Manuals / Polycom / Communications / IP Phone

Polycom SIP 3.0.2 Setting Up Security Features, Local User and Administrator Privilege Levels

Models: SIP 3.0.2

1 288

Download 288 pages 39.04 Kb

Page 101

Configuring Your System

The RTCP XR packets are complaint with RFC 3611 - RTP Control Extended Reports (RTCP XR). The packets are sent to a report collector as specified in draft RFC draft-ietf_sipping_rtcp-summary-02.

Three types of quality reports can be enabled:

•Alert—Generated when the call quality degrades below a configurable threshold.

•Periodic—Generated during a call at a configurable period.

•Session—Generated at the end of a call.

A wide range of performance metrics are generated. Some are based on current values, such as jitter buffer nominal delay and round trip delay, while others cover the time period from the beginning of the call until the report is sent, such as network packet loss. Some metrics are computed using other metrics as input, such as listening Mean Opinion Score (MOS), conversational MOS, listening R-factor, and conversational R-factor.

Configuration changes can performed centrally at the boot server:

Central	Configuration file:	Specify the location of the central report collector, how often the
(boot server)	sip.cfg	reports are generated, and the warning and critical threshold values
		that will cause generation of alert reports.
		•	For more information, refer to Quality Monitoring <quality
			monitoring/> on page A-47.

Setting Up Security Features

This section provides information for making configuration changes for the following security-related features:

•Local User and Administrator Privilege Levels

•Custom Certificates

•Incoming Signaling Validation

•Configuration File Encryption

Local User and Administrator Privilege Levels

Several local settings menus are protected with two privilege levels, user and administrator, each with its own password. The phone will prompt for either the user or administrator password before granting access to the various menu options. When the user password is requested, the administrator password will also work. The web server is protected by the administrator password (refer to Configuring SoundPoint IP / SoundStation IP Phones Locally on page 4-55).

4 - 53

Image 101

Polycom SIP 3.0.2 manual Setting Up Security Features, Local User and Administrator Privilege Levels

