1. Manuals
  2. Brands
  3. Polycom Manuals
  4. Conference System
  5. HDX Desktop Systems
  6. Deployment manual

Polycom HDX Systems Deployment Manual

For maximum security environments
Hide thumbs Also See for HDX Systems:
Table of Contents

Advertisement

Quick Links

Download this manual See also: Reference Manual, User Manual
[Type the document title]
Military Unique Deployment Guide
®
Polycom
HDX Systems Deployment Guide
for Maximum Security Environments
Polycom Document Title
2.7.3.1_J
|
February 2014
|
3725-12748-007/A
1

Advertisement

Table of Contents
loading

Related Manuals for Polycom HDX Systems

Summary of Contents for Polycom HDX Systems

  • Page 1 [Type the document title] 2.7.3.1_J February 2014 3725-12748-007/A Military Unique Deployment Guide ® Polycom HDX Systems Deployment Guide for Maximum Security Environments Polycom Document Title...
  • Page 2 Every effort has been made to ensure that the information in this manual is accurate. Polycom, Inc., is not responsible for printing or clerical errors. Information in this document is subject to change without notice.

  • Page 3: Table Of Contents

    FIPS 140-2 Cryptography ......... . 5 Upgrading and Downgrading your Polycom HDX System ... . . 6 Upgrading the Software in a Non-DHCP Environment .
  • Page 4 Deployment Guide for Maximum Security Environments Contents Polycom, Inc.

  • Page 5: Document Change History

    This document provides guidance for configuring and using software version 2.7.3.1_J to be consistent with the conditions for deployment as listed in the UC APL listing for the Polycom HDX system product. For a listing of certified software versions in addition to version 2.7.3.1_J, refer to http://www.polycom.com/solutions/solutions-by-industry/us-federal-gov...

  • Page 6: Upgrading And Downgrading Your Polycom Hdx System

    Polycom recommends that you upgrade from software versions earlier than 2.7.0_J to 2.7.3.1_J by performing a USB software update, which is described in the Release Notes for Polycom HDX Systems, version 2.7.3.1_J. If you use the Software Update feature in the HDX system web interface, the features added or changed between these two releases could lead to unpredictable behavior.

  • Page 7: Configuring Security Settings In A Web Browser

    Setup Wizard Setting Restriction Admin ID Must be changed. User ID Must be changed. User Room Password Must be entered. User Remote Password Must be entered. Admin Room Password Must be changed. Admin Remote Password Must be changed. Polycom, Inc.

  • Page 8: Security Settings

    Set to 15; range is 8 to 15. • Room (User/Admin): Set to 9; range is 6 to 20. Can Contain ID or Its Reverse Form Disabled, not configurable. Require Lowercase Letters Set to Off, configurable. Require Uppercase Letters Set to Off, configurable. Polycom, Inc.

  • Page 9: Meeting Password Settings

    Password Expiration Warning in Days Set to 7, Off is not allowed, range is 1 to 7. Minimum Changed Characters Set to Off, range is 1 to 4. Maximum Consecutive Repeated Set to 2, range is 1 to 4. Characters Polycom, Inc.

  • Page 10: Account Management

    Set to 10, configurable. Off is not allowed. Maximum Number of Active Web Set to 25, range is 10 to 50. Sessions Maximum Number of Sessions per Set to 3, range is 1 to 5. User (applies to local, web interface, and serial port sessions) Polycom, Inc.

  • Page 11: External Authentication

    Only LDAP available. Auto Answer Point-to-Point Video Disabled, configurable. Auto Answer Multipoint Video Disabled, configurable. Availability Control Enabled, not configurable. Recent Calls Disabled, not configurable. Last Number Dialed Disabled, not configurable. Far Control of Near Camera Disabled, configurable. Polycom, Inc.

  • Page 12: Locating Your System

    To mitigate certain network-based attacks, Polycom recommends that the network administrator configure port security on the switch to which Polycom devices connect. Security is enhanced by binding the device’s MAC address to a specific physical port on the switch.
  • Page 13 • Disable this setting if meeting passwords are not required for multipoint calls. Configure the system for time and date management using the steps appropriate for your particular Polycom HDX system model and deployment type. Polycom, Inc.
  • Page 14 Enter the NTP server address for the Secondary Time Server. All Polycom HDX 4000 systems with Hardware Version A and B, and Polycom 7000 and 8000 systems with Hardware Version A require a connection to an NTP server to keep accurate time across power outages and system restarts.

