Polycom 3725-74600-004 Manuale Utente
Polycom, Inc.
F-1
Appendix F
Secure Communication Mode
The RealPresence Collaboration Server can be configured to work in Secure Mode by configuring
the Collaboration Server and the Collaboration Server Web Client to work with SSL/TLS.
In this mode, a SSL/TLS Certificate is installed on the MCU, setting the MCU Listening Port
to secured port 4433.
TLS is a cryptographic protocol used to ensure secure communications on public networks.
TLS uses a Certificate purchased from a trusted third party Certificate Authority to authenticate
public keys that are used in conjunction with private keys to ensure secure communications
across the network.
The Collaboration Server supports:
•
the Collaboration Server and the Collaboration Server Web Client to work with SSL/TLS.
In this mode, a SSL/TLS Certificate is installed on the MCU, setting the MCU Listening Port
to secured port 4433.
TLS is a cryptographic protocol used to ensure secure communications on public networks.
TLS uses a Certificate purchased from a trusted third party Certificate Authority to authenticate
public keys that are used in conjunction with private keys to ensure secure communications
across the network.
The Collaboration Server supports:
•
TLS 1.0
•
SSL 3.0 (Secure Socket Layer)
SSL 3.0 utilizes 1024-bit RSA public key encryption.
TLS certificates can be generated using the following methods: CSR, PFX and PEM; each
giving different options for Encryption Key length. Table F-1 lists the SIP TLS Encryption Key
TLS certificates can be generated using the following methods: CSR, PFX and PEM; each
giving different options for Encryption Key length. Table F-1 lists the SIP TLS Encryption Key
length support for the various system components.
Certificate Configuration and Management
All Polycom devices used in a Maximum Security Environment require security certificates.
Certificate Template Requirements
The specific security certificate requirements for Collaboration Servers used in Maximum
Security Environments are:
•
Security Environments are:
•
Support of 2048-bit encryption keys.
Table F-1
SIP TLS - Encryption Key Support by System Component
System Component
Key Generation Method
Key Length (bits)
Key generated by
SIP Signaling
CSR
2048
Collaboration
Server
Server
PFX / PEM
1024 or 2048
User
Management
CSR
2048
Collaboration
Server
Server
LDAP