Contents

SIP Copyright Notice DisclaimerAbout This Guide Administrator’s Guide SoundPoint IP / SoundStation IP Contents Administrator’s Guide SoundPoint IP / SoundStation IP Troubleshooting Your SoundPoint IP / SoundStation IP Phones Viii Contents Administrator’s Guide SoundPoint IP / SoundStation IP SoundStation IP Conference Phone SoundPoint IP Desktop PhonesIP 320/330 IP 550/560 IP 600/601 SoundPoint IP Desktop Phones SoundPoint IP SoundPoint IP 550/560 SoundPoint IP 600/601 SoundStation IP Conference PhoneCurrently supported conference phone is SoundStation IP Key Features of Your SoundPoint IP / SoundStation IP PhonesSoundPoint IP 600 Overview SoundPoint IP / SoundStation IP Phones on Where SoundPoint IP / SoundStation IP Phones FitSession Initiation Protocol Application Architecture BootROMApplication Master Configuration Files Application Configuration Files ConfigurationApplication Configuration Files Resource Files Ring tones Synthesized tones Contact directories Available FeaturesOverview Microsoft Live Communications Server Overview Administrator’s Guide SoundPoint IP / SoundStation IP Configured in your network Setting up Your SystemDhcp or Manual TCP/IP Setup Setting Up the NetworkFor more information on Dhcp options, go to FTP Tftp Http Https Supported Provisioning ProtocolsMain Menu Dhcp Menu Server Menu Ethernet Menu Syslog Menu Modifying the Network ConfigurationCertificate Authority List on page C-1 Name Possible Values Description Dhcp Client EM PowerDhcp Menu Phone IP AddressPossible Name Values Description MenuMenu Or later. Passive FTP is still supported Name Possible Values DescriptionUsing the method specified in RFC Password these characters if they are correctly escapedPassword, this will be ignored This will be ignoredCDP Ethernet menuTLS=3 Setting Up the Boot ServerCreate account and home directory Information, contact your Certified Polycom ResellerEach phone may open multiple connections to the server MAC-address.cfgRead-only These permissions, but will not be able to upload filesMaintain the same folder hierarchy Distribution zip file containsTo deploy phones from the boot server Deploying Phones From the Boot ServerPhoneMACaddress.cfg Configuration on page A-4SIP/ on page A-10 Upgrading SIP Application Configuration files used by the boot server are loggedPermitted You can now instruct your users to start making callsSupporting SoundPoint IP and SoundStation IP Phones APPFILEPATH=sip.ld Supporting SoundPoint IP 300 and 500 PhonesPhone1212.cfg, sip212.cfg Earlier releases from the boot serverThis chapter also provides instructions on Setting Up Basic FeaturesConfiguring SoundPoint IP / SoundStation IP Phones Locally Administrator’s Guide SoundPoint IP / SoundStation IP Call Waiting Call TimerCall Log Missed Call Notification Called Party IdentificationCalling Party Identification Central boot server Context Sensitive Volume ControlConnected Party Identification Customizable Audio Sound EffectsDistinctive Incoming Call Treatment Message Waiting IndicationDistinctive Call Waiting Distinctive RingingAddress-directory Xml LocalDo Not Disturb Local Contact Directory Handset, Headset, and SpeakerphoneXml DirectOry.xml LnSmith/ln FnBill/fn Ct1003/ct Sd3/sd Rt3/rt Ad0/ad LnDoe/ln FnJohn/fn Ct1001/ct Sd1/sd Rt1/rt Ad0/adDirectory Element Permitted Values InterpretationAuto-reject Local Digit MapSpeed Dial Microphone MuteSoft Key Activated User Interface Time and Date Display Boot server EthernetIdle Display Animation Ethernet SwitchWhich background appear on their phone Graphic Display BackgroundsBg.gf.gray.3.name=polycom.bmp Automatic Off-Hook Call PlacementCall Hold Call Transfer Manage Conferences Local / Centralized ConferencingCall Forward Group Call Pick-Up Directed Call Pick-UpLast Call Return Setting Up Advanced FeaturesCall Park/Retrieve Configurable Feature Keys Multiple Line Keys per Registration Feature Key Layouts on page C-10Shared Call Appearances Multiple Call AppearancesBridged Line Appearance Busy Lamp Field Refer to Bridged Line Appearance Signaling on page B-10Central boot Customizable Fonts and IndicatorsInstant Messaging Attendant.uriMultilingual User Interface Microbrowser Downloadable FontsSynthesized Call Progress Tones Real-Time Transport Protocol Ports Corporate Directory Network Address TranslationPersistency This section contains the following informationCorporate Directory Ldap Attributes Recording and Playback of Audio Calls Voice Mail Integration IP 4000 supports a single registration Multiple RegistrationsAutomatic Call Distribution Depends on support from a SIP server Server RedundancyFor Outgoing Calls Invite Fallback Reg.1.server.1.address=voipserver.serviceprovider.com Phone ConfigurationPhone Operation for Registration Presence Boot server Address-directoryMicrosoft Live Communications Server 2005 Integration Masking, the automatic behaviorConfiguration File Examples Refer to Roaming Privacy roamingprivacy/ on page A-104 Refer to Roaming Buddies roamingbuddies/ on page A-104Set the reg.x.server.y.address to the LCS server name Save the modified phone1.cfg