TANDBERG D14049.01 About Security, Security, Enabling Security

D 14046.01

07.2007 126

TANDBERG VIDEO COMMUNICATION SERVER

ADMINISTRATOR GUIDE

Text goes here

Introduction Getting

Started

System

Overview

System

Configuration

H.323 & SIP

Configuration

Registration

Control

Zones and

Neighbors

Call

Processing

Firewall

Traversal

Bandwidth

Control Maintenance Appe ndices

TANDBERG VIDEO COMMUNICATION SERVER

ADMINISTRATOR GUIDE

Maintenance

About Security

For extra security, you may wish to h ave the

VCS communicate with other syst ems (e.g.

servers such as LDAP ser vers or clients such

as SIP endpoints) using TLS encr yption.

For this to work successfully in a c onnection

between a client and server :

the server must have a cert ificate installed

that verifies its identit y. This certificate

must be signed by a Certific ate Authority

(CA).

the client must trust the CA that si gned the

certificate used by the se rver.

The VCS allows you to install appropr iate files

so that it can act as either a client or a s erver

in connections using TLS.

•

Select the file containing tr usted CA...

Allows you to upload a PEM file that ide ntifies

the list of Certificate Aut horities trusted by

the VCS. The VCS will only accept ce rtificates

signed by a CA on this list. If you are

connecting to an LDAP databa se using TLS

encryption, the cer tificate used by the LDAP

database must be signed by a CA on th is list.

Upload CA certificate

Click here once you have selecte d the file to

upload it.

Select the server private key f ile

Allows you to upload a PEM file that ide ntifies

the private key used to encry pt the server

certificate used by the VC S. This private key

must not be password protected.

Select the server certi ficate file

Allows you to uploads PEM file that

contains the server cer tificate used for

HTTPS connections to the VC S from user

or administrator web browsers, a nd by SIP

endpoints or servers con necting to the VCS

over TLS.

Download server certif icate

Provides you with the PEM file con taining the

certificate used by the VC S to identify itself to

SIP and HTTPS clients when c ommunicating

over SSL/TLS.

Maintenance

SecurityEnabling Security

The files that enable secure c onnections over

TLS are installed via the web inter face. They

cannot be installed using the CL I.

To enable security using the web inte rface:

Maintenance > Security.

You will be taken to the Security page.

•

Upload server certifi cate data

Click here once you have selecte d the files to

upload them.