Polycom ViaVideo manual What’s a DMZ?

Page 82

Appendix

Network Connection

unauthorized access. The need for protection must be balanced against the need to communicate with the outside world. This is why most security solutions focus on minimizing the risk until it reaches an acceptable level.

Opening ports in the firewall might seem at first like an unnecessary security risk. However, there are in reality so many ports (65535) that simply discovering which port might be open is difficult enough. In addition to the sheer number of ports, protections written into the operating system make it very difficult to gain unauthorized access to your network, even if those ports are open. Finally, only port 1720 is open to receive incoming requests. The range of six ports is only open in your PC during a call.

If “safe enough” isn’t secure enough for you, then setting your

VIaVideo up in a DMZ is safer option. For more information about

DMZs, see the next section.

What’s a DMZ?

Most firewalls provide DMZ configuration as a way to allow high availability access for web servers and video communications servers (that’s your PC running ViaVideo) while providing firewall access for the other devices in the network. A DMZ is not a physical location, but is instead a way to configure your network so that the devices that are “in” the DMZ are served by the router, but are outside the protection of the firewall. Devices in the DMZ then communicate with the other devices in the internal network through the firewall.

This solution creates a “safe zone” within your internal network by effectively placing the video communications server outside of the firewall’s protection. In this way, no unauthorized connections are allowed within the firewall-protected zone, and the video communications server is allowed free access to the internet. Note that this configuration leaves the video communications server without protection from external sources.

Setting up your ViaVideo’s computer in a DMZ is the quickest way to configure your ViaVideo to run while using a firewall. For more information about configuring your video communications server in a DMZ, see “Router With Firewall, Using a DMZ,” on page 68.

ViaVideo User’s Guide

74

www.polycom.com

Image 82

Contents ViaVideo User’s Guide Page Trademark Information WarrantyOther Restrictions Patent InformationUnderwriters’ Laboratories’ Statement Important SafeguardsRegulatory Notices FCC Notice RADVision StatementContents Audio Connection System Information and DiagnosticsNetwork Connection Troubleshooting Contents ViaVideo User’s Guide Viii System Requirements and Installation Hardware RequirementsInstalling Hardware Installing SoftwareSoftware Requirements Starting ViaVideo Turn on the CameraInitial Setup ViaVideo built-in microphoneHeadset with microphone Placing a Call Using Manual DialingCamera Calibration Info icon Call status light IP address Chapter Using the Address Book or Speed Dialing New entry Edit entry Delete entry On-Screen Remote Control Ending a Call Answering CallsClosing ViaVideo Chapter Using ViaVideo Calling FeaturesUsing the Remote Control Hang UpSnapshot VolumeAudio Mute Picture in Picture PIP Information Screen AccessWindow Controls Minimize WindowRe-Size the ViaVideo Display Sending SnapshotsLeaving a Callback Message Using the Address Book Address Book and Speed DialDo This Local and Global Address Book Entries Local EntriesGlobal ILS Server Entries Register This System When Powered On Go to the Directory Services screenDisplay Global Address Delete All Using Speed DialLock Via the On-Screen Remote Controlling Audio and VideoControlling Audio DialVia the Audio Screen Muting Video Mute Auto Answer Calls in the Audio screen SystemChapter Collaboration and Application Sharing Multiple IP AddressesChapter System Information and Diagnostics Using the System Information ScreensSystem Information and Diagnostics Diagnostics Network Statistics Audio Jitter Advanced StatisticsVideo Jitter Call Status Reset System Camera Calibration Generate Tone Setup 323 Auto Start ViaVideo When Auto Start ViaVideo is selectedGeneral Auto AnswerUser Name Show Half-Size Display When Show Half-Size Display isShow Animations MailDirectory Services LAN and Internet Register this system when starting ViaVideoDisplay Global Addresses Host Name Wins ResolutionDefault Gateway IP AddressAudio Wave Volume Volume ControlMaster Volume LinePC Software SoftwareViaVideo Software Gatekeeper SetupDialing Speeds 323 Display IP Dialing ExtensionMultiple IP Addresses Gatekeeper Dialing Speeds Quality of Service and Firewalls Use Fixed PortsIP Precedence Auto discover NAT IP addressNAT outside WAN address Dynamic BandwidthChapter Audio Connection PC with SpeakersPC with Headphones Headphones Only Headset with Attached Microphone Pick Your Connection Type Simple Connection Just a Modem, ThanksRouter With NAT, No Firewall Router With Firewall, Using a DMZRouter With Firewall Configure Your Connection Through a Virtual Private NetworkWhen you select Auto discover NAT IP Address, ViaVideo Configure your ViaVideo for NATSelect the System is Behind a NAT option Open and Assign Ports in the Firewall System Information screenRouter With Firewall, Using a DMZ Assign your ViaVideo to the DMZ Through a Virtual Private Network Appendix What’s a Firewall? Port Number Assignation Opening PortsIs it Safe? What’s a DMZ? What’s a Network Address Translator? Appendix General Troubleshooting Problem Explanation SolutionAudio Troubleshooting InfoDiagnosticsGenerateVolume Controls Wave, and MasterVideo Troubleshooting Windows Control PanelInfoSetupH.323QOS Bandwidth optionErrors Error MessagesInstallation Errors Error Message Explanation SolutionGatekeeper setting SetupH.323Appendix C