 Supported Networking Protocols on the Cisco Unified IP Phone

Networking Protocol Purpose Usage Notes

Bootstrap Protocol (BootP)

BootP enables a network device such as the Cisco Unified IP Phone to discover certain startup information, such as its IP address.

If you are using BootP to assign IP addresses to the Cisco Unified

IP Phone, the BOOTP Server option shows “Yes” in the network configuration settings on the phone.

Cisco Discovery Protocol (CDP)

CDP is a device-discovery protocol that runs on all Cisco-manufactured equipment.

Using CDP, a device can advertise its existence to other devices and receive information about other devices in the network.

The Cisco Unified IP Phone uses CDP to communicate information such as auxiliary VLAN ID, per port power management details, and Quality of Service (QoS) configuration information with the Cisco Catalyst switch.

Cisco Unified IP Phone 7965G and 7945G Administration Guide for Cisco Unified Communications Manager 6.0

1-4

OL-12650-01

Chapter 1 An Overview of the Cisco Unified IP Phone

What Networking Protocols Are Used?

Table 1-1 Supported Networking Protocols on the Cisco Unified IP Phone (continued)

Networking Protocol Purpose Usage Notes

Dynamic Host Configuration Protocol (DHCP)

Hypertext Transfer Protocol (HTTP)

IEEE 802.1X The IEEE 802.1X standard defines a

Internet Protocol (IP) IP is a messaging protocol that

DHCP dynamically allocates and assigns an IP address to network devices.

DHCP enables you to connect an IP phone into the network and have the phone become operational without you needing to manually assign an IP address or to configure additional network parameters.

HTTP is the standard way of transferring information and moving documents across the Internet and the web.

client-server-based access control and authentication protocol that restricts unauthorized clients from connecting to a LAN through publicly accessible ports.

Until the client is authenticated,

802.1X access control allows only Extensible Authentication Protocol over LAN (EAPOL) traffic through the port to which the client is connected. After authentication is successful, normal traffic can pass through the port.

addresses and sends packets across the network.

DHCP is enabled by default. If disabled, you must manually configure the IP address, subnet mask, gateway, and a TFTP server on each phone locally.

Cisco recommends that you use DHCP custom option 150. With this method, you configure the TFTP server IP address as the option value. For additional information about DCHP configurations, refer to the “Cisco TFTP” chapter in Cisco

Unified

Communications Manager

System Guide.

Cisco Unified IP Phones use HTTP for the XML services and for troubleshooting purposes.

The Cisco Unified IP Phone implements the IEEE 802.1X standard by providing support for the EAP-MD5 option for 802.1X authentication.

When 802.1X authentication is enabled on the phone, you should disable the PC port and voice VLAN. Refer to the

“Supporting 802.1X Authentication on Cisco Unified IP Phones” section on page 1-16 for

additional information.

To communicate using IP, network devices must have an assigned IP address, subnet, and gateway.

Cisco Unified IP Phone 7965G and 7945G Administration Guide for Cisco Unified Communications Manager 6.0

OL-12650-01

IP addresses, subnets, and gateways identifications are automatically assigned if you are using the Cisco Unified

IP Phone with Dynamic Host Configuration Protocol (DHCP). If you are not using DHCP, you must manually assign these properties to each phone locally.

1-5

Chapter 1 An Overview of the Cisco Unified IP Phone

What Networking Protocols Are Used?

Table 1-1 Supported Networking Protocols on the Cisco Unified IP Phone (continued)

Networking Protocol Purpose Usage Notes

Cisco Peer to Peer Distribution Protocol (CPPDP)

Real-Time Control Protocol (RTCP)

Real-Time Transport Protocol (RTP)

Session Initiation Protocol (SIP)

Skinny Client Control Protocol (SCCP)

Session Description Protocol (SDP)

Transmission Control Protocol (TCP)

CPPDP is a Cisco proprietary protocol used to form a peer to peer hierarchy of devices. CPPDP is also used to copy firmware or other files from peer devices to neighboring devices.

