Security Settings; Security Audit Logging Mode; Security Audit Onerror Action; Security Audit Server Address - Cisco TelePresence SX10 Quick Set Administrator's Manual

Hide thumbs Also See for TelePresence SX10 Quick Set:

Administrator's manual (216 pages)

Reference manual (188 pages)

User manual (38 pages)

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

page of 190

/ 190
Contents
Table of Contents
Bookmarks

Table of Contents

Cisco TelePresence SX10 Quick Set



Introduction

Security settings

Security Audit Logging Mode

Define where to record or transmit the audit logs. The audit logs are sent to a syslog server.

This setting has no effect if the Logging Mode setting is set to Off.

When using the External or ExternalSecure mode you must enter the address of the audit

server in the Security Audit Server Address setting.

Requires user role: AUDIT

Default value: Internal

Value space: External/ExternalSecure/Internal/Off

External: The system sends the audit logs to an external syslog server. The syslog server

must support UDP.

ExternalSecure: The video system sends encrypted audit logs to an external syslog

server that is verified by a certificate in the Audit CA list. The Audit CA list file must be

uploaded to the video system using the web interface. The common_name parameter

of a certificate in the CA list must match the IP address or DNS name of the syslog

server, and the secure TCP server must be set up to listen for secure (TLS) TCP Syslog

messages.

Internal: The system records the audit logs to internal logs, and rotates logs when they

are full.

Off: No audit logging is performed.

D15330.14 SX10 Administrator Guide CE9.7, APRIL 2019.

Configuration

Peripherals

Maintenance

Security Audit OnError Action

Define what happens when the connection to the syslog server is lost. This setting is only

relevant when Security Audit Logging Mode is set to ExternalSecure.

Requires user role: AUDIT

Default value: Ignore

Value space: Halt/Ignore

Halt: If a halt condition is detected the system codec is rebooted and only the auditor is

allowed to operate the unit until the halt condition has passed. When the halt condition

has passed the audit logs are re-spooled to the syslog server. Halt conditions are: A

network breach (no physical link), no syslog server running (or incorrect address or port

to the syslog server), TLS authentication failed (if in use), local backup (re-spooling) log

full.

Ignore: The system will continue its normal operation, and rotate internal logs when full.

When the connection is restored it will again send its audit logs to the syslog server.

Security Audit Server Address

Set the IP address or DNS name of the syslog server that the audit logs are sent to.

This setting is only relevant when Security Audit Logging Mode is set to External or

ExternalSecure.

Requires user role: AUDIT

Default value: ""

Value space: String (0..255)

A valid IPv4 address, IPv6 address, or DNS name.

134

Administrator Guide

System settings

Appendices

Table of Contents

Chapters

Table of Contents

Security Settings; Security Audit Logging Mode; Security Audit Onerror Action; Security Audit Server Address - Cisco TelePresence SX10 Quick Set Administrator's Manual

Security settings

Security Audit Logging Mode

Security Audit OnError Action

Security Audit Server Address

Chapters

Related Manuals for Cisco TelePresence SX10 Quick Set

Related Content for Cisco TelePresence SX10 Quick Set

Table of Contents