Manuals / Polycom / Personal Care / Microscope & Magnifier

Polycom 3725-76302-001O manual Subscribing endpoints are conference participants

Models: 3725-76302-001O

1 425
Download 425 pages 7.92 Kb
Page 53
Image 53

 

 

System Security

 

 

 

 

 

 

 

 

Field

Description

 

 

 

 

 

 

Skip certificate validation for

Normally, when the Polycom RealPresence DMA system connects to a

 

server connecting

server, it validates that server’s certificate.

 

 

This option configures the system to accept any certificate presented to it

 

 

without validating it.

 

 

We recommend using valid certificates for all servers that the system may

 

 

need to contact rather than enabling this option. Depending on system

 

 

configuration, this may include:

 

 

MCUs

 

 

Active Directory

 

 

Exchange

 

 

RealPresence Resource Manager or CMA system

 

 

Other RealPresence DMA systems

 

 

Endpoints

 

 

Note: Either the Common Name (CN) or Subject Alternate Name (SAN) field

 

 

of the server’s certificate must contain the address or host name specified for

 

 

the server in the Polycom RealPresence DMA system.

 

 

Polycom MCUs don't include their management IP address in the SAN field of

 

 

the CSR (Certificate Signing Request), so their certificates identify them only

 

 

by the CN. Therefore, in the Polycom RealPresence DMA system, a Polycom

 

 

MCU's management interface must be identified by the name specified in the

 

 

CN field (usually the FQDN), not by IP address.

 

 

Similarly, an Active Directory server certificate often specifies only the FQDN.

 

 

So in the Polycom RealPresence DMA system, identify the enterprise

 

 

directory by FQDN, not by IP address.

 

 

 

 

 

Allow certificate validation

Normally, during encrypted call signaling (SIP over TLS), the Polycom

 

skipping for encrypted signaling

RealPresence DMA system requires the remote party (endpoint or MCU) to

 

 

present a valid certificate. This is known as mTLS or two-way TLS.

 

 

This option configures the system to accept any certificate (or none).

 

 

We recommend installing valid certificates on your endpoints and MCUs

 

 

rather than enabling this option.

 

 

 

 

 

Allow non conference participants

The SIP SUBSCRIBE/NOTIFY conference notification service (as described

 

to receive conference events

in RFCs 3265 and 4575), allows SIP devices to subscribe to a conference and

 

 

receive conference rosters and notifications of conference events. Normally,

 

 

the subscribing endpoints are conference participants.

 

 

This option configures the system to let devices subscribe to a conference

 

 

without being participants in the conference.

 

 

Note: A subscription to a conference by a non-participant consumes a call

 

 

license. Call history doesn’t include data for non-participant subscriptions.

 

 

 

 

Polycom, Inc.

53

Page 52 Page 54
Page 53
Image 53
Polycom 3725-76302-001O manual Subscribing endpoints are conference participants
Page 52 Page 54