Security Settings | Polycom 3725-76302-001O manual

System Security

3In the Actions list, select Display Details and confirm that you’ve selected the correct certificate. Then click OK.

4In the Actions list, select Delete Certificate.

5When asked to confirm, click Yes.

A dialog box informs you that the certificate has been deleted.

6Click OK.

7Click Restart to Apply Saved Changes, and when asked to confirm that you want to restart the system so that certificate changes can take effect, click OK.

To remove a signed certificate and revert to the default self-signed certificate

1Go to Certificates.

2In the Actions list, select Revert to Default Certificate.

3When asked to confirm, click Yes.

A dialog box informs you that the system has reverted to a self-signed certificate.

4Click OK.

5Click Restart to Apply Saved Changes, and when asked to confirm that you want to restart the system so that certificate changes can take effect, click OK.

6After the system restarts, log back in, return to Admin > Local Cluster > Certificates, and verify that the system has reverted to the default self-signed certificate:

a In the list of certificates, select the Server SSL certificate. b In the Actions list, select Display Details.

The Certificate Details dialog box appears.

cConfirm from the information under Issued To and Issued By that the default self-signed certificate has replaced the CA-signed certificate.

dClick OK to close the dialog box.

See also:

Security Certificates Overview on page 39

Certificate Settings on page 43

Certificate Procedures on page 46

Security Settings

The Security Settings page lets you switch between high security mode and a custom security mode in which one or more insecure capabilities are allowed. It also lets you switch to, but not from, a maximum security mode.

Polycom, Inc.

50

Image 50

Polycom 3725-76302-001O manual Security Settings, Actions list, select Delete Certificate

