Nortel Networks NN44470-100 manual MAS administration and security, Access security setup

Page 26

MAS administration and security

This chapter describes the administration tasks and security tools associated with MAS operation and management.

Navigation

Access security setup (page 26)

Remote Desktop Protocol (page 28)

IPSEC configuration (page 29)

Security tools (page 29)

Certificate management (page 30)

Service and configuration data backup (page 31)

Automatic and manual backups (page 31)

System maintenance (page 33)

Access security setup

Administrative access to the MAS is obtained using the Microsoft Remote Desktop Connection Client. This client is based on the Remote Desktop Protocol (RDP), which provides access over separate virtual channels.

For the purposes of enhanced security, management access control is restricted to a limited number of authorized IP addresses. The number of authorized IP addresses must be less than or equal to the number of network administrators.

A timeout feature, set to a default value of 15 minutes, is used to disconnect idle connections. In addition, management ports that receive three consecutive failed login attempts are made unavailable for at least 60 seconds, and network connected management ports drop a connection or session that becomes disconnected for any reason, within 15 seconds.

RDP is separated from other traffic through the use of a virtual local area network (VLAN). A VLAN is added through the Broadcom Advanced Control Suite and a virtual adapter is created for each VLAN added.

Nortel Media Application Server 6.0 for AS 5300

Fundamentals

NN44470-100 01.01 Standard

Release 6.0 03 June 2008

Copyright © 2008, Nortel Networks

Page 25 Page 27
Image 26
Page 25 Page 27
Contents Fundamentals Page Contents Nortel MAS Console Navigation FeaturesNew in this release Other changesIntroduction System architecture MAS installationArchitecture and supported hardware and software Network architectureSIP Multimedia Conductor Sipmc Session controllerVxml browser Multimedia ControllerIVR media processor Ivrmp Multimedia Content StoreMAS installation Conference media processorOptions for MAS application deployment Announcements Application deployment optionsMusic On Hold Unified CommunicationsCo-resident Application Deployment including Meet Me Maintenance ReleasesCo-resident deployment Co-resident Application Deployment excluding Meet MeAS 5300 commissioning for MAS Packaged application installation and licensingMAS commissioning Packaged applicationsOperational state Configuration dataMAS clusters Persistent content storage Controller Peer Ring SIP domains SIP signalingSIP properties SIP routes SIP accountsSIP trusted nodes SIP proxy serversBasic conferencing algorithm Media conferencingSIP registrar servers Premium conferencing algorithmMixing different codecs Video codecs Media settingsAudio codecs Digit relayQuality of Service ConferencingQoS properties Property Description RSS provider Continuous streamingDirectory provider RSS 2.0 sample document MAS administration and security Access security setupUser accounts Security Auditor SALogon banners Application Administrator AARemote Desktop Protocol Ipsec configuration Security toolsCertificate management File system integrity and the fcheck toolService data Service and configuration data backupAutomatic and manual backups Restrictions Backup of configuration dataService data Content Store data Event logs System maintenanceBackups MAS performance management Polling management data MAS fault managementFault management architecture Snmp management Supported MIBsSyslog Event logsSecurity Logs Field DescriptionAlarms MAS Console security logsField Description Generic Nortel MAS Console Counters & GaugesNortel MAS Console IP InterfacesAdvanced Settings SignalingMedia Settings LoggingConfiguration properties Dialog boxesTranslation properties Translation Properties dialog box SIP domain properties SIP Domain Properties dialog boxSIP account properties SIP Trusted Nodes properties SIP route propertiesModify SIP Route dialog box Audio codec configuration Video codec configuration Video Codec Configuration dialog box Digit relay configuration Users properties User Properties dialog box Terminology Management Information Base Differentiated Services Code PointDual-tone multi-frequency Media Application ServerSession Information Protocol Redundant Array of Independent DisksSession Description Protocol Simple Network Management ProtocolVideo codec Universal Resource IndicatorUser Datagram Protocol Voice Extensible Markup LanguagePage Fundamentals
Top Page Image Contents