Cisco Cisco TelePresence MCU 4510 Maintenance Manual
Advanced topics
Cisco TelePresence MCU 4.3 Product administration guide
Page 204 of 242
The last 100,000 audit messages are stored on the external compact flash if there is one; otherwise, the last
100,000 audit messages are stored internally. You can only view the last 2000 through the web interface, but
you can download all stored audit messages (up to the 100,000) as XML.
100,000 audit messages are stored internally. You can only view the last 2000 through the web interface, but
you can download all stored audit messages (up to the 100,000) as XML.
You can delete audit messages. If you delete any audit messages, that will be audited in a new audit
message.
message.
You cannot send the audit log to a syslog server.
Understanding security warnings
The
Security status
page displays a list of active security warnings for the MCU. To access this
information, go to
Status > Security
. Security warnings identify potential weaknesses in the security of the
MCU's configuration. For more information on configuring security settings, refer to
. For more detailed information on the security status, refer to
The table below details the warnings that appear, and the relevant actions needed to rectify them.
Warning
Action
Explanation
Advanced
password
security is
disabled
password
security is
disabled
Enable advanced
account security mode
in security settings
account security mode
in security settings
If advanced account security mode is not enabled, passwords
will be stored in plain text in the configuration file, and therefore
be unsecure.
will be stored in plain text in the configuration file, and therefore
be unsecure.
To enable advanced account security mode, go to
Settings >
Security
and enable Advanced account security mode.
Hide log
messages on
console is
disabled
messages on
console is
disabled
Enable hide log
messages on console in
serial console settings
messages on console in
serial console settings
To hide log messages on the console, go to
Settings > Security
and select Hide log messages on console. This will stop event
messages appearing on the console.
messages appearing on the console.
Require
administrator
login to
console is
disabled
administrator
login to
console is
disabled
Enable require
administrator login in
serial console settings
administrator login in
serial console settings
You must log in using an admin account to access serial console
commands, in this way the serial console will be more secure.
commands, in this way the serial console will be more secure.
To do this, go to
Settings > Security
and select Require
administrator login.
Guest account
is enabled
is enabled
Disable the guest
account.
account.
By default the guest user account is assigned the privilege of
'conference list only', meaning that users who log in as guest can
view the list of active conferences and change their own profile.
Disabling the guest account makes the MCU more secure.
'conference list only', meaning that users who log in as guest can
view the list of active conferences and change their own profile.
Disabling the guest account makes the MCU more secure.
To disable the guest account, go to
Users > User list
and select
Guest. Select Disable user account.
Admin account
has default
username
has default
username
Change the admin
account username
account username
The MCU must have at least one configured user with
administrator privileges. By default, the User ID is "admin" and
no password is required.
administrator privileges. By default, the User ID is "admin" and
no password is required.
To change the admin account username, go to
Users > User
list
and select admin. Enter a new username in the User ID field
and click Update user settings.