Advanced Account Security; Prerequisites; Vcs Functionality: Changes And Limitations - Cisco TelePresence Administrator's Manual
Video communication server
Hide thumbs
Also See for TelePresence:
- Administrator's manual (507 pages) ,
- Manual (24 pages) ,
- Specifications (7 pages)
Table of Contents
Advertisement
Advanced account security
The
Advanced account security
the VCS for use in highly secure environments. This page can only be accessed if the Advanced Account
Security option key is installed.
Enabling advanced account security limits login access to remotely authenticated users using the web
interface only, and also restricts access to some VCS features. To indicate that the VCS is in advanced
account security mode, any text specified as the Classification banner message is displayed on every web
page.
Note that a system reboot is required for changes to the advanced account security mode to take effect.
Prerequisites
Before advanced account security mode can be enabled, the VCS must be configured to use
authentication
for administrator accounts.
CAUTION: ensure that the remote directory service is working properly, as after advanced account security
is enabled you will not be able to log in to the VCS via the local admin account or as root.
You are also recommended to configure your system so that:
SNMP
is disabled
n
the
session time out period
n
HTTPS client certificate validation
n
login account LDAP server
n
checking set to All
remote logging
is disabled
n
incident reporting
is disabled
n
any connection to an
external manager
n
Alarms are raised for any non-recommended configuration settings.
VCS functionality: changes and limitations
When in secure mode, the following changes and limitations to standard VCS functionality apply:
access over SSH, Telnet, and through the serial port is disabled and cannot be turned on
n
access over HTTPS is enabled and cannot be turned off
n
the command line interface (CLI) is unavailable
n
the root account, the admin account and any other local administrator accounts are disabled
n
if there are three consecutive failed attempts to log in (by the same or different users), login access to the
n
VCS is blocked for 60 seconds
immediately after logging in, the current user is shown statistics of when they previously logged in and
n
details of any failed attempts to log in using that account
Cisco VCS Administrator Guide (X7.1)
page
(Maintenance > Advanced account
is set to a non-zero value
is enabled
configuration uses TLS encryption and has certificate revocation list (CRL)
uses HTTPS and has certificate checking enabled
Maintenance
security) is used to configure
remote account
Page 271 of 479
Advertisement
Table of Contents
