Security - TANDBERG MPS User Manual

TANDBERG MPS User Manual

9.1.. Security

HTTPS
The TANDBERG MPS supports HTTPS in order to ensure secure transmission of the information displayed on the
administrator's PC. A secure connection between the Web browser and the TANDBERG MPS (the MCU web server)
will be established if the HTTPS service on the MCU is enabled. HTTPS allows for password exchange, which is
especially important.
To enable HTTPS, use the API command service xconfiguration HTTPS mode: On. The HTTPS server will then be
activated at next restart. If the MCU's HTTP service also is activated, the user will automatically be redirected to
HTTPS. If HTTP is de-activated, you will have to specify HTTPS. (In the latter case https://10.0.5.203 will work, but
not http://10.0.5.203).
SSH
The TANDBERG MPS supports SSH (Secure Shell) for secure access to the system. SSH commands are encrypted
and secured in several ways. Both ends of the client/server connection are authenticated using a digital certificate,
and passwords are protected by being encrypted.
Disable Services
For security reasons you may want to disable some of the services provided by the TANDBERG MPS. If wanted the
following services may be disabled/enabled (either through the web-interface or with API commands):
 Telnet (only with API commands)
 HTTP
 HTTPS
 SNMP, may also be set to read only or traps only (only with API commands)
 SSH (only with API commands)
Security Alert
The system can notify management applications when someone tries remote access over IP with illegal password (via
SNMP traps). Information about the intruder's IP-address and the service used (Web, Telnet and FTP) will be given.
When the (optional) TANDBERG Management Suite (TMS) is used, an email notification may also be sent e.g. to the
network administrator.
10
D13373.04