Polycom 3725-76302-001LI

The Consequences of Enabling Maximum Security Mode System Security

Polycom, Inc. 55

•On the Banner page, Enable login banner is selected and can’t be

disabled.

•On the Login Sessions page, the Terminate Session action is not

available.

•On the Troubleshooting Utilities menu, Top is removed.

•In the Add User and Edit User dialog boxes, conference and chairperson

passwords are obscured.

•After Maximum security is enabled, users must change their passwords.

•If the system is not integrated with Active Directory, each local user can

have only one assigned role (Administrator, Provisioner, or Auditor).

If some local users have multiple roles when you enable Maximum

security, they retain only the highest-ranking role (Administrator >

Auditor > Provisioner).

•If the system is integrated with Microsoft Active Directory, only one local

user can have the Administrator role, and no local users can have the

Provisioner or Auditor role.

If there are multiple local administrators when you enable Maximum

security, the system prompts you to choose one local user to retain the

Administrator role. All other local users, if any, become conferencing

users only and can’t log into the management interface.

Each enterprise user can have only one assigned role (Administrator,

Provisioner, or Auditor). If some enterprise users have multiple roles (or

inherit multiple roles from their group memberships), they retain only the

lowest-ranking role (Administrator > Auditor > Provisioner).

•Local user passwords have stricter limits and constraints (each is set to the

noted default if below that level when you enable Maximum security):

—Minimum length is 15-30 characters (default is 15).

—Must contain 1 or 2 (default is 2) of each character type: uppercase

alpha, lowercase alpha, numeric, and non-alphanumeric (special).

—Maximum number of consecutive repeated characters is 1-4 (default is

2).

—Number of previous passwords that a user may not re-use is 8-16

(default is 10).

—Minimum number of characters that must be changed from the

previous password is 1-4 (default is 4).

—Password may not contain the user name or its reverse.

—Maximum password age is 30-180 days (default is 60).

—Minimum password age is 1-30 days (default is 1).