  • Page 15: Configuring Your System For Remote Access

    Deployment Guide for Maximum Security Environments On Polycom HDX 4000, 7000, and 8000 series systems, go to System > Admin Settings > LAN Properties > > , and disable the Enable PC LAN Port setting, unless its use is required. If you change this setting, the system restarts.

  • Page 16: Configuring Your Room And User Password Policy

    Active Directory accounts. For all other system interaction, use the remote control or keypad. To configure your room password policy: Go to System > Admin Settings > General Settings > Security > Password Settings > Admin Room Password, and configure the following settings. Polycom, Inc.
  • Page 17 DODI 8500.2: IAIA-1, IAIA-2 Require Numbers Value: 1 This setting meets these requirements: • UNIX STIG V5R1.23: GEN000620 • Application Security Checklist V3R3: APP3320 • DSN STIG V2R3.4: DSN13.06 • GR-815-CORE-2 R3-39 [26] • DODI 8500.2: IAIA-1, IAIA-2 Polycom, Inc.
  • Page 18 This setting meets this requirement: • GR-815-CORE-2; CR3-36 [23] Minimum Changed Characters Value: 4 This setting meets this requirement: • DODI 8500.2: IAIA-1, IAIA-2 Maximum Consecutive Repeated Value: 2 Characters This setting meets this requirement: • UNIX STIG V5R1.23: GEN000680 (maximum 2) Polycom, Inc.

  • Page 19: Configuring The System To Use Certificates

    Polycom HDX Systems. Detecting Intrusions The Polycom HDX system logs an entry to the security log when it detects a possible network intrusion. The security log prefix identifies the type of packet detected, as shown in the following table.

  • Page 20: Viewing Network Interface And System Status

    Green and yellow lights off No power to the system. Red light on or blinking Indicates one of the following situations: • The system is not connected to the ISDN network. • There is a problem with the ISDN line. Polycom, Inc.

  • Page 21: Viewing System Status

    For an explanation of any of the status items, select the item and press on the remote control or keypad. To view the System Status using the Polycom HDX web interface: Open a web browser, and in the browser address line enter the system IP address, for example, https://10.11.12.13, to go to the Polycom HDX...

  • Page 22: Using The Camera Privacy Cover

    Deployment Guide for Maximum Security Environments Using the Camera Privacy Cover The Polycom EagleEye camera goes to sleep when the Polycom HDX system does. For added security Polycom now offers a privacy cover (part number 2215-28454-001) that you can attach to the camera. You can open and close the cover as needed.

  • Page 23: Cgi Commands

    Validates and updates passwords on the system a_colorbar.cgi Toggles the color bar for video diagnostics a_convertcsvtodatfiles.cgi Imports the system profile in .csv format into .dat files a_createdatfilecsv.cgi Creates a list of configuration values in .csv format that excludes machine sensitive information Polycom, Inc.
  • Page 24 Generates a trace route from the system a_uploadlogo.cgi Uploads/removes the system logo from the system a_validate.cgi Validates the parameters and their values addcert.cgi Adds the certificate to the system addcrl.cgi Adds the certificate revocation lists (CRL) to the system Polycom, Inc.
  • Page 25 Sets LAN settings swu_optionkey.cgi Sets and validates the option key swu_ping.cgi Returns “I am alive” message swu_progress.cgi Reports the progress of the software update swu_retain.cgi Sets the user configuration settings to retain swu_softwarekey.cgi Sets and validates the software key Polycom, Inc.

  • Page 26: Placing A Test Call

    Placing a Test Call To troubleshoot any issues making video calls, call a Polycom video site to test your setup. A list of worldwide numbers that you can use to test your Polycom RealPresence Group system is available at www.polycom.com/videotest.
  • Page 27 Networks and be behind the site’s firewall. The site must deploy the solution in a secure area. The configuration must be in compliance with the Polycom family’s Rel. 2.7.3.1_J military-unique features deployment guide. The site must register the system in the Systems Networks Approval Process Database as directed by the DSAWG and Program Management Office at https://snap.dod.mil/index.cfm.

Table of Contents