RTCP works with Real-Time Transport Protocol (RTP) to provide QoS data (such as jitter, latency, and round trip delay) on RTP streams.

RTP is a standard protocol for transporting real-time data, such as interactive voice and video, over data networks.

SIP is the Internet Engineering Task Force (IETF) standard for multimedia conferencing over IP. SIP is an ASCII-based application-layer control protocol (defined in RFC

3261) that can be used to establish, maintain, and terminate calls between two or more endpoints.

SCCP includes a messaging set that allows communications between call control servers and endpoint clients such as IP Phones. SCCP is proprietary to Cisco Systems.

SDP is the portion of the SIP protocol that determines which parameters are available during a connection between two endpoints. Conferences are established using only the SDP capabilities that are supported by all endpoints in the conference.

TCP is a connection-oriented transport protocol.

CPPDP is used by the Peer Firmware Sharing feature.

RTCP is disabled by default, but you can enable it on a per phone basis using Cisco Unified

Communications Manager. For more information, see the

“Network Configuration” section on page 4-29.

Cisco Unified IP Phones use the RTP protocol to send and receive real-time voice traffic from other phones and gateways.

Like other VoIP protocols, SIP is designed to address the functions of signaling and session management within a packet telephony network. Signaling allows call information to be carried across network boundaries. Session management provides the ability to control the attributes of an end-to-end call.

Cisco Unified IP Phones use SCCP for call control. You can configure the Cisco Unified

IP Phone to use either SCCP or Session Initiation Protocol (SIP).

SDP capabilities, such as codec types, DTMF detection, and comfort noise, are normally configured on a global basis by Cisco Unified Communications Manager or Media Gateway in operation. Some SIP endpoints may allow these parameters to be configured on the endpoint itself.

Cisco Unified IP Phones use TCP to connect to Cisco Unified

Communications Manager

and to access XML services.

Cisco Unified IP Phone 7965G and 7945G Administration Guide for Cisco Unified Communications Manager 6.0

1-6

OL-12650-01

Chapter 1 An Overview of the Cisco Unified IP Phone

What Features are Supported on the Cisco Unified IP Phone 7965G and 7945G?

Table 1-1 Supported Networking Protocols on the Cisco Unified IP Phone (continued)

Networking Protocol Purpose Usage Notes

Transport Layer Security (TLS)

Trivial File Transfer Protocol (TFTP)

User Datagram Protocol (UDP)

TLS is a standard protocol for securing and authenticating communications.

TFTP allows you to transfer files over the network.

On the Cisco Unified IP Phone, TFTP enables you to obtain a configuration file specific to the phone type.

UDP is a connectionless messaging protocol for delivery of data packets.

When security is implemented, Cisco Unified protocol when securely registering with Cisco Unified Manager.

TFTP requires a TFTP server in your network, which can be automatically identified from the DHCP server. If you want a phone to use a TFTP server other than the one specified by the DHCP server, you must manually assign TFTP server from the Network Configuration menu on the phone.

Cisco Unified IP Phones transmit and receive RTP streams, which utilize UDP.

IP Phones use the TLS

Communications

Related Topics

• Understanding Interactions with Other Cisco Unified IP Communications Products, page 2-1

• Understanding the Phone Startup Process, page 2-7

• Network Configuration Menu, page 4-5

What Features are Supported on the Cisco Unified IP Phone 7965G and 7945G?

The Cisco Unified IP Phone functions much like a digital business phone, allowing you to place and receive telephone calls. In addition to traditional telephony features, the Cisco Unified IP Phone includes features that enable you to administer and monitor the phone as a network device.

This section includes the following topics:

• Feature Overview, page 1-8

• Configuring Telephony Features, page 1-8

• Configuring Network Parameters Using the Cisco Unified IP Phone, page 1-9

• Providing Users with Feature Information, page 1-9

Cisco Unified IP Phone 7965G and 7945G Administration Guide for Cisco Unified Communications Manager 6.0

OL-12650-01

1-7

What Features are Supported on the Cisco Unified IP Phone 7965G and 7945G?

