Manuals / Polycom / Computer Equipment / Network Router

Polycom 7000 manual Certificate Settings, Column Description

Models: 7000

1 437

Download 437 pages 17.13 Kb

Page 41

System Security

Certificate Settings

The following table describes the fields on the Certificate Settings page.

Column	Description

Enable OCSP	Enables the use of Online Certificate Status Protocol as a means of obtaining the
	revocation status of a certificate presented to the system.
	If OCSP responder URL is not specified, the system checks the certificate’s
	AuthorityInfoAccess (AIA) extension fields for the location of an OCSP responder:
	• If there is none, the certificate fails validation.
	• Otherwise, the system sends the OCSP request to the responder identified in the
	certificate.
	If OCSP responder URL is specified, the system sends the OCSP request to that
	responder.
	The responder returns a message indicating whether the certificate is good, revoked, or
	unknown.
	If OCSP certificate is specified, the response message must be signed by the specified
	certificate’s private key.

OCSP responder URL	Identifies the responder to be used for all OCSP requests, overriding the AIA field
	values.
	If OCSP certificate is specified, the response message must be signed by the specified
	certificate’s private key.

OCSP certificate	Select a certificate to require OCSP response messages to be signed by the specified
	certificate’s private key.

Store OCSP	Saves the OCSP configuration.
Configuration

Identifier	Common name of the certificate.

Purpose	Kind of certificate:
	• Server SSL is the RealPresence DMA system’s public certificate, which it presents to
	identify itself. By default, this is a self-signed certificate, not trusted by other devices.
	• Trusted Root CA is the root certificate of a certificate authority that the RealPresence
	DMA system trusts.
	• Intermediate CA is a CA certificate that trusted root CAs issue themselves to sign
	certificate signing requests (reducing the likelihood of their root certificate being
	compromised). If the RealPresence DMA system trusts the root CA, then the chain
	consisting of it, its intermediate CA certificates, and the server certificate will all be
	trusted.

Expiration	Expiration date of certificate.

Polycom, Inc.