Contents

Polycom RealPresence DMA 7000 System Page Contents Local Cluster Configuration System Security Device Management MCU Management Integrations with Other Systems 152 Superclustering Conference Manager ConfigurationCall Server Configuration Site Topology 278 System Management and Maintenance Users and Groups Contents Contents Page System Reports Polycom RealPresence DMA System Snmp Support 419 Conference Manager Introduction to the Polycom RealPresence DMA SystemPolycom RealPresence DMA System’s Primary Functions Call Server RealPresence Platform API SVC Conferencing Support Polycom RealPresence DMA System’s Three Configurations Two-server Cluster Configuration Single-server Configuration System Capabilities and Constraints Embedded DNS on System Port UsagePort Protocol Description Send Usage Data on Working in the Polycom RealPresence DMA System Polycom Solution SupportAccessing the Polycom RealPresence DMA System Field Input Requirements Settings Dialog BoxMenu/Icon Admin Provisioner Auditor Menu/Icon Admin Provisioner Auditor Menu/Icon Admin Provisioner Auditor Menu/Icon Admin Provisioner Auditor Modifying Open Source Code Open Source SoftwareLicense Information To replace an Lgpl library with your modified version System configuration Confirming configuration Additional DNS Records for SIP Proxy Additional DNS Records for the Optional Embedded DNS Feature Additional DNS Records for the H.323 Gatekeeper License the Polycom RealPresence DMA System Verify That DNS Is Working for All Addresses License the RealPresence DMA System, Virtual Edition Set Up SignalingLicense the RealPresence DMA System, Appliance Edition Set Up Security Set Up MCUs Connect to Microsoft Active Directory Set Up Conference Templates Test the System Security Certificates Overview How Certificates Work DER System Security Frequently Asked Questions Certificate Settings Column Description Field Description Certificate Information Dialog BoxCertificate Signing Request Dialog Box Section Description Add Certificates Dialog BoxCertificate Details Dialog Box To install a certificate for a trusted root CA Certificate ProceduresInstall a Certificate Authority’s Certificate Go to Admin Local Cluster Certificates Actions list, select Display Details To create a certificate signing requestActions list, select Add Certificates Actions list, select Create Certificate Signing Request Install a Certificate in the RealPresence DMA System Remove a Certificate from the RealPresence DMA System To remove a Trusted Root CA’s certificate Security Settings Actions list, select Delete Certificate Custom security Field Description Maximum securityHigh security Servers, not to allow ongoing use of unencrypted connections Subscribing endpoints are conference participants To change the security settings Go to Admin Local Cluster Security Settings Consequences of Enabling Maximum Security Mode On the Troubleshooting Utilities menu, Top is removed System Security Login Policy Settings Password Complexity Local PasswordField Description Password Management Session Field Description Account Lockout Local User AccountUnlimited Account Inactivity Custom Access Policy SettingsBanner Reset System Passwords To reset system passwords Wait a few minutes to log back in. See also Local Cluster Configuration Network Settings Field Description Server Dhcp Turn on Auto-negotiation or set Speed and Duplex manually SettingsField Description Shared Management Network Shared Signaling Network General System Network Routing Configuration Dialog Box IPv6address%eth0 Time Settings Field Description Active License LicensesLicenses for the Appliance Edition Activation Keys DMA Host Cluster Network SettingsLicenses for the Virtual Edition Licensing Server Signaling Settings SIP Signaling Untrusted SIP Call Handling Configuration Device AuthenticationSIP Device Authentication Signaling Settings Fields Field Description Settings SIP Settings Add Guest Port Dialog Box Field Edit Guest Port Dialog Box Add Guest Prefix Dialog Box Prefix number for this entry Edit Guest Prefix Dialog Box Logging Settings Alert ID Threshold Condition Description Alerting SettingsLocal Cluster Configuration Procedures Select Product Activation Add LicensesTo request a software activation key code for each server Click Generate Go to Admin Local Cluster Licenses Configure SignalingTo configure signaling Go to Admin Local Cluster Signaling Settings Under Unauthorized ports, click Add Under Unauthorized prefixes, click Add Automatically Send Usage Data Configure LoggingTo configure logging To see the collected data Enable or Disable Automatic Data CollectionSee the Collected Data Device Management Active Calls Call Details Dialog Box Tab/Field/Column Description Call Info Call Events On the Call Server SettingsTab/Field/Column Description Bandwidth Subscription Events QoS EndpointsTab/Field/Column Description Property Changes Registration policy script see Registration Policy on Registration Policy on Server Settings onCommand Description Names/Aliases in a Mixed H.323 and SIP Environment Registrations Device Management Add Endpoint Dialog Box Edit Device Dialog Box Edit Devices Dialog Box Associate User Dialog Box Add Alias Dialog BoxEdit Alias Dialog Box Site Statistics Site Link Statistics External Gatekeeper Add External Gatekeeper Dialog Box Column Description External Gatekeeper Postliminary Authentication ModeEdit External Gatekeeper Dialog Box This script to open the Script Debugging Dialog Box for External SIP Peer Add External SIP Peer Dialog Box Field Description External SIP Peer UDP Domain List Temporarily select Use customized script