Polycom 7000 Administrative Best Practices, Auditor Responsibilities, Auditor Best Practices

Page 338

System Management and Maintenance

Note: System maintenance tasks can be delegated

You can delegate some of the maintenance tasks to a provisioner. See Provisioner Responsibilities.

Using the system tools provided to aid with system and network diagnostics, monitoring, and troubleshooting. See Troubleshooting Utilities. Should the need arise, Polycom Global Services personnel may ask you to run these tools.

Upgrading the system when upgrades/patches are made available. See Upgrading the Software.

Administrative Best Practices

The following are some of our recommendations for administrative best practices:

Perform the recommended regular maintenance.

Except in emergencies or when instructed to by Polycom Global Services personnel, don’t reconfigure, install an upgrade, or restore a backup when there are active calls and conferences on the system. Many of these operations will require a system restart to complete, which will result in these calls and conferences being dropped. Before performing these operations, busy out all MCUs and wait for all conferencing activity to cease.

Before you reconfigure, install an upgrade, or restore a backup, manually create a new backup. Then download and archive this backup in the event that something unforeseen occurs and it becomes necessary to restore the system to a known good state.

For proper name resolution and smooth network operations, configure two or more DNS servers in your network configuration (see Network Settings). This allows the Polycom RealPresence DMA system to function properly in the event of a single external DNS failure.

Configure at least one NTP server in your time configuration (see Time Settings) and preferably three. Proper time management helps ensure that your cluster operates efficiently and helps in diagnosing any issues that may arise in the future. Proper system time is also essential for accurate audit and CDR data.

Unless otherwise instructed by Polycom Global Services, always use the High Security setting. See Security Settings.

Auditor Responsibilities

As a Polycom RealPresence DMA system auditor, you’re responsible for managing the system’s logging and history retention. You should be familiar with the following configurations and operations:

Configuring logging for the system. See Logging Settings. These settings affect the number and the contents of the log archives available for download from the system. See System Log Files. Polycom Global Services personnel may ask you to adjust the logging configuration and/or download and send them logs.

Configuring history retention levels for the system. See History Retention Settings. These settings affect how much system activity history is retained on the system and available for download as CDRs. See Call History, Conference History, and Call Detail Records (CDRs).

Auditor Best Practices

The following are some of our recommendations for auditing best practices:

Polycom, Inc.