Feature Overview

Cisco Unified IP Phones provide traditional telephony functionality, such as call forwarding and transferring, redialing, speed dialing, conference calling, and voice messaging system access. Cisco

Unified IP phones also provide a variety of other features. For an overview of the telephony features that the Cisco

section on page 5-2.

As with other network devices, you must configure Cisco Unified IP Phones to prepare them to access Cisco

Unified Communications Manager and the rest of the IP network. By using DHCP, you have fewer settings to configure on a phone, but if your network requires it, you can manually configure an IP address, TFTP server, and subnet mask. For instructions on configuring the network settings on the Cisco

Unified IP Phones, see Chapter 4, “Configuring Settings on the Cisco Unified IP Phone.”

The Cisco Unified IP Phone can interact with other services and devices on your IP network to provide enhanced functionality. For example, you can integrate the Cisco Lightweight Directory Access Protocol 3 (LDAP3) standard directory to enable users to search for co-workers contact information directly from their IP phones. You can also use XML to enable users to access information such as weather, stocks, quote of the day, and other web-based information. For information about configuring such services, see the

page 5-17 and the “Setting Up Services” section on page 5-18.

Finally, because the Cisco Unified IP Phone is a network device, you can obtain detailed status information from it directly. This information can assist you with troubleshooting any problems users might encounter when using their IP phones. See

Statistics on the Cisco Unified IP Phone,” for more information.

Unified IP Phone supports, see the “Telephony Features Available for the Phone”

Chapter 1 An Overview of the Cisco Unified IP Phone

Unified IP Phones with the corporate

“Configuring Corporate Directories” section on

Chapter 7, “Viewing Model Information, Status, and

Related Topics

• Configuring Settings on the Cisco Unified IP Phone, page 4-1

• Configuring Features, Templates, Services, and Users, page 5-1

• Troubleshooting and Maintenance, page 9-1

Configuring Telephony Features

You can modify certain settings for the Cisco Unified IP Phone from the Cisco Unified Communications Manager Administration application. Use this web-based application to set up phone registration criteria and calling search spaces, to configure corporate directories and services, and to modify phone button templates, among other tasks. See the and Cisco Unified Communications Manager Administration Guide for additional information.

For more information about the Cisco Unified Communications Manager Administration application, refer to Cisco Unified

Unified

within the application for guidance.

You can access the complete Cisco Unified Communications Manager documentation suite at this location:

http://www.cisco.com/en/US/products/sw/voicesw/ps556/tsd_products_support_series_home.html

Related Topic

• Telephony Features Available for the Phone, page 5-2

Communications Manager System Guide. You can also use the context-sensitive help available

Communications Manager documentation, including Cisco

“Telephony Features Available for the Phone” section on page 5-2

Cisco Unified IP Phone 7965G and 7945G Administration Guide for Cisco Unified Communications Manager 6.0

1-8

OL-12650-01

Chapter 1 An Overview of the Cisco Unified IP Phone

Understanding Security Features for Cisco Unified IP Phones

Configuring Network Parameters Using the Cisco Unified IP Phone

You can configure parameters such as DHCP, TFTP, and IP settings on the phone itself. You can also obtain statistics about a current call or firmware versions on the phone.

For more information about configuring features and viewing statistics from the phone, see Chapter 4,

“Configuring Settings on the Cisco Unified IP Phone,” and see Chapter 7, “Viewing Model Information, Status, and Statistics on the Cisco Unified IP Phone.”

Providing Users with Feature Information

If you are a system administrator, you are likely the primary source of information for Cisco Unified IP Phone users in your network or company. To ensure that you distribute the most current feature and procedural information, familiarize yourself with Cisco visit the Cisco

http://www.cisco.com/en/US/products/hw/phones/ps379/tsd_products_support_series_home.html

From this site, you can access various user guides, including wallet cards.

