Cisco TelePresence Administrator's Manual page 497
Video communication server
Hide thumbs
Also See for TelePresence:
- Administrator's manual (498 pages) ,
- Manual (24 pages) ,
- Specifications (7 pages)
Table of Contents
Advertisement
Reference material
In a cluster, the default admin account password is now replicated across all peers.
n
Note that the Login Administrator set of xConfiguration CLI commands are no longer
n
supported.
System security enhancements
You can now configure firewall rules to control access to the VCS at the IP level. You can:
n
specify the source IP address subnet from which to allow or deny traffic
l
configure well known services such as SSH, HTTP/HTTPS or specify customized rules based on
l
transport protocols and port ranges
The VCS can be configured to use a combination of OCSP and CRL checking for certificates exchanged
n
during SIP TLS connection establishment. CRLs can be loaded manually onto the VCS, downloaded
automatically from preconfigured URIs, or downloaded automatically from a CRL distribution point (CDP).
The VCS can now generate server certificate signing requests. This removes the need to use an external
n
mechanism to generate and obtain certificate requests. The upload of the VCS's trusted CA certificate and
the management of its server certificate are now configured on separate pages under the
> Certificate management
When enabling client certificate-based security you can now configure CRL checking behavior.
n
VCS can now be configured to use HTTP Strict Transport Security (HSTS). This can be used to force a
n
web browser to communicate with the VCS using secure connections only.
Access to the VCS via the serial port can be disabled.
n
You can configure the authentication method used by the VCS when connecting to an NTP server. It
n
utilizes the security features available in NTPv4 and retains compatibility with NTPv3 implementations.
Options include symmetric key message hashing and private key encryption.
System backup files can now be encrypted / password protected.
n
OpenSSL has been updated to version 1.0.1b (includes support for TLS v1.2).
n
Zone and subzone media encryption policy
Media encryption policy settings allow you to selectively add or remove media encryption capabilities for SIP
calls flowing through the VCS. This allows you to configure your system so that, for example, all traffic
arriving or leaving the VCS Expressway from the public internet is encrypted, but is unencrypted when in
your private network. The policy is configured on a per zone/subzone basis; this level of granularity means
that different encryption policies could be applied to each leg of a call in/out of a zone/subzone.
Call processing
When configuring search rules you can now specify:
The source protocol for which the rule applies.
n
A specific source zone or subzone for which the rule applies.
n
Improved interworking flow control
The VCS now supports the ability to interwork the H.323 flowControlCommand into RFC 5104 Temporary
Maximum Media Stream Bit Rate Request (TMMBR). This provides the ability to stem the flow of data from a
remote participant.
Cisco VCS Administrator Guide (X8.1.1)
menu.
Software version history
Maintenance
Page 497 of 507
Advertisement
Table of Contents
Related Manuals for Cisco TelePresence
Related Products for Cisco TelePresence
- Cisco TelePresence Video Communication Server
- Cisco TD 92322GB
- Cisco TS MSE 8710
- Cisco TELEPRESENCE CALL DETAIL RECORDS FILE FORMAT -
- Cisco TELEPRESENCE MCU ACCESSING CONFERENCES -
- Cisco TelePresence System Codec C90: Profile 65"
- Cisco TELEPRESENCE MANAGEMENT SUITE
- Cisco TelePresence VX Clinical Assistant