Cisco Unified Intelligence Center Software User Guide
CISCO Unified Intelligence Center Software
Introduction
The Cisco Options Package (COP) file provides a way to deploy software outside of the normal maintenance release processes. This document describes how to download and apply the COP file: ciscocuic.12.6.1.3.cop.sgn
Pre-requisites for Installing the COP
You can apply this COP file only to systems that have installed Cisco Unified Intelligence Center (CUIC) Release 12.6(1) FCS build 12.6.1.10000-21, or on top of earlier COP files applicable for this release.
| COP |
Unified Intelligence Center Standalone |
Unified Intelligence Center and LiveData
Coresident |
LiveData Standalone |
| 12.6.1.3 COP | Required | Required | Required |
Patch Version
| File Name | MD5 sum |
| ciscocuic.12.6.1.3.cop.sgn | 52948936abb5eb34139deda57ed0b510 |
| ciscocuic.12.6.1.ES.Rollback.cop.sgn | 9da734cefc1f182dfdfb7c991c2f5722 |
COP Contents and Supported Features List
This COP includes defect fixes as listed in the Resolved Caveats section.
Unsupported Features
None Cisco Unified Intelligence Center
Known Caveats
CSCwa57348: LD gadgets do not load when one side of proxy is down in VPNLess environment If either side of reverse-proxy server is not reachable on VPNLess setup, agents/supervisors logging into Finesse desktop will not be able to view the LiveData Gadgets. LiveData gadget should load properly when the reverse proxy server comes back online. Already logged-in agents should not see any problems if one side of reverse proxy server goes down.
- Cisco Unified Intelligence Center
Feature Updates and Resolved Caveats in Release 12.6(1) ES03
New Features
All Users Group Access
The set cuic properties allow-allusers-group-ui command is used to enable or disable the access to AllUsers group in the permissions modal. By default, the value is set to off. By setting this parameter to on, AllUsers group will be visible in the permission modal for non-administrative entity owners to assign permissions. Any users who do not have Security Administrator role are called non-administrative entity owners.
Note: Restart the CUIC Reporting service after running the command on each node.
Configurable Reverse-Proxy Host Verification
You can enable and disable SSL certificate verification for connections that are established from reverse-proxy hosts to Cisco Web Proxy Service by using the utils system reverse-proxy client-auth CLI command. For more information about reverse-proxy host authentication see the Configure Reverse-Proxy Host Authentication section in Cisco Unified Contact Center Enterprise Features Guide.
Resolved Caveats in Release 12.6(1) ES03
This COP file resolves the following caveats.
Table 1: LiveData Caveats – Resolved in CUIC 12.6(1) ES03
| Identifier | Headline |
| CSCwa46810 | log4j2 zero day vulnerability in LiveData |
Unified Intelligence Center Caveats – Resolved in CUIC 12.6(1) ES03
| Identifier | Headline |
| CSCwa26057 | Multiple Certificates offered to agent during finesse desktop login |
| CSCwa24519 | Webproxy service fails to restart if reverse proxy hostname is not resolvable from component |
| CSCwa23252 | Proxy finesse trust is broken when depth is more than one for CA certs chain |
| CSCvz08764 | Delete of allowed-hosts is not working as expected |
| CSCvz08779 | IP tables rules are not getting retained after build to build upgrade across solution |
| CSCwa37849 | MultipleIP resolution for Proxy hostnames is not supported on VOSboxes when configuring VPNLessprox |
| CSCwa46525 | log4j2 zero day vulnerability in CUIC |
Feature Updates and Resolved Caveats in Release 12.6(1) ES02
Updated Features
VPN-Less Finesse
This feature enables the contact center agents and supervisors to access the Finesse desktop without using the VPN. The agents will now be able to access and load the LiveData gadgets without connecting to VPN. The supervisors will now be able to access LiveData and Historical gadgets without connecting to VPN.
Note:
To use VPN-Less access to Finesse desktop feature, you must upgrade Finesse, IdS, and CUIC to release 12.6(1) ES03. If you are using LiveData 12.6(1), LiveData should also be upgraded to 12.6(1) ES03. To enable this feature, please see section VPN-Less Access to Finesse Desktop in Cisco Unified Contact Center Enterprise Features Guide.