Unified IP Phone web site:

Unified IP Phone documentation. Make sure to

In addition to providing users with documentation, it is important to inform them about available Cisco

Unified IP Phone features—including features specific to your company or network—and about

how to access and customize those features, if appropriate.

For a summary of some of the key information that phone users need their system administrators to provide, see

Appendix A, “Providing Information to Users Via a Website.”

Understanding Security Features for Cisco Unified IP Phones

Implementing security in the Cisco Unified Communications Manager system prevents identity theft of the phone and Cisco call signaling and media stream tampering.

To alleviate these threats, the Cisco IP telephony network establishes and maintains authenticated and encrypted communication streams between a phone and the server, digitally signs files before they are transferred to a phone, and encrypts media streams and call signaling between Cisco

The Cisco Unified IP Phones Series use the Phone Security Profile, which defines whether the device is nonsecure, authenticated, or encrypted. For information on applying the security profile to the phone, refer to Cisco Unified Communications Manager Security Guide.

If you configure security-related settings in Cisco Unified Communications Manager Administration, the phone configuration file will contain sensitive information. To ensure the privacy of a configuration file, you must configure it for encryption. For detailed information, refer to the “Configuring Encrypted Phone Configuration Files” chapter in Cisco Unified Communications Manager Security Guide.

Table 1-2 shows where you can find additional information about security in this and other documents.

Unified Communications Manager server, prevents data tampering, and prevents

Unified IP phones.

Cisco Unified IP Phone 7965G and 7945G Administration Guide for Cisco Unified Communications Manager 6.0

OL-12650-01

1-9

Understanding Security Features for Cisco Unified IP Phones

Table 1-2 Cisco Unified IP Phone and Cisco Unified Communications Manager Security Topics

Topic Reference

Detailed explanation of security, including set up, configuration, and troubleshooting information for Cisco Unified Cisco Unified

Communications Manager and

IP Phones

Security features supported on the Cisco Unified IP Phone

Restrictions regarding security features

Viewing a security profile name See the “Understanding Security

Identifying phone calls for which security is implemented

TLS connection See the “What Networking Protocols

Security and the phone startup process See the “Understanding the Phone

Security and phone configuration files See the “Understanding Phone

Changing the TFTP Server 1 or TFTP Server 2 option on the phone when security is implemented

Understanding security icons in the Communications Manager Communications Manager 5 options in the Device Configuration Menu on the phone

Items on the Security Configuration menu that you access from the Device Configuration menu on the phone

Items on the Security Configuration menu that you access from the Settings menu on the phone

Unlocking the CTL file See the “CTL File Menu” section on

Disabling access to web pages for a phone

1 through

Chapter 1 An Overview of the Cisco Unified IP Phone

Refer to Cisco Unified Communications Manager Security Guide

See the “Overview of Supported

Security Features” section on page 1-11

See the “Security Restrictions” section

on page 1-18

Profiles” section on page 1-14

See the “Identifying Encrypted and

Authenticated Phone Calls” section on page 1-14

Are Used?” section on page 1-4

See the “Understanding Phone

Configuration Files” section on page 2-5

Startup Process” section on page 2-7

Configuration Files” section on page 2-5

See the Table 4-1“Network

Configuration Menu” section on page 4-5

See the “CallManager Configuration

menu” section on page 4-12

See the “Security Configuration

Menu” section on page 4-27

See the “Security Configuration

Menu” section on page 4-32

page 4-33

See the “Disabling and Enabling Web

Page Access” section on page 8-3

Cisco Unified IP Phone 7965G and 7945G Administration Guide for Cisco Unified Communications Manager 6.0

1-10

OL-12650-01

Chapter 1 An Overview of the Cisco Unified IP Phone

Table 1-2 Cisco Unified IP Phone and Cisco Unified Communications Manager Security Topics

