© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v Secure IP Telephony Configuring Cisco IP Telephony Authentication and Encryption

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v Authentication and Encryption Overview Cisco Unified CallManager supports authentication and encryption between: A supported IP phone and Cisco Unified CallManager for signaling messages Two supported IP phones within a cluster for media exchange A supported IP phone and a supported MGCP or H.323 gateway Media Exchange Using SRTP Signaling Messages over TLS Authenticated and Encrypted Call Signaling Messages over TLS

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v Authentication and Encryption Configuration Checklist Enable security services: –Cisco CTL Provider –CAPF Use the Cisco CTL client to activate security options: –Activate secure mode –Create a signed CTL Configure devices for security: –Select MICs versus LSCs –Set device security mode (authenticated or encrypted) –Set CAPF parameters if LSCs are used

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v Enabling Services Required for Security Activate these services for security using Cisco Unified CallManager Serviceability: Cisco CTL Provider on all Cisco Unified CallManager nodes and Cisco TFTP servers in the cluster Cisco CAPF on the publisher server only

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v Installing the Cisco CTL Client Cisco CTL client is installed from Cisco Unified CallManager Install Plugins window. Cisco CTL client can be installed on any Windows workstation or server with a USB port. Smart Card service has to be activated.

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v When to Use the Cisco CTL Client For the initial activation of secure calls When changing the cluster security mode After modifying Cisco Unified CallManager or Cisco TFTP server configuration (adding, removing, renaming, or changing the IP address) After adding or removing a security token After replacing or restoring a Cisco Unified CallManager or Cisco TFTP server

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v Setting the Cluster Security Mode There are two modes: Secure modeallows secure calls between compatible phones Non-Secure mode default configuration without any authenticated and encrypted calls

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v Updating the CTL Allows changing the CTL (necessary after adding or removing components) New CTL has to be signed by a security token

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v Working with LSCs Cisco Unified IP Phone 7940 and 7960 models do not have MICs; those IP phones work only with LSC. The Cisco Unified IP Phone 7971, 7970, 7961, 7941, and 7911 models can use either MICs or LSCs (if an LSC is installed, it has higher priority than a MIC). CAPF is used to sign IP phone LSCs: –CAPF can act as a CA itself, signing the LSCs. –CAPF can act as a proxy to an external CA.

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v CAPF Service Configuration Parameter Used to set the certificate issuer (CAPF itself or external CA) and address of external CA (currently not supported in Cisco Unified CallManager 5) Allows modification of default values, such as the key size or certificate lifetime

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v CAPFConfiguration Options Used to load LSCs into IP phones Four possible certificate operations (found at the Phone Configuration page): –Install/Upgrade –Delete –Troubleshoot –No Pending Operation Four possible authentication modes (found at phone Security Profile Configuration page: –Authentication String –Null String –Existing LSC –Existing MIC

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v Security Profiles CAPF authentication mode is configured by using SCCP or SIP phone security profiles. Phone security profile is then assigned to the phone. Security profiles are found under System > Security Profile.

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v Default SCCP Phone Security Profiles A number of SIP and SCCP phones profiles exist to cover a wide range of authentication and encryption use cases. You can customize these as necessary. SCCP Security Profiles

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v Configuring CAPF Authentication Mode Using Phone Security Profiles Phone Configuration Page SCCP Security Profile Configuration Page CAPF authentication mode and key size are set at the Phone Security Profile. Phone security profile is assigned to phone.

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v Example: First-Time Installation of a Certificate with Manually Entered Authentication String Set Certificate Operation option to Install/Upgrade at Phone Configuration page. Set Authentication Mode to By Authentication String in phone security profile. Reset the IP phone. The user initiates installation of certificate from IP phone Settings menu. The user has to enter the authentication string (after a prompt). If successful, the certificate is issued.

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v Example: Certificate Upgrade Using an Existing LSC Set Certificate Operation to Install/Upgrade at Phone Configuration page. Set Authentication Mode to By Existing Certificate (Precedence to LSC) at phone security profile. Reset the IP phone. The IP phone will automatically contact CAPF for update. The existing certificate will be used to authenticate the new enrollment.