Table 3: LiveData Caveats – Resolved in CUIC 12.6(1) ES02
| Identifier | Headline |
| CSCvz76584 | Livedata APIs in SSO mode fails with LD auth header |
Unified Intelligence Center Caveats – Resolved in CUIC 12.6(1) ES02
| Identifier | Headline |
| CSCvy96449 | SQL query changes on Anonymous Block report definitions causes filters loss on reports associated |
| CSCvz34912 | Caching headers are not proper for cuicui |
| CSCvz84821 | Incorrect logging for historical report execution and IDS SSOValve logs |
| CSCvz59094 | CUIC:UCCE 12.5 unable to export reports intermittently |
| CSCwa07492 | Reports taking server timezone after install of ES11 for 12.5.1 |
| CSCwa11745 | Threshold images are not shown in CUIC Report viewer |
Support for ECDSA Certificates
ECDSA is an encryption algorithm that requires much shorter keys as compared to RSA but provides the same level of security as RSA encryption. Because of this it has an advantage of performance and scalability and requires a lesser load for the network. To enable this feature, run the set tls server cert_type command from CLI. Running this command will restart the node. For more information see, the section Enabling ECDSA Certificate in Security Guide for Cisco Unified ICM/Contact Center Enterprise.
Note: Clear the Finesse web proxy cache by running the CLI on all Finesse nodes, utils web proxy cache clear all to load the gadgets, and clear the browser cache to access CUIC with the new certificate type.
Note: After changing the Certificate Type, import the new certificates into the nodes that use these certificates:
- Import CUIC certificates to Finesse and LiveData.
- Import LiveData certificates to Finesse and CUIC.
VPN-Less Finesse
This feature enables the contact center agents to access the Finesse desktop without using the VPN. The agents will now be able to access and load the live data reports without connecting to VPN.
Note: To use VPN-Less access to the Finesse desktop feature, you must upgrade Finesse, IdS, and CUIC to Release 12.6(1) ES01. If you are using Unified CCE 12.6, you must update Live Data also to 12.6(1) ES01. In 12.6(1) ES01, VPN-less access to the Finesse Desktop is supported only for Agents. Supervisors must connect to VPN to access the Finesse desktop. To enable this feature, please see section VPN-Less Access to Finesse Desktop in Cisco Unified Contact Center Enterprise Features Guide.
Note:
- CUIC application will not be accessible in the VPN-Less environment.
- Historical and Real-Time Reports gadgets are not accessible in the VPN-Less environment
Cisco Unified Intelligence Center
LiveData Caveats – Resolved in CUIC 12.6(1) ES01
| Identifier | Headline |
| CSCvz06351 | Handle SocketIO Authentication token in HTTP Header |
Unified Intelligence Center Caveats – Resolved in CUIC 12.6(1) ES01
| Identifier | Headline |
| CSCvy19226 | Few RTMT interval counters are not populated |
| CSCvy32170 | Unauthenticated end point /rest/usersessiondetail/ gives back session id and username |
| CSCvy35385 | Address the UI issues caused by accessibility fixes |
| CSCvy35410 | Accessibility UI issues on loading login/logout |
| CSCvy77589 | CUIC Switcher: When in focus, one more text box appears in switcher search, in the reports filter dialog |
| CSCvy95404 | CUIC Accessibility: Focus is incorrect with buttons and refresh icons |
| CSCvy84713 | When in focus, one more text box appears in all search places -Report, Dashboard, RD, User, VL etc. |
| CSCvy29543 | Session Token in URL |
| CSCvz06351 | Handle SocketIO Authentication token in HTTP Header |
Special Instructions
Live Data Compatibility
For LiveData Reports to function with 12.6 ES03, the latest ES needs to be applied on LiveData nodes. Please refer to the table below for compatible LiveData ES.
