System Security
Polycom, Inc. 54
To change the security settings 1Go to Admin > Local Cluster > Security Settings.
2To switch from a custom setting back to the recommended security mode, click High security.
3To switch from the recommended security mode to a custom setting:
aClick Custom security.
bCheck the unsecured network access method(s) that you want to enable.
4Click Update.
A dialog box informs you that the configuration has been updated.
5Click OK.
The following settings may be configured in any security mode.
Skip certificate validation for user
login sessions
This option may be configured in any security mode.
If this option is turned off, you can only connect to the Polycom RealPresence
DMA system if your browser presents a client certificate issued by a CA that
the system trusts (this is known as mTLS for administrative connections).
Turn this option off only if:
•You’ve implemented a complete public key infrastructure (PKI) system,
including a CA server, client software (and optionally hardware, tokens, or
smartcards), and the appropriate operational procedures.
•The CA’s public certificate is installed in the Polycom RealPresence DMA
system so that it trusts the CA.
•All authorized users, including yourself, have a client certificate signed by
the CA that authenticates them to the Polycom RealPresence DMA
system.
Allow forwarding of IPv6 ICMP
destination unreachable
messages
This option may be configured in any security mode.
If this option is off, the Polycom RealPresence DMA system has an internal
firewall rule that blocks outbound destination unreachable messages.
If this option is on, that firewall rule is disabled.
Note: The Polycom RealPresence DMA system currently doesn’t send such
messages, regardless of this setting.
Allow IPv6 ICMP echo reply
messages to multicast addresses
This option may be configured in any security mode.
If this option is off, the Polycom RealPresence DMA system doesn't reply to
echo request messages sent to multicast addresses (multicast pings).
If this option is on, the system responds to multicast pings.
Note: Skip Certificate Validation for User Login Sessions is Automatically Re-Enabled
If you turn off Skip certificate validation for user login sessions, the system notifies you that if you
don’t log back in within 5 minutes, the setting will be automatically turned back on. This is a safety
precaution to ensure that at least one user is still able to access the system.
Field Description