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v Enabling Authentication and Encryption Authentication and encryption are enabled by setting the device security mode in phone security profiles. There are three options: Non Secure Authenticated Encrypted SCCP Security Profile Configuration Page

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v Actual Security Mode Depends on Configuration of Both Phones Phone 2 Non SecureAuthenticatedEncrypted Phone 1 Non Secure AuthenticatedNon SecureAuthenticated EncryptedNon SecureAuthenticatedEncrypted If any of the devices is set to Non Secure, an insecure call is placed. If both devices are set to Encrypted, an encrypted call is placed (the call is authenticated and encrypted). In all other situations, an authenticated call is placed.

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v Finding Phones Using the Find and List Phones Window The Find and List Phones window can be used to search for security-related settings. You can use the Search Within Results option to search for multiple criteria.

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v Generating a CAPF Report CAPF reports can be created from Cisco Unified CallManager Administration –Go to the Find and List Phones page. –Select CAPF Report in File option from Related Links and click Go. Generates a CSV file that is downloaded by your browser

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v CAPF Report Example CAPF Report File Opened with Microsoft Excel

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v Digest Authentication Digest authentication allows Cisco Unified CallManager to challenge the identify of a SIP device or application when it sends SIP requests. Digest authentication is based on a client/server model. Cisco Unified CallManager can challenge SIP devices over its SIP trunk and can respond to challenges received on its SIP trunk interface as a client. When digest authentication is enabled for a phone, Cisco Unified CallManager challenges all SIP phone requests except keepalive messages. Cisco Unified CallManager does not respond to challenges from line-side phones.

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v Digest Authentication versus TLS Use digest authentication on the Cisco Unified IP Phone 7905, 7940, and 7960 models, and use TLS on Cisco Unified IP Phone 7911, 7941, 7961, 7970, and 7971 models. You must use digest authentication for third-party SIP phones. Digest authentication provides authentication only using an MD5 hash of the username and password. TLS uses X.509 mutual certificate-based authentication. To ensure integrity and confidentiality for the device, configure the TLS protocol for the device, if the device supports TLS. If the device supports encryption, configure the device security mode as encrypted and enable encrypted configuration files.

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v Configuring Digest Authentication 1. Check the Enable Digest Authentication check box in the SIP phone security profiles. 2. Apply a SIP phone security profile to the phone. 3. Configure the digest credentials in the End User Configuration window. 4. Choose the digest user in the Phone Configuration window.

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v Configuring Digest Authentication (Cont.) 12 Phone Configuration Page

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v Configuring Digest Authentication (Cont.) 3 4 Phone Configuration Page

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v Encrypted Configuration Files New Cisco Unified CallManager Release 5 feature that protects privileged information contained in TFTP configuration file: –SIP digest authentication credentials –SSH passwords used for CLI debugging (Cisco IP Phone 7971, 7970, 7961, 7941, and 7911) –Server addresses such as Cisco Unified CallManager, TFTP, and CAPF Supported on all SIP loads and enhanced phone SCCP loads (Cisco Unified IP Phone 7971, 7970, 7961, 7941, and 7911) Integrity provided by signing the configuration file for SCCP and SIP loads (introduced in Cisco Unified CallManager Release 4.1)

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v How Phones Get Encrypted Configuration Files How the phone gets an encrypted configuration file depends on whether the phone has a certificate installed. If the phone has a certificate, Cisco Unified CallManager uses the public key to encrypt the configuration file. If not, you must manually enter the encryption key or digest credentials into the phone. –Cisco Unified IP Phone 7905 and 7912 do not support Cisco PKI. –Cisco Unified IP Phone 7940 and 7960 do not support Cisco PKI when running SIP. –Cisco Unified IP Phone 7905 and 7912 have a writable web servercopy and paste the key into the phone using web access to the phone. –Cisco Unified IP Phone 7940 and 7960 have a read-only web servermanually enter the key into the phone using the phone keypad.

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v Configuring Encrypted Configuration Files 1. Verify that the cluster security mode is set to Secure. 2. Set the TFTP Encrypted Configuration parameter to True (requires a reset of all services). 3. Determine whether your phone supports manual or symmetric encryption and follow procedures (same as 4.1) to enter the key into the phone. 4. Verify that the phone received an encrypted configuration file. This procedure assumes a secure staging environment!