338

Page 337 Page 339
Image 338
Page 337 Page 339
Contents Polycom RealPresence DMA 7000 System Page Contents Local Cluster Configuration System SecurityDevice Management MCU Management Integrations with Other SystemsConference Manager Configuration SuperclusteringCall Server Configuration Site TopologySystem Management and Maintenance Users and GroupsContents 361 System Reports Polycom RealPresence DMA System Snmp SupportConference Manager Introduction to the Polycom RealPresence DMA SystemPolycom RealPresence DMA System’s Primary Functions Call Server RealPresence Platform APISVC Conferencing Support Polycom RealPresence DMA System’s Three Configurations Two-server Cluster ConfigurationSingle-server Configuration System Capabilities and Constraints Port Protocol Description SettingsSystem Port Usage Embedded DNSSend Usage Data Working in the Polycom RealPresence DMA System Polycom Solution SupportAccessing the Polycom RealPresence DMA System Field Input RequirementsSettings Dialog Menu/Icon Admin Provisioner AuditorMenu/Icon Admin Provisioner Auditor Menu/Icon Admin Provisioner Auditor Menu/Icon Admin Provisioner Auditor Modifying Open Source Code Open Source SoftwareLicense Information To replace an Lgpl library with your modified versionSystem configuration Confirming configurationAdditional DNS Records for SIP Proxy Additional DNS Records for the Optional Embedded DNS Feature Additional DNS Records for the H.323 GatekeeperLicense the RealPresence DMA System, Appliance Edition License the Polycom RealPresence DMA SystemVerify That DNS Is Working for All Addresses Set Up Signaling License the RealPresence DMA System, Virtual EditionSet Up Security Set Up MCUs Connect to Microsoft Active Directory Set Up Conference Templates Test the System Security Certificates Overview How Certificates WorkDER System Security Frequently Asked Questions Certificate Settings Column DescriptionField Description Certificate Information DialogCertificate Signing Request Dialog Section Description Add Certificates DialogCertificate Details Dialog To install a certificate for a trusted root CA Certificate ProceduresInstall a Certificate Authority’s Certificate Go to Admin Local Cluster CertificatesActions list, select Display Details To create a certificate signing requestActions list, select Add Certificates Actions list, select Create Certificate Signing RequestInstall a Certificate in the RealPresence DMA System Remove a Certificate from the RealPresence DMA System To remove a Trusted Root CA’s certificateCertificate Details dialog appears Security SettingsActions list, select Delete Certificate Custom security Field Description Maximum securityHigh security Servers, not to allow ongoing use of unencrypted connections Server in the Polycom RealPresence DMA system To change the security settings Go to Admin Local Cluster Security SettingsConsequences of Enabling Maximum Security Mode On the Troubleshooting Utilities menu, Top is removedSystem Security Login Policy Settings Password Complexity Local PasswordField Description Password Management SessionField Description Account Lockout Local User AccountUnlimited Account InactivityCustom Access Policy SettingsBanner Reset System Passwords To reset system passwordsWait a few minutes to log back in. See also Local Cluster Configuration Network SettingsField Description Server DhcpTurn on Auto-negotiation or set Speed and Duplex manually SettingsField Description Shared Management Network Shared Signaling Network General System NetworkRouting Configuration Dialog IPv6address%eth0Time Settings Field Description Active License LicensesLicenses for the Appliance Edition Activation KeysSee Automatically Send Usage Data for more information Cluster Network SettingsLicenses for the Virtual Edition DMA HostSignaling Settings SIP SignalingUntrusted SIP Call Handling Configuration Device AuthenticationSIP Device Authentication Signaling Settings Fields Field Description SettingsSIP Settings Add Guest Port Dialog FieldSecurity Settings page. See Security Settings Edit Guest Port DialogAdd Guest Prefix Dialog Logging Settings Edit Guest Prefix DialogAlerting Settings Alert ID Threshold Condition Description Local Cluster Configuration ProceduresAdd Licenses To enter license activation key codes Go to Admin Local Cluster LicensesTo request a software activation key code for each server Select Product ActivationGo to Admin Local Cluster Signaling Settings Configure SignalingTo configure signaling Under Unauthorized ports, click Add Under Unauthorized prefixes, click AddAutomatically Send Usage Data Configure