41

Image 41

Polycom 7000 manual Certificate Settings, Column Description

Contents

Polycom RealPresence DMA 7000 System Page Contents System Security Local Cluster ConfigurationDevice Management Integrations with Other Systems MCU ManagementSuperclustering Conference Manager ConfigurationSite Topology Call Server ConfigurationUsers and Groups System Management and MaintenanceContents 361 Polycom RealPresence DMA System Snmp Support System ReportsConference Manager Introduction to the Polycom RealPresence DMA SystemPolycom RealPresence DMA System’s Primary Functions RealPresence Platform API Call ServerSVC Conferencing Support Two-server Cluster Configuration Polycom RealPresence DMA System’s Three ConfigurationsSingle-server Configuration System Capabilities and Constraints System Port Usage SettingsPort Protocol Description Embedded DNSSend Usage Data Accessing the Polycom RealPresence DMA System Polycom Solution SupportWorking in the Polycom RealPresence DMA System Field Input RequirementsMenu/Icon Admin Provisioner Auditor Settings DialogMenu/Icon Admin Provisioner Auditor Menu/Icon Admin Provisioner Auditor Menu/Icon Admin Provisioner Auditor License Information Open Source SoftwareModifying Open Source Code To replace an Lgpl library with your modified versionConfirming configuration System configurationAdditional DNS Records for SIP Proxy Additional DNS Records for the H.323 Gatekeeper Additional DNS Records for the Optional Embedded DNS FeatureLicense the RealPresence DMA System, Appliance Edition License the Polycom RealPresence DMA SystemVerify That DNS Is Working for All Addresses License the RealPresence DMA System, Virtual Edition Set Up SignalingSet Up Security Set Up MCUs Connect to Microsoft Active Directory Set Up Conference Templates Test the System How Certificates Work Security Certificates OverviewDER System Security Frequently Asked Questions Column Description Certificate SettingsField Description Certificate Information DialogCertificate Signing Request Dialog Section Description Add Certificates DialogCertificate Details Dialog Install a Certificate Authority’s Certificate Certificate ProceduresTo install a certificate for a trusted root CA Go to Admin Local Cluster CertificatesActions list, select Add Certificates To create a certificate signing requestActions list, select Display Details Actions list, select Create Certificate Signing RequestInstall a Certificate in the RealPresence DMA System To remove a Trusted Root CA’s certificate Remove a Certificate from the RealPresence DMA SystemCertificate Details dialog appears Security SettingsActions list, select Delete Certificate Custom security Field Description Maximum securityHigh security Servers, not to allow ongoing use of unencrypted connections Server in the Polycom RealPresence DMA system Go to Admin Local Cluster Security Settings To change the security settingsOn the Troubleshooting Utilities menu, Top is removed Consequences of Enabling Maximum Security ModeSystem Security Login Policy Settings Field Description Password Management Local PasswordPassword Complexity SessionUnlimited Local User AccountField Description Account Lockout Account InactivityCustom Access Policy SettingsBanner To reset system passwords Reset System PasswordsWait a few minutes to log back in. See also Network Settings Local Cluster ConfigurationField Description Dhcp ServerTurn on Auto-negotiation or set Speed and Duplex manually SettingsField Description Shared Management Network General System Network Shared Signaling NetworkIPv6address%eth0 Routing Configuration DialogTime Settings Licenses for the Appliance Edition LicensesField Description Active License Activation KeysLicenses for the Virtual Edition Cluster Network SettingsSee Automatically Send Usage Data for more information DMA HostSIP Signaling Signaling SettingsUntrusted SIP Call Handling Configuration Device AuthenticationSIP Device Authentication Field Description Settings Signaling Settings FieldsSIP Settings Field Add Guest Port DialogEdit Guest Port Dialog Security Settings page. See Security SettingsAdd Guest Prefix Dialog Edit Guest Prefix Dialog Logging SettingsAlerting Settings Alert ID Threshold Condition Description Local Cluster Configuration ProceduresAdd Licenses To request a software activation key code for each server Go to Admin Local Cluster LicensesTo enter license activation key codes Select Product ActivationGo to Admin Local Cluster Signaling Settings Configure SignalingTo configure signaling Under Unauthorized prefixes, click Add Under Unauthorized ports, click AddAutomatically