Cisco Cisco TelePresence MX700 Manuale Di Manutenzione

www.cisco.com

AdministrAtor guide

The Security settings

Security Audit Server Address

Enter the external/global IP-address to the audit syslog server. IPv6 is not supported.
NOTE: Requires a restart of the system for any change to take effect.
Requires user role: AUDIT
Value space: <S: 0, 64>

Format: String with a maximum of 64 characters.

Example: Security Audit Server Address: ""

Security Audit Server Port

Enter the port of the syslog server that the system shall send its audit logs to. The default port is

514.
NOTE: Requires a restart of the system for any change to take effect.
Requires user role: AUDIT
Value space: <0..65535>

Range: Select a value from 0 to 65535.

Example: Security Audit Server Port: 514

Security Audit OnError Action

Describes what actions will be taken if connection to the syslog server is lost. This setting is only

relevant if Security Audit Logging Mode is set to ExternalSecure.
NOTE: Requires a restart of the system for any change to take effect.
Requires user role: AUDIT
Value space: <Halt/Ignore>

Halt: If a halt condition is detected the unit is rebooted and only the auditor is allowed to

operate the unit until the halt condition has passed. When the halt condition has passed

the audit logs are re-spooled to the external server. Halt conditions are: A network breach

(no physical link), no external syslog server running (or wrong server address or port), TLS

authentication failed (if in use), local backup (re-spooling) log full.
Ignore: The system will continue its normal operation, and rotate internal logs when full. When

connection is restored it will again send its audit logs to the syslog server.

Example: Security Audit OnError Action: Ignore

Security Audit Logging Mode

Describes where the audit logs are recorded or transmitted.
NOTE: Requires a restart of the system for any change to take effect.
Requires user role: AUDIT
Value space: <Off/Internal/External/ExternalSecure>

Off: No audit logging is performed.
Internal: The system records the audit logs to internal logs, and rotates logs when they are

full.
External: The system sends the audit logs to an external audit syslog server. The external

server must support TCP.
ExternalSecure: The system sends encrypted audit logs to an external audit server that is

verified by a certificate in the Audit CA list. The Audit CA list file must be uploaded to the

codec using the web interface. The common_name parameter of a certificate in the CA list

must match the IP address of the syslog server.

Example: Security Audit Logging Mode: Off

Security Session ShowLastLogon

When logging in to the system using SSH or Telnet you will see the UserId, time and date of the

last session that did a successful login.
Requires user role: ADMIN
Value space: <Off/On>

On: Set to On to enable the possibility to show information about the last session.
Off: Set to Off to disable the possibility to show information about the last session.

Example: Security Session ShowLastLogon: Off

Security Session InactivityTimeout

Determines how long the system will accept inactivity from the user before he is automatically

logged out.
Requires user role: ADMIN
Value space: <0..10000>

Range: Select a value from 0 to 10000 seconds. 0 means that inactivity will not enforce

automatically logout.

Example: Security Session InactivityTimeout: 0

Introduction

Table of contents

Web interface

Advanced settings

Appendices

Advanced settings