Encryption - Polycom RealPresence Group 550 Administrator's Manual

Realpresence group series video conferencing system

Hide thumbs Also See for RealPresence Group 550:

Setup manual (2 pages)

System setup sheet (2 pages)

Quick start manual (2 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

Table of Contents

Administrator's Guide for the Polycom RealPresence Group Series

user.

Scenario 2 – Failed attempts counter resets after failed login window closes

A user fails to log in to the local Admin account two times on the web interface, and another user fails to

'SuperUser' account is defined as part of the Active Directory Admin Group on the Active Directory Server.

This means that three failed attempts have been made on the web interface port—two by one user and one

by a second user. If no more failed attempts are made within 1 Hour of the first failed attempt (which is the

value of the Reset Port Lock Counter After setting), the failed login attempts counter is reset to zero, and

4 failed attempts are allowed again before the web interface is locked.

Encryption

AES encryption is a standard feature on all Polycom RealPresence Group systems. When it is enabled, the

system automatically encrypts calls to other systems that have AES encryption enabled.

If encryption is enabled on the system, a locked padlock icon appears on the monitor when a call is

encrypted. If a call is unencrypted, an unlocked padlock appears on the monitor. In a multipoint call, some

connections might be encrypted while others are not. The padlock icon might not accurately indicate

whether the call is encrypted if the call is cascaded or includes an audio-only endpoint. To avoid security

risks, Polycom recommends that all participants communicate the state of their padlock icon verbally at the

beginning of a call.

Points to note about AES encryption:

•

AES encryption is not supported on systems registered to an Avaya H.323 gatekeeper.

•

For Polycom RealPresence Group systems with a maximum speed of 6 Mbps for unencrypted

calls, the maximum speed for encrypted SIP calls is 4 Mbps.

RealPresence Group systems provide the following AES cryptographic algorithms to ensure flexibility when

negotiating secure media transport:

● H.323 (per H.235.6)

 AES-CBC-128 / DH-1024

 AES-CBC-256 / DH-2048

● SIP (per RFCs 3711, 4568, 6188)

 AES_CM_128_HMAC_SHA1_32

 AES_CM_128_HMAC_SHA1_80

 AES_CM_256_HMAC_SHA1_32

 AES_CM_256_HMAC_SHA1_80

RealPresence Group systems also support the use of FIPS 140 validated cryptography, which is required

in some instances, such as when used by the U.S. federal government. When the Require FIPS 140

Cryptography setting is enabled, all cryptography used on the system comes from a software module that

has been validated to FIPS 140-2 standards. You can find its FIPS 140-2 validation certificate here:

http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm#1747

Polycom, Inc.

Security

115

Table of Contents

Show Quick Links

Hide quick links:

Table of Contents

This manual is also suitable for:

Realpresence group 700 Realpresence group 300 Realpresence group 500

Encryption - Polycom RealPresence Group 550 Administrator's Manual

Encryption

Hide quick links:

Related Manuals for Polycom RealPresence Group 550

Related Content for Polycom RealPresence Group 550

This manual is also suitable for:

Table of Contents