Send Usage Data Configure LoggingTo configure logging To see the collected data Enable or Disable Automatic Data CollectionSee the Collected Data Active Calls Device ManagementCall Details Dialog Tab/Field/Column Description Call Info Tab/Field/Column Description Bandwidth On the Call Server SettingsCall Events Subscription EventsQoS EndpointsTab/Field/Column Description Property Changes Registration policy script see Registration Policy Registration Policy Server SettingsCommand Description Registrations Names/Aliases in a Mixed H.323 and SIP EnvironmentDevice Management Add Endpoint Dialog Edit Device Dialog Edit Devices Dialog Add Alias Dialog Site StatisticsEdit Alias Dialog Associate User DialogSite Link Statistics Column External GatekeeperColumn Description External Gatekeeper Authentication ModeAdd External Gatekeeper Dialog Postliminary Edit External Gatekeeper DialogThis script to open the Script Debugging Dialog for Multiple External SIP Peers External SIP PeerField Description External SIP Peers Add External SIP Peer DialogUDP Domain List Field Description Postliminary AuthenticationTemporarily select Use customized script To header optionsLync Integration Field Description External SIP Peer Edit External SIP Peer DialogExternal Registrations Host/domain name Routed to this peer server Polycom, Inc 112 Lync Integration External Registration SIP Peer Postliminary Output Format OptionsTo Header Format Options Request-URI Header Format Options Default To header for Microsoft. Equivalent to templateVariable Description Default Request-URI for Microsoft Equivalent to templateFree Form Template Variables Original Request-URI Header Template Result To Header and Request-URI Header ExamplesOriginal To Header Template Result Edit Authentication Dialog Add Authentication DialogTemplate Variables Add Outbound Registration DialogEdit Outbound Registration Dialog External H.323 SBC Column Description External H.323 SBC Add External H.323 SBC DialogEdit External H.323 SBC Dialog Polycom, Inc 124 MCUs MCU ManagementPage Polycom, Inc 127 See SVC Conferencing Support Policy Not to make or receive calls Field Description External MCU Add MCU DialogManagement IP address Gateway Selection Process Prefix DialogMedia IP Addresses Gateway ProfilesEdit MCU Dialog Management IP address Polycom, Inc 137 Polycom, Inc 138 Edit Session Profile Dialog Add Session Profile DialogIsdn Gateway Selection Process MCU ProceduresTo view information about an MCU To add an MCUTo edit an MCU To delete an MCU MCU Pools Edit MCU Pool Dialog CommandAdd MCU Pool Dialog To add an MCU Pool MCU Pool ProceduresTo edit an MCU Pool To delete an MCU PoolMCU Pool Orders Add MCU Pool Order Dialog MCU Selection Process Edit MCU Pool Order DialogMCU Availability and Reliability Tracking 24% To view the MCU Pool Orders list MCU Pool Order ProceduresTo add an MCU Pool Order To edit an MCU Pool OrderTo delete an MCU Pool Order Microsoft Active Directory Integration Integrations with Other SystemsMicrosoft Active Directory Field Description Connection Status Field Description Active Directory Connection Conference SettingsEnterprise Conference Room ID Generation Understanding Base DNEnterprise Chairperson and Conference Passcode Generation To integrate with Active Directory Active Directory Integration ProcedurePolycom, Inc 160 Understanding Base DN Polycom, Inc 162 Adding Passcodes for Enterprise Users About the System’s Directory Queries When you click Update on the Microsoft Active DirectoryGlobal Group Membership Search User SearchGroup Search Domain Search Configurable Attribute Domain SearchAttribute Replication Search Microsoft Lync 2013 Integration Service Account SearchScheduled Conferences with Polycom RealConnect Lync 2010 vs. Lync 2013 IntegrationActive Directory Service Account Permissions Automatic Contact Creation and ConfigurationConsiderations and Requirements for Lync 2013 Integration Lync and non-Lync Endpoint CollaborationIntegrate RealPresence DMA and Lync Lync 2010 and 2013 Client / Server Feature SupportMicrosoft Exchange Server Integration Diagnose Presence ProblemsMicrosoft Exchange Server Polycom Solution and Integration SupportDifferences between Calendaring and Scheduling Exchange Server Integration Procedure RealPresence Resource Manager Integration Page RealPresence Resource Manager Join RealPresence Resource Manager Dialog RealPresence Resource Manager Integration Procedures To integrate with a RealPresence Resource Manager system Juniper Networks SRC Juniper Networks SRC IntegrationTo configure SRC integration Juniper Networks SRC