Manualsbrain.com
  1. Manuals
  2. Brands
  3. Panasonic
  4. 75/85/95 MXP
  5. User Manual

Panasonic 75/85/95 MXP User Manual

Download
Page of 315
Appendices 
253 
 
By setting an IP Access Password on the system, all access to the system using IP (Telnet, FTP 
and WEB) requires a password. This password can be enabled from telnet or dataport using the 
command: ippassword <ip-password>.  The default IP username and password is "TANDBERG". 
To remove this password, use the command: "ippassword ”. From telnet, this is only possible by 
first entering the correct password. 
 
IP 
Services
 
 
The different IP services on the system - FTP, Telnet, Telnet Challenge, HTTP, HTTPS, SNMP 
and H.323 can be disabled to prevent access to the system. By using the commands below, the 
services can be independently enabled/disabled: 
 
xconfiguration Telnet/TelnetChallenge/FTP/HTTP/HTTPS/H323 Mode: <On/Off> 
xconfiguration TelnetChallenge Mode: <On/Off> [port] 
xconfiguration SNMP Mode: <On/Off/ReadOnly/TrapsOnly> 
 
SNMP Security alert
 
 
This function will notify any Management Application (such as TMS - TANDBERG Management 
Suite) if anyone tries to perform Remote Management on the system using an illegal password. 
The Security alert that is sent to the Management Application will contain information about the IP 
address and the service (WEB, Telnet, FTP) being used for the attempt. If TMS is used, email 
notifications or alarms about the attempt can be sent to specified persons. 
 
Encryption 
 
All TANDBERG systems support both AES and DES encryption. By default this feature is 
enabled such that when connecting with any other video system or MCU, a TANDBERG system 
will attempt to establish a secure conference using AES or DES encryption. The TANDBERG 
system will attempt this for both IP and ISDN connections. Where a remote system or MCU 
supports encryption, the highest common encryption algorithm will be selected on a port-by-port 
basis. 
 
The type and status of the encryption negotiated is indicated by padlock symbols and on-screen 
messages. Encryption on the TANDBERG systems is fully automatic, and provides clear security 
status indicators; 
ƒ  An open padlock indicates that encryption is being initialized, but the conference is not 
yet encrypted.   
ƒ  Single padlock indicates DES encryption. 
ƒ  Double padlock indicates AES encryption.  
 
In addition to on-screen indicators the Call Status menu provides two information fields regarding 
call encryption. The first field is the Encryption Code, which will identify either AES or DES. The 
second field is the Encryption Check Code and is comprised of an alphanumeric string. This 
string will be the same for systems on either side of an encrypted conference. If the Check Codes 
do not match, this would indicate that the call has been exposed to a Man In The Middle attack. 
 
When a system with MultiSite functionality hosts a conference, the highest possible encryption 
algorithm will be negotiated on a site-by-site basis. MultiSite conferences can therefore support a 
mix of AES and DES encrypted endpoints in the same conference. A conference will only be as 
secure as its weakest link. 
 
All systems supporting DES encryption can upgrade to AES encryption. Please contact your 
TANDBERG representative for more information. The standards supporting the encryption 
mechanisms employed by TANDBERG are: AES, DES, H.233, H234 and H.235 (H235v3 & v2 for