Topic Reference

Troubleshooting See the “Troubleshooting Cisco

Deleting the CTL file from the phone See the “Resetting or Restoring the

Resetting or restoring the phone See the “Resetting or Restoring the

802.1X Authentication for Cisco Unified IP Phones

Understanding Security Features for Cisco Unified IP Phones

Unified IP Phone Security” section on page 9-9

Refer to Cisco Unified

Communications Manager Security Guide, Troubleshooting chapter

Cisco Unified IP Phone” section on page 9-15

See these sections:

• “Supporting 802.1X

Authentication on Cisco Unified IP Phones” section on page 1-16

• “802.1X Authentication and

Status” section on page 4-36

• “Troubleshooting Cisco Unified

Overview of Supported Security Features

Table 1-3 provides an overview of the security features that the Cisco Unified IP Phone 7965G and

7945G supports. For more information about these features and about Cisco Unified Communications Manager and Cisco Security Guide.

For information about current security settings on a phone, look at the Security Configuration menus on the phone (choose Settings > Security Configuration and choose Settings > Device Configuration > Security Configuration). For more information, see

Unified IP Phone.”

Note Most security features are available only if a certificate trust list (CTL) is installed on the phone. For

more information about the CTL, refer to “Configuring the Cisco CTL Client” chapter in the Cisco Unified Communications Manager Security Guide.

Unified IP Phone security, refer to Cisco Unified Communications Manager

IP Phone Security” section on page 9-9

Chapter 4, “Configuring Settings on the Cisco

Cisco Unified IP Phone 7965G and 7945G Administration Guide for Cisco Unified Communications Manager 6.0

OL-12650-01

1-11

Chapter 1 An Overview of the Cisco Unified IP Phone

Understanding Security Features for Cisco Unified IP Phones

Table 1-3 Overview of Security Features

Feature Description

Image authentication Signed binary files (with the extension .sgn) prevent tampering with

the firmware image before it is loaded on a phone. Tampering with the image causes a phone to fail the authentication process and reject the new image.

Customer-site certificate installation

Device authentication Occurs between the Cisco Unified Communications Manager server

File authentication Validates digitally-signed files that the phone downloads. The

Signaling Authentication Uses the TLS protocol to validate that no tampering has occurred to

Manufacturing installed certificate

Secure SRST reference

(SCCP pohones only)

Media encryption Uses SRTP to ensure that the media streams between supported

Signaling encryption Ensures that all SCCP signaling messages that are sent between the

Each Cisco Unified IP Phone requires a unique certificate for device authentication. Phones include a manufacturing installed certificate (MIC), but for additional security, you can specify in Cisco Unified

Communications Manager Administration that a certificate be installed by using the CAPF1. Alternatively, you can install an LSC from the Security Configuration menu on the phone. See the

“Configuring Security on the Cisco Unified IP Phone” section on page 3-13 for more information.

and the phone when each entity accepts the certificate of the other entity. Determines whether a secure connection between the phone and a Cisco

Unified Communications Manager should occur, and, if necessary, creates a secure signaling path between the entities using TLS protocol. Cisco

Unified Communications Manager does not register phones unless they can be authenticated by the Cisco

Unified Communications Manager.

phone validates the signature to make sure that file tampering did not occur after the file creation. Files that fail authentication are not written to Flash memory on the phone. The phone rejects such files without further processing.

signaling packets during transmission.

Each Cisco Unified IP Phone contains a unique manufacturing installed certificate (MIC), which is used for device authentication. The MIC is a permanent unique proof of identity for the phone, and allows Cisco

Unified Communications Manager to authenticate the

phone.

After you configure a SRST reference for security and then reset the dependent devices in Cisco

Unified Communications Manager Administration, the TFTP server adds the SRST certificate to the phone cnf.xml file and sends the file to the phone. A secure phone then uses a TLS connection to interact with the SRST-enabled router.

devices proves secure and that only the intended device receives and reads the data. Includes creating a media master key pair for the devices, delivering the keys to the devices, and securing the delivery of the keys while the keys are in transport.

device and the Cisco

Unified Communications Manager server are

encrypted.

