Database access is secured using the embedded Red Hat, iptables dynamic firewall and a database security password.
The procedure to allow new subscribers to access the database on the publisher is as follows: cisco uc
Step 1 Add the subscriber to the publisher database using CUCM Administration.
Step 2 During installation of the subscriber, enter the same database security password that was entered during installation of the publisher.
After this configuration, the following process occurs to replicate the database from the publisher to the newly added subscriber:
The subscriber attempts to establish a connection to the publisher database using the database management channel.
The publisher verifies the subscriber's authenticity and adds the subscriber's IP address to its dynamic firewall (iptables).
The subscriber is allowed to access the publisher database.
The database content is replicated from the publisher to the subscriber.
Figure 1-6 illustrates the iptables firewall allowing subscriber access to the publisher database.
Database Access Control
CUCM Licensing
Licensing is implemented in CUCM beginning with Release 5.0. Administration of license management is done through CUCM GUI administration, allowing accurate tracking of active device registrations compared to the license units that have been purchased. License enforcement occurs at the time of phone provisioning and CUCM service activation.
The publisher is the only licensing server. The licensing server is the logical component that keeps track of the licenses purchased and the licenses used. If the publisher fails, no new phones can register, and no configuration changes will be allowed. Existing phones will continue to operate during a publisher outage.
CUCM tracks the license compliance for devices, applications, and software as follows:
Device units licenses: The maximum number of provisioned devices in the CUCM database will be tracked and enforced. Route points and CTI ports are not enforced.
Application licenses: Application licenses are required for every call-processing server running the CallManager service. Application licenses are tied to the MAC address of the network interface card (NIC) of the server.
Software licenses: Software licenses are tied to the major version of the software. Software licenses are required for upgrade to CUCM 6.
Licenses are created and distributed in accordance with the Cisco FlexLM process.
These two types of product IDs are available:
Cisco device license units: Cisco device license units (DLU) are for Cisco devices only.
Third-party device license units: Third-party DLUs can be converted to Cisco units, but not vice versa.
CUCM tracks the number of units required by each device, Each device type corresponds to a fixed number of units.
The number of DLUs consumed per device depends on the device type and capabilities of the phone.
No comments:
Post a Comment