Polycom 7000 Video Game Sound System User Manual


 
System Security
Polycom, Inc. 52
To change the security settings
1 Go to Admin > Local Cluster > Security Settings.
2 To switch from a custom setting back to the recommended security mode, click High security.
3 To switch from the recommended security mode to a custom setting:
a Click Custom security.
b Check the unsecured network access method(s) that you want to enable.
4 Click Update.
A dialog informs you that the configuration has been updated.
5 Click OK.
The following settings may be configured in any security mode.
Skip validation of certificates for
inbound connections
This option may be configured in any security mode, and affects inbound
connections from entities like web browsers and API clients.
If this option is turned off, you can only connect to the Polycom RealPresence
DMA system if your browser presents a client certificate issued by a CA that
the system trusts (this is known as mutual TLS for administrative
connections).
Turn this option off only if:
You’ve implemented a complete public key infrastructure (PKI) system,
including a CA server, client software (and optionally hardware, tokens, or
smartcards), and the appropriate operational procedures.
The CA’s public certificate is installed in the Polycom RealPresence DMA
system so that it trusts the CA.
All authorized users, including yourself, have a client certificate signed by
the CA that authenticates them to the Polycom RealPresence DMA
system.
Allow forwarding of IPv6 ICMP
destination unreachable
messages
This option may be configured in any security mode.
If this option is off, the Polycom RealPresence DMA system has an internal
firewall rule that blocks outbound destination unreachable messages.
If this option is on, that firewall rule is disabled.
Note: The Polycom RealPresence DMA system currently doesn’t send such
messages, regardless of this setting.
Allow IPv6 ICMP echo reply
messages to multicast addresses
This option may be configured in any security mode.
If this option is off, the Polycom RealPresence DMA system doesn't reply to
echo request messages sent to multicast addresses (multicast pings).
If this option is on, the system responds to multicast pings.
Note: Skip validation of certificates for inbound connections is automatically re-enabled
If you turn off Skip validation of certificates for inbound connections, the system notifies you that
if you don’t log back in within 5 minutes, the setting will be automatically turned back on. This is a
safety precaution to ensure that at least one user is still able to access the system.
Field Description