AuthenticationField Description Postliminary To header options External Registration Lync IntegrationScheduled conferences is checked Edit External SIP Peer Dialog Box Host/domain name Field Description Domain List Field Description Authentication SIP Peer Postliminary Output Format Options To Header Format Options Default To header for Microsoft. Equivalent to template Request-URI Header Format Options Variable Description Default Request-URI for Microsoft. Equivalent to templateFree Form Template Variables Original To Header Template Result Add Authentication Dialog BoxTo Header and Request-URI Header Examples Original Request-URI Header Template Result Edit Authentication Dialog Box Add Outbound Registration Dialog Box Edit Outbound Registration Dialog Box Template Variables on External H.323 SBC Device Management on Edit External H.323 SBC Dialog Box on Add External H.323 SBC Dialog Box Column Description External H.323 SBC Edit External H.323 SBC Dialog Box MCU Management MCUsPage Polycom, Inc 126 See SVC Conferencing Support on On page 234. It can register again Add MCU Dialog Box Field Description External MCU Prefix Dialog Box on Gateway Dialing Prefix Dialog Box on page 272. In this case, Profile. See Isdn Gateway Selection Process on Media IP Addresses Edit MCU Dialog BoxField Description Gateway Profiles Polycom, Inc 134 Polycom, Inc 135 Direct dial-in prefixsession profile Polycom, Inc 137 Add Session Profile Dialog Box Edit Session Profile Dialog Box To view information about an MCU MCU ProceduresIsdn Gateway Selection Process To add an MCU To edit an MCU To delete an MCU MCU Pools Edit MCU Pool Dialog Box CommandAdd MCU Pool Dialog Box Column To edit an MCU Pool MCU Pool ProceduresTo add an MCU Pool To delete an MCU Pool MCU Pool Orders Add MCU Pool Order Dialog Box Edit MCU Pool Order Dialog Box MCU Selection Process MCU Availability and Reliability Tracking 24% To add an MCU Pool Order MCU Pool Order ProceduresTo view the MCU Pool Orders list To edit an MCU Pool Order To delete an MCU Pool Order Integrations with Other Systems Microsoft Active Directory Integration Report Microsoft Active DirectoryConnection Status Active Directory Connection Report reportUsers Report Understanding Base DN on Field Description Enterprise Conference Room ID Generation Enterprise Chairperson and Conference Passcode Generation Active Directory Integration Procedure To integrate with Active Directory Polycom, Inc 158 Integrations with Other Systems Understanding Base DN Polycom, Inc 161 Adding Passcodes for Enterprise Users When you click Update on the Microsoft Active Directory About the System’s Directory Queries Global Group Membership Search User SearchGroup Search Configurable Attribute Domain Search Attribute Replication Search Service Account Search Domain Search Scheduled Conferences Microsoft Lync 2013 IntegrationLync 2010 vs. Lync 2013 Integration Automatic Contact Creation and Configuration Lync and non-Lync Endpoint Collaboration Polycom, Inc 169 Lync 2010 and 2013 Client / Server Feature SupportConsiderations and Requirements for Lync 2013 Integration Integrate RealPresence DMA and Lync Required Information Synchronize Lync Server and RealPresence DMA System Time Enable Windows Remote ShellInstall Certificates for the Lync Server Add the Lync Pool as an External SIP Peer Enable the Dial by Lync Conference ID Dial Rule To enable the Dial by Lync conference ID dial rule Configure System-wide Presence and Contact Creation Settings Add the RealPresence DMA System to the Lync Topology Diagnose Presence ProblemsOptional Edit Presence settings for Groups or Specific VMRs Microsoft Exchange Server Integration Microsoft Exchange Server Exchange Server Integration Procedure Resource Management System Integration Page Resource Management System Resource Management System Integration Procedures Join Resource Management System Dialog Box To integrate with a resource management system Juniper Networks SRC Integration Juniper Networks SRC Juniper Networks SRC Integration Procedure To configure SRC integration Conference Manager Configuration Conference Settings Conference Manager Configuration Presence Publishing Contacts presence settings belowCreate Polycom conference contacts check box is enabled Field Maximum Polycom conference contacts to publish Go to Admin Conference Manager Conference Settings Default Polycom conference contacts presence settingsTo specify conference settings Remove Contacts from Active Directory Dialog Box Select Publish presence for Polycom conference contacts Standalone Templates Conference TemplatesTwo Types of Templates Template Priority About Conference IVR Services About Cascading Cascading for Bandwidth Cascading for Size Conference Templates List Add Conference Template Dialog Box Field Description Common SettingsRMX General Settings See Two Types of Templates on Video streams from each device to each device Field Description LPR RMX Gathering Settings Field Description RMX Video Quality Video switching is selected Conference mode is set to AVC only  TIP compatibility is set to either None or Video Only Optimized RMX Video SettingsTelepresence mode is Yes RMX Audio Settings RMX Skins RMX Recording Field Description RMX Conference IVRSee Shared Number Dialing on Cisco Codian Edit Conference Template Dialog Box Polycom, Inc 207 Field Description LPR RMX Gathering Settings Field Description RMX Video Quality Polycom, Inc 212 Polycom, Inc 213 Field Description RMX Conference IVR Cisco Codian Select Layout Dialog Box Conference Templates ProceduresGo to Admin Conference Manager Conference Templates To select a video frames layout To change