configuration fileSet reg.x.auth.password to the LCS password Low-Delay Audio Packet Transmission Setting Up Audio FeaturesVoice Activity Detection Jitter Buffer and Packet Error ConcealmentDtmf Event RTP Payload Acoustic Echo CancellationDtmf Tone Generation Effective Audio CodecsFollowing table summarizes the phone’s audio codec support Background Noise Suppression IP Type-of-ServiceComfort Noise Fill Automatic Gain Control600, 601, and 650 and the SoundStation IP Ieee 802.1p/QVoice Quality Monitoring Local User and Administrator Privilege Levels Setting Up Security FeaturesCustom Certificates Incoming Signaling ValidationConfiguration changes can performed locally Device.cfg Configuring SoundPoint IP / SoundStation IP Phones LocallyConfiguration File Encryption Passwords Troubleshooting Your SoundPoint IP / SoundStation IP Phones BootROM Error Messages Error MessagesApplication Error Messages Log Files Status MenuApplication Logging Options Scheduled Logging Following figure shows a portion of a boot log file Reading a Boot LogFollowing figure shows a portion of an application log file Reading an Application LogSymptom Problem Corrective Action Power and StartupControls Access to Screens and Systems Calling Phone on page C-9 DisplaysUpgrading AudioConfiguration Files Master Configuration Files Configuration Files CONFIGFILES=phone1MACADDRESS.cfg, sip.cfg MISCFILES= Application ConfigurationConfiguration Files Protocol volpProt This configuration attribute is defined as followsResource res Microbrowser mb This attribute includesVoIpProt.server.x.transport is set to If voIpProt.server.x.address is aIf voIpProt.server.x.transport is set to If voIpProt.server.x.address is an IPVoIpProt.server.x.address is an IP VoIpProt.SIP.lcs To 1 default is Parameter if set to 1 when the parameterPermitted Attribute Values Default Interpretation Reg.x.auth.optimizedInFailover takes This attribute also includesOutbound Proxy outboundProxy Alert Information alertInfo Due to the additional signaling requiredRequest Validation requestValidation May have a negative performance impactSpecial Events specialEvent Conference Setup conferenceAttribute Permitted Default Interpretation Values Considered a dial from directory Dial Plan dialplanDialplan.applyToCallListDial Digit Map digitmap Routing routing This attributes also includesServer server Emergency emergency Attribute Permitted Values Default InterpretationServer server Localization lclEmergency emergency Multilingual ml Date and Time datetimeLcl.ml.lang.menu.1 Attribute Permitted Values InterpretationLcl.ml.lang.menu.2 Lcl.ml.lang.menu.3Lcl.datetime.date.dateTop Lcl.datetime.date.longFormat+FF00 U+FFFF Permitted Attribute Values Interpretation User Preferences upDual Tone Multi-Frequency Dtmf Chord-Sets chord Tones tonesOnIntensity, it will be replaced with OnIntensity valueDisabled Only be enabled when tone.dtmf.viaRtp isBe enabled when tone.dtmf.viaRtp is Ringer, or misc Sampled Audio for Sound Effects safFollowing table, x is the sampled audio file number Sound Effects seWave file format Tftp//host/pathnamefilename, for exampleInstruction Meaning Example Patterns pat Ring type rtCall progress Use within phone Pattern number Miscellaneous PatternsCall Progress Patterns Call progress Pattern number Use within phone Ringer pattern number Default descriptionRinger Patterns Miscellaneous Pattern number Use within phone Miscellaneous PatternsPatterns on page A-31 SequentialVoice Settings voice These codecs include Following voice codecs are supportedCodec Preferences codecPref Codec Profiles audioProfile Codec Preferences codecPrefCodec Profiles audioProfile Attribute Default Attribute Default Attribute Default Acoustic Echo Cancellation aec Acoustic Echo Suppression aes Background Noise Suppression ns Feature Attribute Default Transmit Equalization txEq Voice Activity Detection vad Central Report Collector collector If voice.vadEnable is set to 0, add attribute lineWhen Alert Reports alertNable.periodic is set 1, since Periodic reports are sent throughoutRTCP-XR rtcpxr Ethernet Ieee 802.1p/Q ethernet IP TOS IP Quality of Service QOSRTP RTP Call Control callControl Other other Call Control callControlRTP rtp RTP rtp Call Control callControlQos.ip.callControl… Basic TCP/IP TcpipAttribute Permitted Default Values Permitted Attribute Values Default Interpretation Start.dayOfWeek If fixedDayEnable is set toStart.date is ignored Stop.dayOfWeekRTP rtp Must be enabled for this to workTcpIpApp.port.rtp.filterByIp TcpIpApp.port.rtp.filterByPortValue that is out of range, Default value is usedWeb Server httpd Configuration cfg Call Handling Configuration callIf call.stickyAutoLineSeize is set to 1, this Reg.x.callsPerLineKey. Refer to RegistrationServers Shared Calls shared Hold, Local Reminder hold/localReminderSoundPoint IP 330/320 only Local Directory local Corporate Directory corp Directory dirReplaced by 2X the value Platform, this value is internallyCorporate Directory corp Used for display purposes only Dir.corp.viewPersistence Presence presSoundPoint IP 550, 600, 601, Fonts fontSoundPoint IP 320, 