Call Manager 4.X runs on a Windows 2000 platform and this is important to ensure that the MCS OS is properly hardened so that it can’t be attacked and compromised. One of the first things to ensure is that Cisco patches and updates are installed to protect against security threats.

It is also important to ensure that Call Manager servers are not used for any other services other than those provided by Call Manager (so no file and print server, no ftp, no application server and so on).It is also important to have a minimum amount of account configured on the server and the password must be strong.

It you can have an anti-virus solution combined with CSA then it is perfect.