a conference template’s priority Click the RMX General Settings tabTo edit a conference template To delete a conference template IVR Prompt Sets Prompt File Name Prompt Text Shared Number Dialing Polycom, Inc 221 Field Description Add Virtual Entry Queue Dialog Box Add Direct Dial Virtual Entry Queue Dialog Box Edit Virtual Entry Queue Dialog Box Edit Direct Dial Virtual Entry Queue Dialog Box Superclustering About Superclustering RealPresence DMAs Polycom, Inc 228 Following table describes the fields on To create or join a supercluster Supercluster ProceduresJoin Supercluster Dialog Box Go to Network RealPresence DMAs Actions list, click Join Supercluster To remove a cluster from the supercluster Actions list, select Remove from Supercluster Call Server Configuration About the Call Server Capabilities Modifications on Call Server SettingsField Description General Settings Call Server Configuration See External Gatekeeper on Gatekeeper Blacklist Settings Domains Mycompany domains, this would not match eng.mycompany.com Dial Rules Test Dial Rules Dialog Box Default Dial Plan and Suggestions for Modifications Callersipuri Rule Effect Edit Site Dialog Box on H323xxxx@enterprisepartner.com Add Dial Rule Dialog Box Field Dial Rule Field Description Preliminary Block Blocks the call Resolve to IP address Available SIP peers / Selected SIP peers selection area Conference template configured in Admin Conference ManagerConference template  a Type of Microsoft Resolve to external address Edit Dial Rule Dialog Box Field Description Dial Rule Block Blocks the call Resolve to IP address Polycom, Inc 250 Preliminary/Postliminary Scripting Variable Initial value Callersitearea Usage example Dial Rule Action Output SIP Headers Script Debugging Dialog Box for Preliminaries/Postliminaries Sample Preliminary and Postliminary Scripts Strip Prefix SIP Dialstring = Callersitecountrycode + Dialstring Hunt Groups Site Based Numeric Nicknames SIP Hunt Group Members Add Hunt Group Dialog BoxField Description General Info Edit Hunt Group Dialog Box Shared Outbound Authentication Device AuthenticationInbound Authentication On the Inbound Authentication tab, you can Field Description Inbound Authentication Field Description Shared Outbound Authentication Add Device Authentication Dialog BoxEdit Device Authentication Dialog Box Field Description Device Authentication Registration Policy Registration Policy Scripting Noncompliant Epdefinedincma EPISIPV4 Script Debugging Dialog Box for Registration Policy Scripts Sample Registration Policy Scripts If EPH323DIALEDDIGITSALIAS0.length!= Return Noncompliant Polycom, Inc 270 Prefix Service Add Simplified Isdn Gateway Dialing Prefix Dialog Box Edit Vertical Service Code Dialog Box Edit Simplified Isdn Gateway Dialing Prefix Dialog Box Embedded DNS To enable DNS publishing Following table describes the fields on the Embedded DNS Record Type Retention Limit When Limit Is Reached History Retention SettingsTo configure history record retention Number of Records Purged Call Server Configuration on Site Topology About Site Topology Sites Site Topology Device Types Site Information Dialog BoxField Site Info Description Subnets Territory Settings Field Description General Info General SettingsBandwidth Settings Add Site Dialog Box Field Description Isdn Number Assignment Isdn Outbound Dialing Routing Isdn Range Assignment for did dialing methodIsdn Range Assignment for gateway extension dialing method Edit Site Dialog Box SIP Routing Field Description General Info General Settings Field Description Isdn Number Assignment Field Description Add Subnet Dialog Box Edit Subnet Dialog Box Site Links Add Site Link Dialog Box Edit Site Link Dialog Box To add a site-to-site exclusion Site-to-Site ExclusionsAdd Site-to-Site Exclusion Wizard Go to Network Site Topology Site-to-Site Exclusions Territories Column/Section Description Associated Sites pane Add Territory Dialog BoxTerritory Summary pane Field Description Territory Info Edit Territory Dialog Box Field Cloud Info Network CloudsAdd Network Cloud Dialog Box See Add Site Link Dialog Box on Edit Network Cloud Dialog BoxField Description Associated Sites Field Cloud Info Description Go to Network Site Topology Territories Site Topology Configuration ProceduresGo to Network Site Topology Sites Polycom, Inc 300 User Roles Overview Role Description Adding Users Overview Users Are in the Local domain Add User Dialog Box See Add User Dialog Box on Rooms Dialog Box on Associated Endpoints Conference Passcodes Edit User Dialog BoxField Description Associated Roles Prompted see Authentication Required Dialog Box on Polycom, Inc 309 Conference Rooms Dialog Box Authentication Required Dialog BoxSelect Associated Endpoints Dialog Box Its conferences. See Conference Templates on Add Conference Room Dialog Box Conference Settings on Identity information to the right  Publish presence Defined on the Admin Conference Manager Conference SettingsConference Settings  Do not publish presence Conference see Edit Conference Template Dialog Box on User Dialog Box on Edit Conference Room Dialog Box Polycom, Inc 318 Polycom, Inc 319 Dial-out Participants list Edit Dial-out Participant Dialog Box Users ProceduresAdd Dial-out Participant Dialog Box To edit a user To find a user or usersTo add a local user Go to User Users To add a conference room to a user Conference Rooms ProceduresTo delete a local user To edit one of a user’s conference rooms To delete one of a user’s custom conference rooms Groups From the Search results box Import Enterprise Groups Dialog BoxConference Templates on See Conference Settings on Edit Group Dialog