330, 430, 500 IP330 font IP330 IP400 font IP400 Keys key Functions Backgrounds bgFollowing table lists the functions that are available Bitmaps bitmap Indicators indFollowing indicators are used by the phone Platform IP300/, IP 330/, IP400 Attribute Permitted Interpretation Values Following table, x is the LED number LEDs ledLevel Interpretation Event Logging logType Example Three formats are available for the event timestampTwo types of logging are supported You do not change this value Log.render.level maps toServer is set up for this Support append mode unlessUploaded if no new events have Been logged since the last uploadSecurity sec Encryption encryption Password Lengths pwd/lengthLicense license RAM Disk ramdisk Provisioning provYou do not change these PlatformValue Delay delayRequest request Feature feature Finder finder Quotas quotas Resource resInternally replaced by 2X the value Is internally replaced by 2X the valueMicrobrowser mb Miscellaneous XML errors can occur onSoundPoint IP 430, 501, 550, 560, 600 650 and SoundStation IP 4000 phonesFunction is selected If mb.main.idleTimeoutDetrimental effect on performance of the phone Parameters include Per-Phone ConfigurationRegistration reg Permitted Attribute Values Default Interpretation Parameters will override the parameters Is non-Null, all of the reg.x.server.y.xxxSpecified in sip.cfg in Server server/ on A-7Refer to Call Handling Configuration call Calls call If reg.x.serverFeatureControl.cf is notDo Not Disturb donotdisturb If call.missedCallTracking.x.enabled is Diversion divert Forwarding is enabled, thisParameter is enabled Divert.x.contact will be Calls can be automatically diverted when the phone is busyDialplan.x.digitmap is not Enabled, this parameter isServer-base call forwarding is Dialplan.x.applyToUserDial When present, and if Digit Map digitmap/ on Messaging msg Message Waiting Indicator mwiNetwork Address Translation nat Attendant attendant VoIpProt.local.signalPort in sip.cfgRoaming Privacy roamingprivacy Roaming Buddies roamingbuddiesValue 0 if the call server is Microsoft Live Communications ServerUser Preferences userpreferences Flash Parameter ConfigurationFor example, if device.net.ipAddress.set = EnabledThis flash attributes are defined as follows Name Possible Values Description Refer to Basic Logging level/change/ Session Initiation Protocol SIP RFC and Internet Draft Support Method Supported Request SupportFollowing SIP request messages are supported Header Supported Header SupportFollowing SIP request headers are supported Header Supported Response Supported Response SupportFollowing SIP responses are supported 3xx Responses Redirection 5xx Responses Server Failure Reliability of Provisional Responses Hold ImplementationTransfer Third Party Call ControlBridged Line Appearance Signaling Shared Call Appearance SignalingTrusted Certificate Authority List Miscellaneous Administrative TasksAdministrator’s Guide SoundPoint IP / SoundStation IP Encrypting Configuration Files Administrator’s Guide SoundPoint IP / SoundStation IP Changing the Key on the Phone Adding a Background LogoColor RGB Values Decimal Hexadecimal Model Width Height Color DepthRGB Values BootROM/SIP Application Dependencies Migration Dependencies Model BootROM SIP ApplicationMultiple Key Combinations IP 4000 Menu, Exit, Off-hook/Hands-free, Redial Default Feature Key LayoutsSoundStation IP 4000 models SoundPoint IPSoundPoint IP 320/330 SoundPoint IP OPER0 14 # 12 11OPER Key ID SoundPoint IP 550/560/600/601/650 SoundStation IP VLAN-A=10 VLAN-A=0x0a VLAN-A=012 Assigning a Vlan ID Using DhcpParsing Vendor ID Information Administrator’s Guide SoundPoint IP / SoundStation IP Third Party Software Administrator’s Guide SoundPoint IP / SoundStation IP Zlib Copyright and Permission Notice Third Party Software Administrator’s Guide SoundPoint IP / SoundStation IP Numerics IndexAdministrator’s Guide SoundPoint IP / SoundStation IP Dhcp Administrator’s Guide SoundPoint IP / SoundStation IP SIP Administrator’s Guide SoundPoint IP / SoundStation IP Addendum to SIP 3.0 Administrator’s Guide No feature keys on the SoundStation IP 7000 can be remapped New or Changed FeaturesDistribution Zip File Managing ConferencesSIREN22 Single RegistrationDaisy-Chaining Phones Treble/Bass ControlsProvisioning Phones Over CLink Configuration File ChangesThese configuration attributes are defined as follows This new configuration attribute is defined as followsThese new codecs include Voice Coding Algorithms codecsCodec Preferences codecPref Codec Profiles audioProfile Receive Equalization rxEq Gains gainTransmit Equalization txEq These new configuration attributes are defined as followsMultiple Key Combinations and Default Key Layout Key ID Administrator’s Guide Addendum for the SoundStation IP Addendum to SIP 3.0 Administrator’s Guide No feature keys on the SoundStation IP 6000 can be remapped Two-way audio would take over 100kbps Codec Preferences codecPref Codecs includeGains gain Multiple Key Combinations and Default Key Layout Key ID Function Administrator’s Guide Addendum for the SoundStation IP