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v PKI Topology in Cisco IP Telephony with Secure SRST With secure SRST, the SRST gateway obtains a certificate from some CA (can be local to router). SRST IP Phone CA Credentials Service LSC SRST Certificate MIC SRST Gateway Certificate CAPFCCMTFTP

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v SRST Credentials Service PKI Topology in Cisco IP Telephony with Secure SRST (Cont.) The Cisco Certified CallManager obtains the SRST router certificate and includes it in phone configuration files. The SRST router obtains phone CA certificates. CAPF/Cisco Root CA SRST Certificate SEPMACxxxx.cnf.xml: SRST Certificate IP Phone CA LSC MIC SRST Certificate Exchange CAPFCCMTFTP

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v PKI Topology in Cisco IP Telephony with Secure SRST (Cont.) Cisco Certified CallManager: Imports SRST certificate from the gateway over the network Manual certificate fingerprint verification required SRST gateway: Runs the credentials service to provide own certificate to Cisco Certified CallManager Imports phone CA certificates manually srst(config)#crypto pki trustpoint 7970 srst(ca-trustpoint)# enrollment terminal srst(ca-trustpoint)# revocation-check none srst(ca-trustpoint)#exit srst(config)#crypto pki authenticate 7970 Enter the base 64 encoded CA certificate. End with a blank line or the word "quit" on a line by itself (paste the certificate) : quit Certificate has the following attributes: Fingerprint MD5: F7E150EA 5E6E3AC5 615FC C9F Fingerprint SHA1: 1BE2B503 DC72EE28 0C0F6B D8 D3B18BE6 % Do you accept this certificate? [yes/no]: y Trustpoint CA certificate accepted. % Certificate successfully imported SRST Certificate Verification

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v PKI Topology in Cisco IP Telephony with Secure SRST (Cont.) The phone connects to the SRST router via TLS and sends keepalives after bootup. The phone registers to SRST via SCCPor TLS after Cisco Certified CallManager failure. From this point, this process works like normal SRST. SRST SEPMACxxxx.cnf.xml: SRST Certificate IP Phone CA LSC MIC SRST SCCP/TLS Establishment CAPFCCMTFTP TLS

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v SIP Trunk Encryption Digest authentication is only an MD5 hash of username, password, SIP URI, and so on. Digest authentication does not provide confidentiality of signaling packets. SIP trunk encryption can be used for that. SIP trunk encryption protects only signaling. There is no SRTP support on SIP trunks.

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v Configuring SIP Trunk Encryption Create the SIP trunk security profile and add it to the SIP trunk. One SIP trunk security profile is provided by default (Non Secure SIP Trunk Profile). SIP Trunk Configuration Page SIP Trunk Security Profile Configuration Page

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v SRTP to MGCP gateways is supported starting in Cisco Unified CallManager Release 4. Cisco Unified CallManager generates the keys and sends them to the MGCP gateway. This key exchange is not protected (that is keys are sent in cleartext). IPsec should be used to protect key exchange. Gateway has to support the SRTP package; no further configuration is needed. SRTP to MGCP Gateways

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v SRTP to H.323 gateways is supported, starting in Cisco Unified CallManager Release 5. The H.323 device generates the SRTP session keys and sends them to Cisco Unified CallManager. This key exchange is not protected (that is, keys are sent in cleartext). IPsec should be used to protect key exchange H.323 gateways or trunks have to be configured for SRTP. SRTP to H.323 Trunks or Gateways

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v SRTP Allowed Check Box H323 Gateway Outbound Faststart check box is dimmed when SRTP is enabled. H.323 SRTP Cisco Unified CallManager Configuration

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v voice service voip srtp or srtp fallback router(config)# voice-card 1 codec complexity secure router(config)# Command only used on DSP 549- and 5421-based voice cards. Not required on DSP 5510 (PVDM2) cards. Gateway configuration: 12.4(6)T Hardware that supports SRTP (H.323, MGCP, SIP) NM-HDV2 (all flavors) NM-HDV (all flavors) NM-HD-1V/2V/2VE PVDM2 AIM-VOICE-30 AIM-ATM-VOICE-30 H.323 SRTP Gateway Configuration

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v Authentication and Encryption for CTI, JTAPI, and TAPI in Cisco Unified CallManager Cisco Unified CallManager Release 5 supports secure signaling connections and media streams to CTI, JTAPI, and TAPI applications. The mechanisms and protocols to secure CTI, JTAPI, and TAPI applications are the same as used elsewhere in the Cisco PKI system: TLS is used for mutual authentication and secure signaling. SRTP is used for encrypted media. CAPF issues LSCs to applications and end users.