| LiveData 12.6 | LiveData 12.5 | LiveData 12.0 | |
| CUIC 12.6 ES03 | ES03 | ES11 or latest ES | ES17 or latest ES |
Accessing Platform Web Applications using Chrome Browser
This section is applicable only if you are using a Chrome browser to access the Platform web applications, such as Cisco Unified OS Administration, Cisco Unified Serviceability, Disaster Recovery System and Cisco Unified Intelligence Center Administration. If you are using the self-signed certificates, add the certificates to the Client OS trust store to access the administrative web applications. Follow the instructions below:
- Downloading the Server Certificate from CUIC Node in Administration Console User Guide for Cisco Unified Intelligence Center Cisco Unified Intelligence Center.
- Adding Certificate to Trusted Root Certification Authorities on Windows Client System in Administration Console User Guide for Cisco Unified Intelligence Center.
- Adding Certificate to Keychain Access in Mac Client Machine in Administration Console User Guide for Cisco Unified Intelligence Center.
Clear Browser Cache
After installing the Cisco Unified Intelligence Center 12.6(1) ES03 COP file, ensure that you clear your browser’s cache.
Clear Finesse Cache
If the Agent State History gadget does not load with proper UX on the Finesse desktop, follow these steps:
- Step 1: Log in to Finesse CLI and enter the command utils web proxy cache clear all to clear the Finesse cache.
- Step 2: Clear the browser cache.
Downloading the COP File
Download the COP file ciscocuic.12.6.1.3.cop.sgn from the Software Download Areas – Unified Intelligence Center 12.6(1). Place the COP file on an SFTP server that can be accessed from your Cisco Unified Intelligence Center 12.6(1) servers.
Installing the COP
The following procedure describes how to use the CUIC Command Line Interface (CLI) to install the COP file.
IMPORTANT: You must use the CLI to perform this upgrade. Do not use the Cisco Unified Operating System Administration page to perform this upgrade because the installation may hang.
- Step 1: Log in to the Cisco Unified Intelligence Center CLI. To log in to the CLI, specify the System Administrator username and password.
- Step 2: Enter the command utils system upgrade initiate to start the COP installation.
- Step 3: Select source 1) Remote Filesystem via SFTP.
- Step 4: Enter the remote path to the directory on the SFTP server where you downloaded the COP file.
Note:- If the COP file is located on a Linux or UNIX server, enter a forward slash (/) at the beginning of the directory path. For example, if the COP file is in the patches directory, enter /patches.
- If the COP file is located on a Windows server, check with your system administrator for the correct directory path.
Cisco Unified Intelligence Center
- Step 5: Enter the SFTP server name or IP address.
- Step 6: Enter the Username and Password to the SFTP server.
- Step 7: Press Enter to skip the prompt “Please enter SMTP Host Server (optional)”.
- Step 8: Wait until the system displays a list of COP files available at the SFTP location. Select the number corresponding to the COP file that you want to install.
- Step 9: Type Yes to continue the installation.
- Step 10: Reboot the machine using the command utils system restart after the COP installation is complete.
- Step 11: Check for the deployment type:
- If this deployment is a single-node cluster, your installation ends here.
- If this deployment is a multi-node cluster repeat the installation procedure (from Step 1) on the other nodes.
Note: Installing the ciscocuic.12.6.1.3.cop.sgn COP file uninstalls the existing language pack. Hence, you must reinstall the language pack COP.
Rollback COP
Use the following Rollback COP file to roll back to the First Customer Shipment (FCS) version.
Note: The CUIC Rollback COP file removes all the previous ESs installed on the system and reverts your system to the FCS version (in this case, Cisco Unified Intelligence Center Release 12.6(1)). Also, Rollback cannot be applied if the server certificate type is configured to ECDSA. To apply the Rollback COP, change the server certificate type to RSA. See set tls server cert_type section in Administration Console User Guide for Cisco Unified Intelligence Center.
- Rollback COP file: ciscocuic.12.6.1.ES.Rollback.cop.sgn
- MD5 Checksum: 9da734cefc1f182dfdfb7c991c2f5722
Note: To install the Rollback COP, follow the steps outlined in the Installing the COP section.