LoggingTo configure logging To see the collected data Enable or Disable Automatic Data CollectionSee the Collected Data Device Management Active CallsCall Details Dialog Tab/Field/Column Description Call Info Call Events On the Call Server SettingsTab/Field/Column Description Bandwidth Subscription EventsQoS EndpointsTab/Field/Column Description Property Changes Registration policy script see Registration Policy Registration Policy Server SettingsCommand Description Names/Aliases in a Mixed H.323 and SIP Environment RegistrationsDevice Management Add Endpoint Dialog Edit Device Dialog Edit Devices Dialog Edit Alias Dialog Site StatisticsAdd Alias Dialog Associate User DialogSite Link Statistics External Gatekeeper ColumnColumn Description External Gatekeeper Authentication ModeAdd External Gatekeeper Dialog Edit External Gatekeeper Dialog PostliminaryThis script to open the Script Debugging Dialog for External SIP Peer Multiple External SIP PeersAdd External SIP Peer Dialog Field Description External SIP PeersUDP Domain List Temporarily select Use customized script AuthenticationField Description Postliminary To header optionsLync Integration Field Description External SIP Peer Edit External SIP Peer DialogExternal Registrations Host/domain name Routed to this peer server Polycom, Inc 112 Lync Integration External Registration SIP Peer Postliminary Output Format OptionsTo Header Format Options Default To header for Microsoft. Equivalent to template Request-URI Header Format OptionsVariable Description Default Request-URI for Microsoft Equivalent to templateFree Form Template Variables Original Request-URI Header Template Result To Header and Request-URI Header ExamplesOriginal To Header Template Result Add Authentication Dialog Edit Authentication DialogAdd Outbound Registration Dialog Template VariablesEdit Outbound Registration Dialog External H.323 SBC Add External H.323 SBC Dialog Column Description External H.323 SBCEdit External H.323 SBC Dialog Polycom, Inc 124 MCU Management MCUsPage Polycom, Inc 127 See SVC Conferencing Support Policy Not to make or receive calls Add MCU Dialog Field Description External MCUManagement IP address Prefix Dialog Gateway Selection ProcessGateway Profiles Media IP AddressesEdit MCU Dialog Management IP address Polycom, Inc 137 Polycom, Inc 138 Add Session Profile Dialog Edit Session Profile DialogTo view information about an MCU MCU ProceduresIsdn Gateway Selection Process To add an MCUTo edit an MCU To delete an MCU MCU Pools Edit MCU Pool Dialog CommandAdd MCU Pool Dialog To edit an MCU Pool MCU Pool ProceduresTo add an MCU Pool To delete an MCU PoolMCU Pool Orders Add MCU Pool Order Dialog Edit MCU Pool Order Dialog MCU Selection ProcessMCU Availability and Reliability Tracking 24% To add an MCU Pool Order MCU Pool Order ProceduresTo view the MCU Pool Orders list To edit an MCU Pool OrderTo delete an MCU Pool Order Integrations with Other Systems Microsoft Active Directory IntegrationMicrosoft Active Directory Field Description Connection Status Conference Settings Field Description Active Directory ConnectionUnderstanding Base DN Enterprise Conference Room ID GenerationEnterprise Chairperson and Conference Passcode Generation Active Directory Integration Procedure To integrate with Active DirectoryPolycom, Inc 160 Understanding Base DN Polycom, Inc 162 Adding Passcodes for Enterprise Users When you click Update on the Microsoft Active Directory About the System’s Directory QueriesGlobal Group Membership Search User SearchGroup Search Domain Search Configurable Attribute Domain SearchAttribute Replication Search Service Account Search Microsoft Lync 2013 IntegrationLync 2010 vs. Lync 2013 Integration Scheduled Conferences with Polycom RealConnectAutomatic Contact Creation and Configuration Active Directory Service Account PermissionsLync and non-Lync Endpoint Collaboration Considerations and Requirements for Lync 2013 IntegrationLync 2010 and 2013 Client / Server Feature Support Integrate RealPresence DMA and LyncDiagnose Presence Problems Microsoft Exchange Server IntegrationMicrosoft Exchange Server Polycom Solution and Integration SupportDifferences between Calendaring and Scheduling Exchange Server Integration Procedure RealPresence Resource Manager Integration Page RealPresence Resource Manager Join RealPresence Resource Manager Dialog RealPresence Resource Manager Integration Procedures To integrate with a RealPresence Resource Manager system Juniper Networks SRC Integration Juniper Networks SRCJuniper Networks SRC Integration Procedure To configure SRC integrationConference Manager