TANDBERG D12155-10 user manual 112

Page 112

Appendices

TANDBERG Videoconferencing System

Encryption

All TANDBERG systems support both AES* and DES encryption. By default this feature is enabled such that when connecting with any other video system or MCU, a TANDBERG system will attempt to establish a secure conference using AES* or DES encryption. The TANDBERG system will attempt this for both IP and ISDN connections. Where a remote system or MCU supports encryption, the highest common encryption algorithm will be selected on a port by port basis.

The type and status of the encryption negotiated is indicated by padlock symbols and on-screen messages. Encryption on the TANDBERG systems is fully automatic, and provides clear security status indicators;

An open padlock indicates that encryption is being initialized, but the conference is not yet encrypted.

Single padlock indicates DES encryption.

Double padlock indicates AES encryption.

In addition to on-screen indicators the ‘Call Status’ menu provides two information fields regarding call encryption. The first field is the ‘Encryption Code’ which will identify either ‘AES’ or ’DES’. The second field is the ‘Encryption Check Code’ and is comprised of an alphanumeric string. This string will be the same for systems on either side of an encrypted conference. If the Check Codes do not match this would indicate that the call has been exposed to a ‘Man In The Middle’ attack.

When a TANDBERG codec with MultiSite functionality hosts a conference, the highest possible encryption algorithm will be negotiated on a site by site basis. MultiSite conferences can therefore support a mix of AES and DES encrypted endpoints in the same conference.

A conference will only be as secure as its ‘weakest link’. Even though conference participants may have negotiated and be running AES encryption, if just one participant has negotiated DES encryption, the AES system will display the single padlock symbol to advise all users of the lowest encryption mechanism currently in effect.

All TANDBERG endpoint supporting DES encryption can upgrade to AES encryption by applying TANDBERG’s AES Encryption option. Please contact your TANDBERG representative for more information.

The standards supporting the encryption mechanisms employed by TANDBERG are: AES*, DES, H.233, H234 and H.235 with extended Diffie Hellman key distribution via H.320, H.323 and Leased Line connections.

NOTE

THE TANDBERG AES IMPLEMENTATION IS VALIDATED AS CONFORMING TO THE ADVANCED ENCRYPTION STANDARD (AES) ALGORITHM, AS SPECIFIED IN FEDERAL INFORMATION PROCESSING STANDARD PUBLICATION 197, ADVANCED ENCRYPTION STANDARD, BY THE THE NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY (NIST)

* - Optional feature

112

Image 112
Contents UserManual Tandberg Videoconferencing System Environmental Issues Trademarks and copyrightOperator Safety Summary Contents Peripheral Equipment Advanced useAppendices 104 Index 114 Introduction TIPMenu structure LANTandberg 2500 Videoconferencing System At a glance the Tandberg 2500 systemMonitors V.E. II CameraCodec Remote control CabinetTable microphone Precautions InstallationUnpacking Page Connecting cables Power cableMonitor cables Microphone cableMonitor configuration 5a. Isdn cables using BRI interface5b. Other networks using the External Network interface LAN cableSystem configuration MenuIsdn configuration LAN configuration System start-up Getting startedWelcome menu Basics Making and ending calls Making a callTIP Selecting / setting default quality bandwidth Selecting / setting default network End a call Answer a callCorrecting keying mistakes Directory Press D Irectory to bring up the following menuEdit Entry Add New EntryDelete Entry Add MultiSite Entry Add SiteAdjusting volume General useView outgoing video selfview Microphone on/offDo Not Disturb / Sleep Mode On Screen SymbolsFocusing camera Controlling the Main CameraSelecting video sources Moving / zooming cameraVoice Activated Camera Positioning Selecting presets PresetsStoring presets Far end camera control Fecc Sending and receiving snapshots Sending a snapshotViewing a snapshot Receiving a snapshotDuo Video Add Duo VideoEnd a Duo Video call MultiSite MCU Establishing MultiSite meetings using Directory MultiSite cascadingAdding an extra site dial out Disconnecting sites from a conference Adding an extra site dialPC Presenter PC SoftPresenterWeb-interface Text Chat / Closed CaptioningStreaming Other PC applicationsSnapshots Advanced use Menu PasswordMain menu Call quality Advanced call quality QcifPresentation Mode Duo Video ModePresentations Duo Video QualityDuo Video Number Duo Video / Snapshot SourceAuto-Display Snapshot Snapshot FilterUtilities AutoanswerFar end camera control Dual MonitorAuto-PIP Welcome MenuContinuous Presence MCU status lineWeb Snapshots MCU services Quick Menu Request floor Release floorTerminal Names View site #Chair control Audio Settings Audio InputsPage Level Settings Out1 +13.5dB Out2AUX Out3VCR Previous Menu Audio OutputsEcho Control Page Automatic Gain Control AGC Settings Alert Tones & Volume Restore Audio DefaultsCamera Tracking Mode Video SettingsDocument Camera Focus BrightnessWhitebalance Video NameVGA Settings VNC Settings Terminal Settings Network ConfigurationISDN-BRI Settings Spids This Service has Limited Access on Some Isdn Networks Parallel dial External network settings 35/RS-366 cable LAN Settings Page Settings Page Advanced H.323 Settings RsvpIP Precedence QoS TypeDiffserv IP Settings Snmp Settings Call Settings Access CodeIncoming MCU calls Incoming telephone callsEncryption Mode Encryption Secure ConferenceMax Call Length Network ProfilesDataport configuration Page Language Software OptionsSystem info DiagnosticsChannel status TIP Restore defaults Call statusTest subsystem View current settingsIP Address Conflict Check Peripheral Equipment InterfacesE2 only Dual Monitor XGA monitorDocument camera Multiple controllable cameras AudioScience microphone TrackerVCR Playback Video Cassette Recorder VCRVCR Recording Telephone Add-On Extra fixed camerasPC applications Additional microphones Appendices TandbergAppendix 2 Connecting the system to the Switched 56 network Using Telesync TS-256 SW56/ISDN adapterLoudspeaker volume Appendix 3 Environmental considerationsIris control and lighting BackgroundGuidelines for setting up videoconferencing rooms How to prepare a typical room for videoconferencingAppendix 4 Using the file system Custom logos · Go to the folder where your logo is located Appendix 6 Security ABC111 112 Appendix 6 Declaration of Conformity Index FeccTandberg Videoconferencing System Index Current settings 93 outgoing video 30 Viewing a still image