Polycom RMX 1500, DOC2702A Ultra Secure Mode, Using the Information Collector

Polycom RealPresence Collaboration Server (RMX) 1500/2000/4000 Administrator’s Guide

21-58 Polycom, Inc.

The data collected is saved into a single compressed file containing all the information from

each system component in its relative format (.txt, .xml, etc...). In case the disk is

malfunctioning, the file will be written to the RAM (involves only a small amount of

information where the RAM size is 1/2 a gigabyte). The zipped file (info.tgz) can be opened

with the following applications: WinRAR and WinZip. The entire zipped file is then sent to

Polycom’s Network Systems Division for analysis and troubleshooting.

Ultra Secure Mode

The Information Collector logs information from the RMX’s Network Intrusion Detection System

(NIDS), saving it into a compressed disk file. (If the disk malfunctions, the file is written to

RAM.) The zipped file (info.tgz) can be opened with either WinRAR or WinZip. The entire

zipped file can be sent to Polycom for analysis.

The RMX system uses iptables for access control. For each different kind of packet

processing, there is a table containing chained rules for the treatment of packets. Every

network packet arriving at or leaving from the RMX must pass the rules applicable to it.

Depending on the nature of the suspect packets, the rules may reject, drop, or limit their

arrival rate (dropping the rest).

The RMX maintains a log that includes all unpermitted access attempts blocked by the fire

wall.

Unpermitted access includes:

• Access to ports which are not opened on the RMX.

• Invalid access to open ports.

When the Information Collector is used the following steps are performed:

•Step 1: Creating the Information Collector file.

•Step 2: Saving the Information Collector file.

•Step 3: Viewing the information in the Information Collector file.