Configuration Conference SettingsPresence Publishing Field Maximum Polycom conference contacts to publish Contacts presence settings belowCreate Polycom conference contacts check box is enabled Class of Service Default Polycom Conference Contacts Presence SettingsRemove Contacts from Active Directory Dialog To specify conference settingsGo to Admin Conference Manager Conference Settings Select Publish presence for Polycom conference contacts Conference TemplatesTwo Types of Templates Standalone Templates About Conference IVR Services Template PriorityAbout Cascading Cascading for Bandwidth Cascading for SizeCascading for Bandwidth Cascading for Size Conference Templates List Field Description Common SettingsRMX General Settings Add Conference Template DialogMany of the MCUs have that profile for instance, 2 Cascade for bandwidth LPR RMX Video Quality Field Description RMX Gathering SettingsVideo switching is selected  TIP compatibility is set to either None or Video Only  Conference mode is set to AVC onlyRMX Video Settings OptimizedTelepresence mode is Yes GuideRMX Conference IVR Field Description RMX Audio SettingsRMX Skins See Shared Number DialingRMX Site Names RMX RecordingCisco Codian Edit Conference Template Dialog Polycom, Inc 205 Field Description LPR Field Description RMX Gathering Settings  Conference mode is set to AVC only Polycom, Inc 210 Polycom, Inc 211 RMX Site Names Cisco Codian Select Layout Dialog Conference Templates ProceduresGo to Admin Conference Manager Conference Templates To select a video frames layoutTo change a conference template’s priority Click the RMX General Settings tabTo edit a conference template To delete a conference templateIVR Prompt Sets Prompt File Name Prompt Text Shared Number Dialing Polycom, Inc 219 Polycom, Inc 220 Field Description Virtual Entry Queue Conference Settings plus VEQ numberAdd Virtual Entry Queue Dialog Prompt SetsAdd Direct Dial Virtual Entry Queue Dialog Edit Virtual Entry Queue DialogEdit Direct Dial Virtual Entry Queue Dialog Script Debugging Dialog for VEQ Scripts Dialstring = sipxxx@10.33.120.58Sample Virtual Entry Queue Script Superclustering About SuperclusteringDMAs Polycom, Inc 228 Following table describes the fields on Join Supercluster Dialog Supercluster Procedures To create or join a superclusterTo remove a cluster from the supercluster Actions list, select Remove from SuperclusterCall Server Configuration About the Call Server CapabilitiesModifications Call Server SettingsField Description General Settings For the called endpoint For SIP calls gatewayed to an See External Gatekeeper Field Description Gatekeeper Blacklist Settings DomainsMycompany domains, this would not match eng.mycompany.com Dial Rules Test Dial Rules Dialog Sipsrbruce@10.47.7.9 See Edit Site Dialog Default Dial Plan and Suggestions for ModificationsRule Effect Polycom, Inc 244 H323xxxx@enterprisepartner.com Preliminary Add Dial Rule DialogField Description Dial Rule Default port of the signaling protocol Conference template Template configured in Admin Conference Manager ConferenceConference Manager Conference Settings MCU pool orderWeighted round-robin All in parallel forkingEdit Dial Rule Dialog Block Blocks the call Resolve to IP address Polycom, Inc 252 Polycom, Inc 253 Variable Initial value Preliminary/Postliminary ScriptingPredefined Preliminary/Postliminary Scripting Variables Preliminary/Postliminary Scripting Functions Usage exampleReturn value None Function name and parameters DetailsReturn value How Dial Rule Actions Affect SIP Headers Dial rule action Output SIP headersScript Debugging Dialog for Preliminaries/Postliminaries See Preliminary/Postliminary Scripting for a descriptionSample Preliminary and Postliminary Scripts Dialstring = 99 + Dialstring Strip Prefix SIPSubstitute Domain SIP Site Based Numeric Nicknames User = Callersitecountrycode + Callersiteareacode + user Hunt Groups Field Description General Info Add Hunt Group DialogEdit Hunt Group Dialog Hunt Group MembersDevice Authentication On the Inbound Authentication tab, you can Inbound AuthenticationShared Outbound Authentication Field Description Inbound AuthenticationAdd Device Authentication Dialog Shared Outbound AuthenticationRegistration Policy Edit Device Authentication DialogField Description Device Authentication Compliant Registration Policy Scripting EpdefinedincmaEPISIPV4 Script Debugging Dialog for Registration Policy Scripts RegsitedigitsSample Registration Policy Scripts Reject aliases that arent the right length otherwise accept Prefix Service Add Simplified Isdn Gateway Dialing Prefix Dialog