Integration ProcedureConference Settings Conference Manager ConfigurationPresence Publishing Field Maximum Polycom conference contacts to publish Contacts presence settings belowCreate Polycom conference contacts check box is enabled Default Polycom Conference Contacts Presence Settings Class of ServiceRemove Contacts from Active Directory Dialog To specify conference settingsGo to Admin Conference Manager Conference Settings Select Publish presence for Polycom conference contacts Conference TemplatesTwo Types of Templates Standalone Templates Template Priority About Conference IVR ServicesCascading for Bandwidth Cascading for Size About CascadingCascading for Bandwidth Cascading for Size RMX General Settings Field Description Common SettingsConference Templates List Add Conference Template DialogMany of the MCUs have that profile for instance, 2 Cascade for bandwidth LPR RMX Video Quality Field Description RMX Gathering SettingsVideo switching is selected RMX Video Settings  Conference mode is set to AVC only TIP compatibility is set to either None or Video Only OptimizedGuide Telepresence mode is YesRMX Skins Field Description RMX Audio SettingsRMX Conference IVR See Shared Number DialingRMX Recording RMX Site NamesCisco Codian Edit Conference Template Dialog Polycom, Inc 205 Field Description LPR Field Description RMX Gathering Settings  Conference mode is set to AVC only Polycom, Inc 210 Polycom, Inc 211 RMX Site Names Cisco Codian Go to Admin Conference Manager Conference Templates Conference Templates ProceduresSelect Layout Dialog To select a video frames layoutTo edit a conference template Click the RMX General Settings tabTo change a conference template’s priority To delete a conference templateIVR Prompt Sets Prompt File Name Prompt Text Shared Number Dialing Polycom, Inc 219 Polycom, Inc 220 Add Virtual Entry Queue Dialog Conference Settings plus VEQ numberField Description Virtual Entry Queue Prompt SetsEdit Virtual Entry Queue Dialog Add Direct Dial Virtual Entry Queue DialogEdit Direct Dial Virtual Entry Queue Dialog Dialstring = sipxxx@10.33.120.58 Script Debugging Dialog for VEQ ScriptsSample Virtual Entry Queue Script About Superclustering SuperclusteringDMAs Polycom, Inc 228 Following table describes the fields on Join Supercluster Dialog To create or join a supercluster Supercluster ProceduresActions list, select Remove from Supercluster To remove a cluster from the superclusterAbout the Call Server Capabilities Call Server ConfigurationModifications Call Server SettingsField Description General Settings For the called endpoint For SIP calls gatewayed to an See External Gatekeeper Domains Field Description Gatekeeper Blacklist SettingsMycompany domains, this would not match eng.mycompany.com Dial Rules Test Dial Rules Dialog Sipsrbruce@10.47.7.9 See Edit Site Dialog Default Dial Plan and Suggestions for ModificationsRule Effect Polycom, Inc 244 H323xxxx@enterprisepartner.com Preliminary Add Dial Rule DialogField Description Dial Rule Default port of the signaling protocol Conference Manager Conference Settings Template configured in Admin Conference Manager ConferenceConference template MCU pool orderAll in parallel forking Weighted round-robinEdit Dial Rule Dialog Block Blocks the call Resolve to IP address Polycom, Inc 252 Polycom, Inc 253 Variable Initial value Preliminary/Postliminary ScriptingPredefined Preliminary/Postliminary Scripting Variables Usage example Preliminary/Postliminary Scripting FunctionsReturn value None Function name and parameters DetailsReturn value Dial rule action Output SIP headers How Dial Rule Actions Affect SIP HeadersSee Preliminary/Postliminary Scripting for a description Script Debugging Dialog for Preliminaries/PostliminariesDialstring = 99 + Dialstring Strip Prefix SIP Sample Preliminary and Postliminary ScriptsSubstitute Domain SIP Site Based Numeric Nicknames User = Callersitecountrycode + Callersiteareacode + user Hunt Groups Edit Hunt Group Dialog Add Hunt Group DialogField Description General Info Hunt Group MembersDevice Authentication Shared Outbound Authentication Inbound AuthenticationOn the Inbound Authentication tab, you can Field Description Inbound AuthenticationShared Outbound Authentication Add Device Authentication DialogRegistration Policy Edit Device Authentication DialogField Description Device Authentication Compliant Epdefinedincma Registration Policy ScriptingEPISIPV4 Regsitedigits Script Debugging Dialog for Registration Policy ScriptsSample Registration Policy Scripts Reject aliases that arent the right length otherwise accept Prefix Service