About this Course

Implementing Cisco Unified Communications Security (UCSEC) v1.0 is a new five-day instructor-led training (ILT) class that is designed to provide students with the necessary knowledge and skills to implement security features in a Cisco Unified Communications environment.

Audience Profile

• Network security specialists, VoIP and network engineers, administrators, and technicians

At Course Completion

Upon completing this course, you will be able to meet these objectives:

• Identify vulnerabilities in Cisco Unified Communications networks, describe security implementation strategies, cryptographic services, PKI, and VPN technologies
• Implement network infrastructure security features such as network separation and firewalling, 802.1X in phone VLANs, and the IP Phone VPN Client
• Harden Cisco Unified Communications endpoints and implement toll-fraud prevention features and Cisco Unified Communications Manager cryptographic security features
• Implement secure Cisco Unified Communications Manager integration with external devices, such as gateways, firewalls, and application proxies

Prerequisites

• Working knowledge of converged voice and data networks
• Working knowledge of Cisco IOS gateways, Cisco Unified SRST gateways, and Cisco Unified Border Element
• Working knowledge of Cisco Unified Communications Manager and Cisco Unified Communications Manager Express
• CCNP® Voice certification recommended
• Knowledge of network security fundamentals
• Knowledge of Cisco IOS Firewall and Cisco ASA adaptive security appliance firewalls
• Knowledge of IPsec or SSL VPNs or both
• CCNA® Security certification is recommended
• Implementing Cisco Voice Communications and QoS (CVOICE) v8.0
• Implementing Cisco Unified Communications Manager, Part 1 (CIPT1) v8.0
• Implementing Cisco IOS Network Security (IINS) v1.0

Course Outline

Lesson 1: Vulnerabilities of Cisco Unified Communications Networks and Security Fundamentals

• Topic 1A: Assessing Vulnerabilities of Cisco Unified Communications Networks
• Topic 1B: Describing Security Implementation Strategies
• Topic 1C: Describing Cryptographic Services and Functions
• Topic 1D: Describing Key Management and PKI
• Topic 1E: Describing IPsec and Cisco AnyConnect SSL VPN

Lesson 2: Network Infrastructure Security

• Topic 2A: Implementing Network Separation and Packet Filtering
• Topic 2B: Implementing Switch Security Features
• Topic 2C: Implementing Cisco AnyConnect SSL VPNs in Cisco Unified Communications Networks

Lesson 3: Cisco Unified Communications Manager and Endpoint Security Features

• Topic 3A: Hardening Cisco Unified Communications Endpoints
• Topic 3B: Implementing Toll-Fraud Prevention
• Topic 3C: Implementing Native Cisco Unified Communications Manager Security Features
• Topic 3D: Implementing Cisco Unified Communications Manager Security Features Based on Security Tokens

Lesson 4: Secure Cisco Unified Communications Integration and Features

• Topic 4A: Implementing SRTP to Gateways and Signaling Protection by IPsec
• Topic 4B: Implementing Secure Signaling and SRTP in SRST and Cisco Unified Communications Manager Express
• Topic 4C: Implementing Trusted Relay Points
• Topic 4D: Implementing Proxies for Secure Signaling and SRTP

Hands On Labs

Lab 1-1: Identifying Security Weaknesses in a Cisco Unified Communications Network

Lab 2-1: Implementing Firewalls

Lab 2-2: Implementing 802.1X

Lab 2-3: Implementing Cisco AnyConnect SSL VPNs

Lab 3-1: Implementing Cisco UC Manager Security Features Based on Security Tokens

Lab 4-1: Implementing SRTP to Gateways and Signaling Protection by IPsec

Lab 4-2: Implementing Secure SRST and Secure Cisco UC Manager Express

Lab 4-3: Implementing Trusted Relay Points

Lab 4-4: Implementing Proxies for Signaling and RTP