Cisco Cisco Unified MeetingPlace Audio Server Manuale Di Manutenzione
Cisco MeetingServer 5.1 System Manager’s Guide
58
Cisco Systems
March 2003
Tip: Keep the system in an area protected by a lock or a
card-key system.
card-key system.
Securing User Profiles
To prevent unauthorized users from accessing MeetingPlace over the
telephone or from a computer, use the following security measures:
telephone or from a computer, use the following security measures:
Password Protection
Passwords are required to access MeetingPlace over the telephone or from a
computer. User passwords permit access from a computer, and profile
passwords permit access over the telephone.
computer. User passwords permit access from a computer, and profile
passwords permit access over the telephone.
Ensure effective use of profile passwords by administering the minimum
password length and password change parameters. Use the Usage Parameters
topic in the Configure tab to define password information, including:
password length and password change parameters. Use the Usage Parameters
topic in the Configure tab to define password information, including:
•
Min profile pwd length (minimum profile password length for telephone
access)
access)
•
Change profile pwd (how often users must change their profile
passwords)
passwords)
•
Min user pwd length (minimum workstation access password length)
•
Change user pwd (how often users must change their workstation access
passwords)
passwords)
•
Min meeting pwd length (minimum length for a meeting password)
It is recommended that you require users to change passwords according to
your company’s policies for similar systems. For more information on these
parameters, see Appendix C.
your company’s policies for similar systems. For more information on these
parameters, see Appendix C.
Hacker Lockout
MeetingPlace offers a “hacker lockout” feature. The system will
automatically deactivate any user profile after a number of consecutive
unsuccessful login attempts. In the Usage Parameters topic on the Configure
tab, you can set the maximum number of attempts to access the user profiles.
automatically deactivate any user profile after a number of consecutive
unsuccessful login attempts. In the Usage Parameters topic on the Configure
tab, you can set the maximum number of attempts to access the user profiles.
As a safeguard, the profile will be locked after the maximum number of
retries by telephone is reached. Subsequent attempts to enter the profile will
result in a “Profile is Invalid” message, the caller will be transferred to the
attendant, and a minor alarm will be generated.
retries by telephone is reached. Subsequent attempts to enter the profile will
result in a “Profile is Invalid” message, the caller will be transferred to the
attendant, and a minor alarm will be generated.
To unlock a user’s profile, you must change the User Active? setting in the
profile to Yes before the profile can be used. This can be done from the View
Locked Profiles action on the System tab. For detailed instructions on resetting
locked profiles, see the Troubleshooting User Problems section in Chapter 7.
profile to Yes before the profile can be used. This can be done from the View
Locked Profiles action on the System tab. For detailed instructions on resetting
locked profiles, see the Troubleshooting User Problems section in Chapter 7.