Add Simplified Isdn Gateway Dialing Prefix Dialog Edit Simplified Isdn Gateway Dialing Prefix Dialog Embedded DNS Edit Vertical Service Code DialogCallservers.example.com To enable DNS publishingNumber of Records Purged History Retention SettingsRecord Type Retention Limit When Limit Is Reached History Report To configure history record retentionAbout Site Topology Site TopologyBandwidth Management Sites Field Site Info Site Information DialogAdd Site Dialog Field Description General Info General SettingsDevice Types SubnetsIsdn Number Assignment Field Description Bandwidth SettingsTerritory Settings Isdn Range Assignment for did dialing method Isdn Outbound DialingSIP Routing Isdn Range Assignment for gateway extension dialing methodRouting Subnet2 = 10.33.24.0/24 Edit Site DialogPolycom, Inc 291 Override ITU dialing rules Subnet Name Unique name of the subnet Polycom, Inc 293 Add Subnet Dialog Edit Subnet Dialog Site Links Edit Site Link Dialog Add Site Link DialogAdd Site-to-Site Exclusion Wizard Site-to-Site ExclusionsGo to Network Site Topology Site-to-Site Exclusions TerritoriesTo add a site-to-site exclusion Add Territory Dialog Edit Territory Dialog Field Cloud Info Network CloudsAdd Network Cloud Dialog Field Description Associated Sites Edit Network Cloud DialogAdd Site Link Dialog Field Cloud Info DescriptionGo to Network Site Topology Territories Site Topology Configuration ProceduresGo to Network Site Topology Sites About Site Topology Role Description User Roles OverviewAdding Users Overview Users Are in the Local domain Add User Dialog See Local PasswordSee Add User Dialog DialogAssociated Endpoints Service. See Conference SettingsRooms Dialog Conference Passcodes Edit User DialogField Description Associated Roles Prompted see Authentication Required Dialog Select Associated Endpoints Dialog Field Description Associated EndpointsConference Rooms Dialog Authentication Required DialogSelect Associated Endpoints Dialog Its conferences. See Conference Templates Add Conference Room Dialog Conference Settings Namespace, enter the value in the box below the list  Publish presence Defined on the Admin Conference Manager Conference Settings Do not publish presence  Create contact and publish presenceUser Dialog Conference see Edit Conference Template DialogEdit Conference Room Dialog Settings Polycom, Inc 324 Dial-out Participants list Edit Dial-out Participant Dialog Users ProceduresAdd Dial-out Participant Dialog To add a local user To find a user or usersTo edit a user Go to User UsersTo delete a local user Conference Rooms ProceduresTo add a conference room to a user To edit one of a user’s conference roomsTo delete one of a user’s custom conference rooms GroupsConference Templates Import Enterprise Groups Dialog See Conference SettingsEdit Group Dialog From the Search results boxTemplates Manager Conference Settings Admin Conference Manager Conference SettingsSetting on the User Users Manage Conf Rooms dialog Boxes on the Admin Conference Manager Conference SettingsActions list, click Import Enterprise Groups Enterprise Groups ProceduresTo terminate a user’s login session Login SessionsChange Password Dialog Administrator Responsibilities Management and Maintenance OverviewAuditor Best Practices Administrative Best PracticesAuditor Responsibilities Regular archive of backups Recommended Regular MaintenanceProvisioner Responsibilities General system health and capacity checksMicrosoft Active Directory health Dashboard Security configurationCertificates Network usage data exportCall Server Active Calls Pane Active Directory Integration PaneConference History Max Participants Pane Call Server Registrations PaneCluster Info Pane Conference Manager Usage Pane Conference Manager MCUs PaneJuniper Networks SRC Integration Pane Exchange Server Integration PaneLicense Status Pane Signaling Settings PaneRealPresence Resource Manager Integration Pane Supercluster Status PaneTerritory Status Pane User Login History PaneAlerts Cluster cluster is orphaned Supercluster StatusAlert No clusters assigned to list of territories Territory StatusPolycom, Inc 351 Formatted string from server Asynchronous OperationRealPresence Resource Manager System Integration Zero enterprise conference rooms exist on cluster cluster Active Directory IntegrationPolycom, Inc 354 Exchange Server Integration Database Status Lync Integration Signaling Certificates. See also CertificateCluster cluster The server certificate has expired Cluster cluster One or more CA certificates have expired Cluster cluster Cannot connect to licensing server lserver