Cisco Cisco TelePresence Video Communication Server Expressway 릴리즈 노트
New features in X7
Cisco TelePresence Video Communication Server X7.2.3 Software Release Notes
Page 10 of 50
New features in X7
X7.2.3
This is a maintenance release.
X7.2.2
This is a maintenance release.
X7.2.1
This is a maintenance release.
The VCS Starter Pack Express supports Cisco Jabber for iPad.
This release also contains some third-party software updates: Python has been upgraded to 2.7.3,
PHP has been upgraded to 5.3.15, and TLS 1.1 and 1.2 have been enabled in Apache.
PHP has been upgraded to 5.3.15, and TLS 1.1 and 1.2 have been enabled in Apache.
X7.2
Controlled SIP TLS connections to the Default Zone
Default Zone access rules that control which external systems are allowed to connect over SIP TLS to
the VCS via the Default Zone can now be configured.
the VCS via the Default Zone can now be configured.
Each rule specifies a pattern type and string that is compared to the identities (Subject Common
Name and any Subject Alternative Names) contained within the certificate presented by the external
system. You can then allow or deny access to systems whose certificates match the specified pattern.
Name and any Subject Alternative Names) contained within the certificate presented by the external
system. You can then allow or deny access to systems whose certificates match the specified pattern.
Enabling this feature requires that all systems (including endpoints) connecting to the Default Zone
must present client certificates that are trusted by the VCS.
must present client certificates that are trusted by the VCS.
Device authentication
The VCS can now be configured to authenticate devices against multiple remote H.350 directory
servers. This provides a redundancy mechanism in the event of reachability problems to an H.350
directory server.
servers. This provides a redundancy mechanism in the event of reachability problems to an H.350
directory server.
As from version X7.2, for Digest authentication, the VCS attempts to verify device credentials
presented to it by first checking against its on-box local database of usernames and passwords,
before checking against any configured H.350 directory server. (Note that the endpoint presents
the VCS with a the hash of its credentials, which the VCS attempts to validate against a hash
created from the credentials stored in the local database - the VCS does not see the actual
credentials from the device.) As a result of this:
•
presented to it by first checking against its on-box local database of usernames and passwords,
before checking against any configured H.350 directory server. (Note that the endpoint presents
the VCS with a the hash of its credentials, which the VCS attempts to validate against a hash
created from the credentials stored in the local database - the VCS does not see the actual
credentials from the device.) As a result of this:
•
The
Device authentication configuration
page no longer exists; there is no longer an
option to switch between an authentication database type of Local database or LDAP
database.
database.
•
The NTLM protocol challenges setting is now configured on the
Active Directory Service
page.
The
Device LDAP configuration
and
Device LDAP schemas
pages are now called
Device
authentication H.350 configuration
and
Device authentication H.350 schemas
respectively.