Cisco Unified IP Phone 7965G and 7945G Administration Guide for Cisco Unified Communications Manager 6.0

1-12

OL-12650-01

Chapter 1 An Overview of the Cisco Unified IP Phone

Understanding Security Features for Cisco Unified IP Phones

Table 1-3 Overview of Security Features (continued)

Feature Description

CAPF (Certificate Authority Proxy Function)

Security profiles Defines whether the phone is nonsecure, authenticated, or

Encrypted configuration files Lets you ensure the privacy of phone configuration files.

Optional disabling of the web server functionality for a phone

Phone hardening Additional security options, which you control from

Implements parts of the certificate generation procedure that are too processing-intensive for the phone, and it interacts with the phone for key generation and certificate installation. The CAPF can be configured to request certificates from customer-specified certificate authorities on behalf of the phone, or it can be configured to generate certificates locally.

encrypted. See the

“Understanding Security Profiles” section on

page 1-14 for more information.

You can prevent access to a phone’s web page, which displays a variety of operational statistics for the phone.

Cisco

Unified Communications Manager Administration:

• Disabling PC port

• Disabling Gratuitous ARP (GARP)

• Disabling PC Voice VLAN access

• Disabling access to the Setting menus, or providing restricted

access that allows access to the User Preferences menu and saving volume changes only

• Disabling access to web pages for a phone.

Note You can view current settings for the PC Port Disabled,

GARP Enabled, and Voice VLAN enabled options by looking at the phone’s Security Configuration menu. For more information, see the

“Device Configuration Menu”

section on page 4-12.

802.1X Authentication The Cisco Unified IP Phone can use 802.1X authentication to request and gain access to the network. See the

“Supporting 802.1X Authentication on Cisco Unified IP Phones” section on page 1-16

for more information.

1. CAPF = Certificate Authority Proxy Function

Related Topics

• Understanding Security Profiles, page 1-14

• Identifying Encrypted and Authenticated Phone Calls, page 1-14

• Device Configuration Menu, page 4-12

• Supporting 802.1X Authentication on Cisco Unified IP Phones, page 1-16

• Security Restrictions, page 1-18

Cisco Unified IP Phone 7965G and 7945G Administration Guide for Cisco Unified Communications Manager 6.0

OL-12650-01

1-13

Chapter 1 An Overview of the Cisco Unified IP Phone

Understanding Security Features for Cisco Unified IP Phones

Understanding Security Profiles

Cisco Unified IP Phones that support Cisco Unified Communications Manager 6.0 or later use a security profile, which defines whether the phone is nonsecure, authenticated, or encrypted. For information about configuring the security profile and applying the profile to the phone, refer to Cisco Unified Communications Manager Security Guide.

To view the security mode that is set for the phone, look at the Security Mode setting in the Security Configuration menu. For more information, see the

“Security Configuration Menu” section on

page 4-27.

Related Topics

• Identifying Encrypted and Authenticated Phone Calls, page 1-14

• Device Configuration Menu, page 4-12

• Security Restrictions, page 1-18

Identifying Encrypted and Authenticated Phone Calls

When security is implemented for a phone, you can identify authenticated or encrypted phone calls by icons on the screen on the phone.

In an authenticated call, all devices participating in the establishment of the call are authenticated by the

Unified Communications Manager. When a call in progress is authenticated, the call progress icon

Cisco to the right of the call duration timer in the phone screen changes to this icon:

In an encrypted call, all devices participating in the establishment of the call are authenticated by the

Unified Communications Manager. In addition, call signaling and media streams are encrypted.

Cisco An encrypted call offers the highest level of security, providing integrity and privacy to the call. When a call in progress is being encrypted, the call progress icon to the right of the call duration timer in the phone screen changes to this icon:

Note If the call is routed through non-IP call legs, for example, PSTN, the call may be nonsecure even though

it is encrypted within the IP network and has a lock icon associated with it.

Cisco 7965G, CP-7965G, 7945G Administration Manual

Specifications and Main Features

Frequently Asked Questions

User Manual