LicensesCluster cluster DMA is not licensed for any calls NetworksCluster cluster a signaling network error exists on server Cluster cluster a private network error exists on serverCluster cluster a public network error exists on server Server Resources Server server CPU utilization 50% and 75% Cluster cluster System version differs between servers Data SynchronizationServer server CPU utilization 75% Cluster cluster Local users differ between servers System Health and AvailabilityMCUs MCU MCUname has count warnings MCU MCUname is currently out of serviceMCU MCUname is currently busied out MCU mcu disconnect rate is 1 MCU MCUname is disconnectedMCU mcu disconnect rate is MCU mcu call failure rate is 0.4MCU mcu is connected with no port capacity MCU mcu call failure rate isEndpoints Polycom, Inc 373 Conference Status No territories configured to host conference roomsConference Manager Ongoing conference VMR on MCU MCU failed reason Lync Presence PublishingConference VMR on MCU MCU failed to start reason Polycom, Inc 376 Polycom, Inc 377 Call Server Cluster cluster External SIP peer sippeer is unresponsive System Log FilesCall Bandwidth Management To download a log archive to your PC or workstation System Logs ProceduresActions list, click Download Archived Logs To manually roll the system logsTo delete a system log archive Ping Troubleshooting UtilitiesTraceroute TopNTP Status Check Configuration SynchronizationTo run iostat on each server To run sar on each serverBacking Up and Restoring Diagnostics for your Polycom ServerTo check configuration synchronization SHA1 Backup and Restore Procedures Confirm Restore DialogTo create a new backup file To download a backup fileTo upload a backup file Go to Maintenance Backup and RestoreTo restore from a backup file on the cluster Shut down the system. See Shutting Down and Restarting Close the utility Upgrading the Software Following table describes the parts of the Software UpgradeBasic Upgrade Procedures Return to Maintenance Software Upgrade To install an upgradeGo to Maintenance Software Upgrade To roll back an upgrade, restoring the previous version Return to Maintenance Software Upgrade Incompatible Software Version Supercluster Upgrades Factors to Consider for an Incremental Supercluster Upgrade Simplified Supercluster Upgrade Complete Service Outage System Management and Maintenance Polycom, Inc 400 RealPresence DMA System, Virtual Edition System Upgrade Complex Supercluster Upgrade Some Service MaintainedTo upgrade a RealPresence DMA system, Virtual Edition Adding a Second ServerExpanding an Unpatched System Expanding a Patched System To replace a failed server in a two-server cluster Replacing a Failed ServerShutting Down and Restarting To start up a shut-down cluster Go to Maintenance Shutdown and RestartTo restart or shut down one or both servers in a cluster Call History Alert HistorySystem Reports Export History Conference HistoryAssociated Calls Export HistoryProperty Changes Conference EventsExporting CDR Data Call Detail Records CDRsCall Record Layouts To download CDRsYYYY-MM-DDTHHMMSS.FFF+-ZHHMM 1024+768+384 486BUSY Here Conference Room Dialog720p30 Conf Conference Record LayoutsValue from the Conference room pass-through to CDR field Polycom RealPresence DMA SystemRegistration History Report To find a device or devices Registration History ProceduresActive Directory Integration Report Groups with Partially Loaded or No Membership Information Active Directory IntegrationAll Domains Orphaned Groups and Users Report Orphaned Groups and Users ProceduresTo remove orphaned group data from the system To remove orphaned user data from the systemConference Room Errors Report To download conference room errors data Exporting Conference Room Errors DataEnterprise Passcode Errors Report Network Usage Report Exporting Enterprise Passcode Errors DataTo download enterprise passcode errors data Exporting Network Usage Data Field Description To download network usage data Snmp Framework Snmp OverviewSnmp Versions Snmp NotificationsEnable the Snmp Agent Configure SnmpTo enable the Snmp agent Go to Admin Local Cluster Snmp SettingsTo add a notification user Go to Admin Local Cluster Snmp Settings Click Add UserAdd an Snmp Notification User To add an Snmp notification agent to the system Edit Notification User DialogAdd an Snmp Notification Agent UDP. See Snmp Overview Edit Notification Agent DialogClick Add Agent Download MIBs Go to Admin Snmp Settings Click Download MIBsAvailable Snmp MIBs To download the MIB package for a DMA systemPolycom RealPresence DMA System Snmp Support