Edit Simplified Isdn Gateway Dialing Prefix Dialog Edit Vertical Service Code Dialog Embedded DNSTo enable DNS publishing Callservers.example.comNumber of Records Purged History Retention SettingsRecord Type Retention Limit When Limit Is Reached To configure history record retention History ReportSite Topology About Site TopologyBandwidth Management Sites Site Information Dialog Field Site InfoDevice Types Field Description General Info General SettingsAdd Site Dialog SubnetsIsdn Number Assignment Field Description Bandwidth SettingsTerritory Settings Isdn Outbound Dialing Isdn Range Assignment for did dialing methodSIP Routing Isdn Range Assignment for gateway extension dialing methodRouting Edit Site Dialog Subnet2 = 10.33.24.0/24Polycom, Inc 291 Override ITU dialing rules Subnet Name Unique name of the subnet Polycom, Inc 293 Add Subnet Dialog Edit Subnet Dialog Site Links Add Site Link Dialog Edit Site Link DialogSite-to-Site Exclusions Add Site-to-Site Exclusion WizardGo to Network Site Topology Site-to-Site Exclusions TerritoriesTo add a site-to-site exclusion Add Territory Dialog Edit Territory Dialog Field Cloud Info Network CloudsAdd Network Cloud Dialog Add Site Link Dialog Edit Network Cloud DialogField Description Associated Sites Field Cloud Info DescriptionGo to Network Site Topology Territories Site Topology Configuration ProceduresGo to Network Site Topology Sites About Site Topology User Roles Overview Role DescriptionAdding Users Overview Users Are in the Local domain See Add User Dialog See Local PasswordAdd User Dialog DialogAssociated Endpoints Service. See Conference SettingsRooms Dialog Conference Passcodes Edit User DialogField Description Associated Roles Prompted see Authentication Required Dialog Field Description Associated Endpoints Select Associated Endpoints DialogConference Rooms Dialog Authentication Required DialogSelect Associated Endpoints Dialog Its conferences. See Conference Templates Add Conference Room Dialog Conference Settings Namespace, enter the value in the box below the list  Do not publish presence Defined on the Admin Conference Manager Conference Settings Publish presence  Create contact and publish presenceConference see Edit Conference Template Dialog User DialogEdit Conference Room Dialog Settings Polycom, Inc 324 Dial-out Participants list Edit Dial-out Participant Dialog Users ProceduresAdd Dial-out Participant Dialog To edit a user To find a user or usersTo add a local user Go to User UsersTo add a conference room to a user Conference Rooms ProceduresTo delete a local user To edit one of a user’s conference roomsGroups To delete one of a user’s custom conference roomsConference Templates Edit Group Dialog See Conference SettingsImport Enterprise Groups Dialog From the Search results boxTemplates Setting on the User Users Manage Conf Rooms dialog Admin Conference Manager Conference SettingsManager Conference Settings Boxes on the Admin Conference Manager Conference SettingsEnterprise Groups Procedures Actions list, click Import Enterprise GroupsLogin Sessions To terminate a user’s login sessionChange Password Dialog Management and Maintenance Overview Administrator ResponsibilitiesAuditor Best Practices Administrative Best PracticesAuditor Responsibilities Provisioner Responsibilities Recommended Regular MaintenanceRegular archive of backups General system health and capacity checksMicrosoft Active Directory health Certificates Security configurationDashboard Network usage data exportActive Directory Integration Pane Call Server Active Calls PaneConference History Max Participants Pane Call Server Registrations PaneCluster Info Pane Conference Manager MCUs Pane Conference Manager Usage PaneExchange Server Integration Pane Juniper Networks SRC Integration PaneRealPresence Resource Manager Integration Pane Signaling Settings PaneLicense Status Pane Supercluster Status PaneUser Login History Pane Territory Status PaneAlerts Cluster cluster is orphaned Supercluster StatusAlert Territory Status No clusters assigned to list of territoriesPolycom, Inc 351 Formatted string from server Asynchronous OperationRealPresence Resource Manager System Integration Active Directory Integration Zero enterprise conference rooms exist on cluster clusterPolycom, Inc 354 Exchange Server Integration Database Status Lync Integration Signaling Certificates. See also CertificateCluster cluster The server certificate has expired Cluster cluster One or more CA certificates have expired Licenses Cluster cluster Cannot connect to licensing server lserverNetworks Cluster cluster DMA is not licensed for