Box Setting on the User Users Manage Conf Rooms dialog box Admin Conference Manager Conference SettingsManager Conference Settings Boxes on the Admin Conference Manager Conference Settings Enterprise Groups Procedures Actions list, click Import Enterprise Groups Login Sessions To terminate a user’s login session Change Password Dialog Box Management and Maintenance Overview Administrator Responsibilities Auditor Best Practices Administrative Best PracticesAuditor Responsibilities Provisioner Responsibilities Recommended Regular MaintenanceRegular archive of backups General system health and capacity checks Security configuration Microsoft Active Directory health Network usage data export DashboardCertificates CDR export Active Directory Integration Pane Call Server Active Calls Pane Conference History Max Participants Pane Call Server Registrations PaneCluster Info Pane Conference Manager MCUs Pane Conference Manager Usage Pane Resource Management System Integration Pane Exchange Server Integration PaneLicense Status Pane Territory Status Pane Signaling Settings PaneSupercluster Status Pane Alert User Login History PaneAlerts Cluster cluster is orphaned No clusters assigned to list of territories Polycom, Inc 344 Formatted string from server See also Alerts on Zero enterprise conference rooms exist on cluster cluster Polycom, Inc 348 Polycom, Inc 349 Polycom, Inc 350 Cluster cluster The server certificate has expired Certificates. See also Cluster cluster One or more CA certificates have expired Polycom, Inc 353 Cannot connect to licensing server lserver for cluster DMA is not licensed for any calls Cluster cluster a private network error exists on server Polycom, Inc 356 Polycom, Inc 357 Cluster cluster System version differs between servers Server server CPU utilization 50% and 75%Server server CPU utilization 75% Polycom, Inc 359 Cluster cluster Local users differ between servers MCU MCUname has count warnings MCU MCUname is currently out of serviceMCU MCUname is currently busied out MCU MCUname disconnected MCU mcu disconnect rate is 1 MCU mcu call failure rate is MCU mcu disconnect rate isMCU mcu call failure rate is 0.4 MCU mcu is connected with no port capacity No territories configured to host conference rooms Conference VMR on MCU MCU failed to start reason Ongoing conference VMR on MCU MCU failed reason Polycom, Inc 367 Polycom, Inc 368 Polycom, Inc 369 System Log Files Date and time that the log file archive was created To manually roll the system logs System Logs ProceduresTo download a log archive to your PC or workstation To delete a system log archive Traceroute Troubleshooting UtilitiesPing Top NTP Status Diagnostics for your Dell ServerStats Backing Up and Restoring Confirm Restore Dialog Box SHA1 Actions list, click Download Selected Backup and Restore ProceduresTo download a backup file Go to Maintenance Backup and Restore To create a new backup fileTo upload a backup file To restore from a backup file on the cluster Page Upgrading the Software Following table describes the parts of the Software Upgrade Go to Maintenance Software Upgrade Basic Upgrade ProceduresTo install an upgrade Return to Maintenance Software Upgrade To roll back an upgrade, restoring the previous version Polycom, Inc 385 Incompatible Software Version Supercluster Upgrades Factors to Consider for an Incremental Supercluster Upgrade Simplified Supercluster Upgrade Complete Service Outage Polycom, Inc 388 Polycom, Inc 389 Complex Supercluster Upgrade Some Service Maintained Adding a Second Server Expanding an Unpatched System Expanding a Patched System To replace a failed server in a two-server cluster Replacing a Failed ServerShutting Down and Restarting To start up a shut-down cluster Go to Maintenance Shutdown and RestartTo restart or shut down one or both servers in a cluster Alert History Call History Originator Dial String Destination Start Time End Time Conference History Export History Export History Associated Calls Conference Events Property Changes Call Record Layouts Call Detail Records CDRsExporting CDR Data To download CDRs YYYY-MM-DDTHHMMSS.FFF+-ZHHMM 1024+768+384 Conference Room Dialog Box on 486BUSY Here 720p30 Conference Record Layouts Conf Conference room VMR see Edit Conference Room Dialog Box on Polycom RealPresence DMA System onValue from the Conference room pass-through to CDR field Registration History Report Registration History Procedures To find a device or devices Active Directory Integration Report Groups with Partially Loaded or No Membership Information Active Directory IntegrationAll Domains To remove orphaned group data from the system Orphaned Groups and Users ProceduresOrphaned Groups and Users Report To remove orphaned user data from the system Conference Room Errors Report Exporting Conference Room Errors Data To download conference room errors data Enterprise Passcode Errors Report Network Usage Report Exporting Enterprise Passcode Errors DataTo download enterprise passcode errors data Exporting Network Usage Data Field Description To download network usage data Snmp Overview Snmp Framework Snmp Versions Configure SnmpSnmp Notifications Go to Admin Local Cluster Snmp Settings Enable the Snmp AgentTo enable the Snmp agent Setting Description To add a notification user Go to Admin Local Cluster Snmp Settings Click Add UserAdd an Snmp Notification User To add an Snmp notification agent to the system Edit Notification User Dialog BoxAdd an Snmp Notification Agent Click Add Agent Edit Notification Agent Dialog Box Available Snmp MIBs Go to Admin Snmp Settings Click Download MIBsDownload MIBs To download the MIB package for a DMA system