DMA OperationsGuide Security Settings
52 Polycom, Inc.
Skip certificate
validation for user login
sessions
This option may be configured in any security mode.
If this option is turned off, you can only connect to the
Polycom DMA system if your browser presents a client
certificate issued by a CA that the system trusts (this is
known as mTLS for administrative connections).
Turn this option off only if:
•You’ve implemented a complete public key
infrastructure (PKI) system, including a CA server,
client software (and optionally hardware, tokens, or
smartcards), and the appropriate operational
procedures.
•The CA’s public certificate is installed in the Polycom
DMA system so that it trusts the CA.
•All authorized users, including yourself, have a
client certificate signed by the CA that authenticates
them to the Polycom DMA system.
Allow forwarding of IPv6
ICMP destination
unreachable messages
If this option is off, the Polycom DMA system has an
internal firewall rule that blocks outbound destination
unreachable messages.
If this option is on, that firewall rule is disabled.
Note: The Polycom DMA system currently doesn’t send
such messages, regardless of this setting.
Allow IPv6 ICMP echo
reply messages to
multicast addresses
If this option is off, the Polycom DMA system doesn't
reply to echo request messages sent to multicast
addresses (multicast pings).
If this option is on, the system responds to multicast
pings.
Table 3-5 Fields on the Security Settings page (continued)
Field Description