any callsCluster cluster a signaling network error exists on server Cluster cluster a private network error exists on serverCluster cluster a public network error exists on server Server Resources Server server CPU utilization 50% and 75% Cluster cluster System version differs between servers Data SynchronizationServer server CPU utilization 75% System Health and Availability Cluster cluster Local users differ between serversMCUs MCU MCUname has count warnings MCU MCUname is currently out of serviceMCU MCUname is currently busied out MCU mcu disconnect rate is MCU MCUname is disconnectedMCU mcu disconnect rate is 1 MCU mcu call failure rate is 0.4MCU mcu call failure rate is MCU mcu is connected with no port capacityEndpoints Polycom, Inc 373 Conference Status No territories configured to host conference roomsConference Manager Ongoing conference VMR on MCU MCU failed reason Lync Presence PublishingConference VMR on MCU MCU failed to start reason Polycom, Inc 376 Polycom, Inc 377 Call Server Cluster cluster External SIP peer sippeer is unresponsive System Log FilesCall Bandwidth Management System Logs Procedures To download a log archive to your PC or workstationActions list, click Download Archived Logs To manually roll the system logsTo delete a system log archive Traceroute Troubleshooting UtilitiesPing TopTo run iostat on each server Check Configuration SynchronizationNTP Status To run sar on each serverBacking Up and Restoring Diagnostics for your Polycom ServerTo check configuration synchronization SHA1 Confirm Restore Dialog Backup and Restore ProceduresTo upload a backup file To download a backup fileTo create a new backup file Go to Maintenance Backup and RestoreTo restore from a backup file on the cluster Shut down the system. See Shutting Down and Restarting Close the utility Following table describes the parts of the Software Upgrade Upgrading the SoftwareBasic Upgrade Procedures Return to Maintenance Software Upgrade To install an upgradeGo to Maintenance Software Upgrade To roll back an upgrade, restoring the previous version Return to Maintenance Software Upgrade Incompatible Software Version Supercluster Upgrades Factors to Consider for an Incremental Supercluster Upgrade Simplified Supercluster Upgrade Complete Service Outage System Management and Maintenance Polycom, Inc 400 To upgrade a RealPresence DMA system, Virtual Edition Complex Supercluster Upgrade Some Service MaintainedRealPresence DMA System, Virtual Edition System Upgrade Adding a Second ServerExpanding an Unpatched System Expanding a Patched System To replace a failed server in a two-server cluster Replacing a Failed ServerShutting Down and Restarting To start up a shut-down cluster Go to Maintenance Shutdown and RestartTo restart or shut down one or both servers in a cluster Alert History Call HistorySystem Reports Conference History Export HistoryExport History Associated CallsConference Events Property ChangesCall Record Layouts Call Detail Records CDRsExporting CDR Data To download CDRsYYYY-MM-DDTHHMMSS.FFF+-ZHHMM 1024+768+384 Conference Room Dialog 486BUSY Here720p30 Conference Record Layouts ConfPolycom RealPresence DMA System Value from the Conference room pass-through to CDR fieldRegistration History Report Registration History Procedures To find a device or devicesActive Directory Integration Report Groups with Partially Loaded or No Membership Information Active Directory IntegrationAll Domains To remove orphaned group data from the system Orphaned Groups and Users ProceduresOrphaned Groups and Users Report To remove orphaned user data from the systemConference Room Errors Report Exporting Conference Room Errors Data To download conference room errors dataEnterprise Passcode Errors Report Network Usage Report Exporting Enterprise Passcode Errors DataTo download enterprise passcode errors data Exporting Network Usage Data Field Description To download network usage data Snmp Overview Snmp FrameworkSnmp Notifications Snmp VersionsTo enable the Snmp agent Configure SnmpEnable the Snmp Agent Go to Admin Local Cluster Snmp SettingsTo add a notification user Go to Admin Local Cluster Snmp Settings Click Add UserAdd an Snmp Notification User To add an Snmp notification agent to the system Edit Notification User DialogAdd an Snmp Notification Agent UDP. See Snmp Overview Edit Notification Agent DialogClick Add Agent Available Snmp MIBs Go to Admin Snmp Settings Click Download MIBsDownload MIBs To download the MIB package for a DMA systemPolycom RealPresence DMA System Snmp Support
Related manuals
Manual 323 pages 54.38 Kb
Top Page Image Contents