TANDBERG D12817-05 user manual Optional feature

Page 77

TANDBERG Videoconferencing System

Appendices

Encryption

All TANDBERG systems support both AES* and DES encryption. By default this feature is enabled such that when connecting with any other video system or MCU, a TANDBERG system will attempt to establish a secure conference using AES* or DES encryption. The TANDBERG system will attempt this for both IP and ISDN connections. Where a remote system or MCU supports encryption, the highest common encryption algorithm will be selected on a port by port basis.

The type and status of the encryption negotiated is indicated by padlock symbols and on-screen messages. Encryption on the TANDBERG systems is fully automatic, and provides clear security status indicators;

An open padlock indicates that encryption is being initialized, but the conference is not yet encrypted.

Single padlock indicates DES encryption.

Double padlock indicates AES encryption.

In addition to on-screen indicators the ‘Call Status’ menu provides two information fields regarding call encryption. The first field is the ‘Encryption Code’ which will identify either ‘AES’ or ’DES’. The second field is the ‘Encryption Check Code’ and is comprised of an alphanumeric string. This string will be the same for systems on either side of an encrypted conference. If the Check Codes do not match this would indicate that the call has been exposed to a ‘Man In The Middle’ attack.

When a TANDBERG codec with MultiSite functionality hosts a conference, the highest possible encryption algorithm will be negotiated on a site by site basis. MultiSite conferences can therefore support a mix of AES and DES encrypted endpoints in the same conference.

A conference will only be as secure as its ‘weakest link’. Even though conference participants may have negotiated and be running AES encryption, if just one participant has negotiated DES encryption, the AES system will display the single padlock symbol to advise all users of the lowest encryption mechanism currently in effect.

All TANDBERG endpoint supporting DES encryption can upgrade to AES encryption by applying TANDBERG’s AES Encryption option. Please contact your TANDBERG representative for more information.

The standards supporting the encryption mechanisms employed by TANDBERG are: AES*, DES, H.233, H234 and H.235 with extended Diffie Hellman key distribution via H.320, H.323 and Leased Line connections.

* - Optional feature

77

Image 77
Contents Page Tandberg Videoconferencing System Trademarks and copyright Environmental IssuesOperator Safety Summary Contents Appendices Index Advanced usePeripheral Equipment TIP IntroductionLAN Menu structureAt a glance the Tandberg 550 system Tandberg 550 Videoconferencing SystemCamera Remote controlCodec Table microphoneUnpacking InstallationPrecautions Monitor cables Connecting cablesMicrophone cable 5b. Wireless LAN Insert PC Card Power cableIsdn cables 5a. LAN cableSelect Audio/Video input on monitor Power onMenu System configurationLAN configuration Isdn configurationWelcome menu Getting startedSystem start-up Basics Making a call Making and ending callsTIP Selecting / setting default quality bandwidth Selecting / setting default network Correcting keying mistakes Answer a callEnd a call Directory Delete Entry Add New EntryEdit Entry Do Not Disturb / Sleep Mode Adjusting volumeGeneral use View outgoing video selfviewOn Screen Symbols Controlling the Main Camera Focusing cameraSelecting video sources Moving / zooming cameraVoice Activated Camera Positioning Storing presets PresetsSelecting presets Far end camera control Fecc Sending a snapshot Sending and receiving snapshotsViewing a snapshot Receiving a snapshotExternal MCU control functions Quick Menu Page Text Chat / Closed Captioning Web-interfaceOther PC applications PC SoftPresenterStreaming SnapshotsMain menu Menu PasswordAdvanced use Call quality VGA ResolutionsAudio VideoFar end camera control UtilitiesAutoanswer MCU status line Welcome MenuSystem Name Camera BrightnessAuto Request Floor Web SnapshotsISDN-BRI Settings Terminal SettingsSpids This Service has Limited Access on Some Isdn Networks Parallel dial LAN Settings Page Settings Page Rsvp Advanced H.323 SettingsQoS Type IP Type of Service TOSIP Precedence DiffservIP Settings Page Wireless LAN Settings Increased Encryption Level will Decrease Performance Snmp Settings Video Call Alert Tone / Alert Volume Audio SettingsAudioIn Mode Echo Control Key TonesVGA Settings VNC Settings Access Code Call SettingsIncoming telephone calls Fallback to telephonyEncryption Secure Conference Encryption ModeNetwork Profiles Max Call LengthPage Dataport configuration Software Options LanguageChannel status DiagnosticsSystem info TIP IP Address Conflict Check Restore defaultsCall status Test subsystem View current settingsInterfaces Peripheral EquipmentPage Tracker Document cameraAppendix 1 Security AppendicesAppendices Tandberg Videoconferencing System Optional feature Appendix 2 Using the file system Custom logos · Go to the folder where your logo is located Appendix 3 Declaration of Conformity Index Index Tandberg Videoconferencing System