Cisco Cisco TelePresence MX700 Manuale Di Manutenzione
D15331.02 MX700 and MX800 Administrator Guide CE8.1, APRIL 2016.
www.cisco.com — Copyright © 2016 Cisco Systems, Inc. All rights reserved.
133
Cisco TelePresence MX700 and MX800
Administrator Guide
Security settings
Security Audit Logging Mode
Define where to record or transmit the audit logs. The audit logs are sent to a syslog server.
When using the External/ExternalSecure modes and setting the port assignment to manual
When using the External/ExternalSecure modes and setting the port assignment to manual
in the Security Audit Server PortAssignment setting, you must also enter the address and
port number for the audit server in the Security Audit Server Address and Security Audit
Server Port settings.
Requires user role: AUDIT
Default value: Off
Default value: Off
Value space: Off/Internal/External/ExternalSecure
Off: No audit logging is performed.
Internal: The system records the audit logs to internal logs, and rotates logs when they
Internal: The system records the audit logs to internal logs, and rotates logs when they
are full.
External: The system sends the audit logs to an external syslog server. The syslog server
External: The system sends the audit logs to an external syslog server. The syslog server
must support UDP.
ExternalSecure: The system sends encrypted audit logs to an external syslog server that
ExternalSecure: The system sends encrypted audit logs to an external syslog server that
is verified by a certificate in the Audit CA list. The Audit CA list file must be uploaded to
the codec using the web interface. The common_name parameter of a certificate in the
CA list must match the IP address of the syslog server, and the secure TCP server must
be set up to listen for secure (TLS) TCP Syslog messages.
Security Audit OnError Action
Define what happens when the connection to the syslog server is lost. This setting is only
relevant when Security Audit Logging Mode is set to ExternalSecure.
Requires user role: AUDIT
Default value: Ignore
Default value: Ignore
Value space: Halt/Ignore
Halt: If a halt condition is detected the system codec is rebooted and only the auditor is
allowed to operate the unit until the halt condition has passed. When the halt condition
has passed the audit logs are re-spooled to the syslog server. Halt conditions are: A
network breach (no physical link), no syslog server running (or incorrect address or port
to the syslog server), TLS authentication failed (if in use), local backup (re-spooling) log
full.
Ignore: The system will continue its normal operation, and rotate internal logs when full.
Ignore: The system will continue its normal operation, and rotate internal logs when full.
When the connection is restored it will again send its audit logs to the syslog server.
Security Audit Server Address
The audit logs are sent to a syslog server. Define the IP address of the syslog server.
Only valid IPv4 or IPv6 address formats are accepted. Host names are not supported.
This setting is only relevant when Security Audit Logging Mode is set to External or
ExternalSecure.
Requires user role: AUDIT
Default value: ""
Default value: ""
Value space: String (0, 64)
A valid IPv4 address or IPv6 address
Introduction
Configuration
Peripherals
Maintenance
System settings
Appendices
System settings