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v Download CTL File Authentication and Encryption for CTI, JTAPI, and TAPI CTI, JTAPI, and TAPI Applications TFTP CTL File Public Key of Cisco Unified CallManager, CAPF, TFTP… CAPF Issue LSC Cisco CTIManager Authenticated and Encrypted TLS Signaling, including Download of SRTP Session Keys Cisco CTIManager Exchange Secure Media Streams TLS Certificate Exchange Exchange Public Keys to Mutually Authenticate Cisco CTIManager SRTP

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v Configuring Authentication and Encryption for CTI, JTAPI, and TAPI 1. For TLS between Cisco CTIManager and the application, add the application user or end users to the Standard CTI Secure Connection user group. 2. For SRTP between Cisco CTIManager and the application, add the application user or end user to the Standard CTI Allow Reception of SRTP Key Material user group. The user or application must also exist in the Standard CTI Enabled and Standard CTI Secure Connection to use TLS and SRTP connections. 3. Configure the Application User CAPF Profile or End User CAPF Profile. 4. Enable the corresponding security-related parameters in the CTI, JTAPI, or TAPI application.

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v Security User Groups SRTPStandard CTI Allow Reception of SRTP Key Material SRTP or TLSStandard CTI Enabled and Standard CTI Secure Connection. For TLS or SRTP For SRTP

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v Configuring CAPF Profiles CAPF issues LSCs to applications (Application User CAPF Profile) and CTI clients (End User CAPF Profile) One application user CAPF profile corresponds to a single instance of the service or application on a server. Configure a unique instance ID per application.

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v IPsec in Cisco Unified CallManager Overview Cisco Unified CallManager Release 5 allows IPsec to be set up using preshared key or X.509 certificates. Authentication-only IPsec is automatically provisioned between all cluster members: –Authenticates cluster members to each other –Used to build dynamic iptables firewall –Does not provide confidentiality (data encryption) Authenticated or encrypted IPsec to other devices can also be configured. –Recommendation is to do is on network devices

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v Sample IPsec Applications H.323 Gateway SRTP IPsec Connection Not recommended to be configured on Cisco Unified CallManager itself Use closest possible network device instead TLS H.323 Cisco Unified CallManager IP Phone MGCP Gateway SRTP MGCP Cisco Unified CallManager TLS Intercluster Trunk

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v IPsec Configuration Set up new IPsec connection Allows the user to create a new policy for an extra-cluster IPsec connection Display or change IPsec connection Displays existing policies Allows user to modify user- defined policies Note: The PLATFORM_IPSEC policy is read-only. Platform Administration Security Menu

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v Set Up an IPsec Association

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v Summary Cisco Unified CallManager features authentication and encryption. The Cisco CTL Provider service and the Cisco CAPF service need to be enabled for secure telephony. The Cisco CTL client, software that is used to sign the CTL by utilizing a security token, needs to be installed manually. The Cisco CTL client needs to be executed whenever CTL entries change. Cisco IP telephony allows the use of LSCs on all security- enabled IP phones. Devices can be configured for insecure calls, authenticated calls only, or authenticated and encrypted calls. Security-enabled phones can be found by using CAPF reports or by using the Find and Select Phones window.

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v Summary (Cont.) Digest authentication can be used on SIP trunks and phones that do not support TLS. Phone configuration files can be encrypted so that sensitive content cannot be sniffed on the network. SRST gateways support TLS, providing secure calls even in cases where Cisco Unified CallManager is not reachable and phones register with SRST gateways instead. Cisco Unified CallManager supports TLS on SIP trunks and SRTP to MGCP and H.323 gateways. TLS and SRTP can be used between CTI, JTAPI, and TAPI applications and Cisco CTIManager. IPsec can be used if no application layer protection is supported.

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v