Cisco Cisco TelePresence Video Communication Server Expressway 관리 매뉴얼
■
Addresses are blocked against only the peer on which the access failures occurred. This means that if an
address is blocked against one peer it may still be able to attempt to access another peer (from which it may
too become blocked).
address is blocked against one peer it may still be able to attempt to access another peer (from which it may
too become blocked).
■
A blocked address can only be unblocked for the current peer. If an address is blocked by another peer, you
must log in to that peer and then unblock it.
must log in to that peer and then unblock it.
■
Category settings and the exemption list are applied across the cluster.
■
The statistics displayed on the Automated detection overview page are for the current peer only.
Additional Information
■
When a host address is blocked and tries to access the system, the request is dropped (the host receives no
response).
response).
■
A host address can be blocked simultaneously for multiple categories, but may not necessarily be blocked by
all categories. Those blocks may also expire at different times.
all categories. Those blocks may also expire at different times.
■
When an address is unblocked (either manually or after its block duration expires), it has to fail again for the
full number of times as specified by the category's trigger level before it will be blocked for a second time by
that category.
full number of times as specified by the category's trigger level before it will be blocked for a second time by
that category.
■
A category is reset whenever it is enabled. All categories are reset if the system is restarted or if the
automated protection service is enabled at the system level. When a category is reset:
automated protection service is enabled at the system level. When a category is reset:
—
Any currently blocked addresses are unblocked.
—
Its running totals of failures and blocks are reset to zero.
■
You can view all Event Log entries associated with the automated protection service by clicking View all
intrusion protection events on the Automated detection overview page.
intrusion protection events on the Automated detection overview page.
Network Services
Configuring System Name and Access Settings
The System administration page (System > Administration) is used to configure the name of the VCS and the
means by which it is accessed by administrators.
means by which it is accessed by administrators.
System Settings
System name
The System name is used to identify the VCS. It appears in various places in the web interface, and in the display on
the front panel of the unit (so that you can identify it when it is in a rack with other systems). The System name is also
used by Cisco TMS.
the front panel of the unit (so that you can identify it when it is in a rack with other systems). The System name is also
used by Cisco TMS.
We recommend that you give the VCS a name that allows you to easily and uniquely identify it.
Ephemeral port range
You can specify the Ephemeral port range start and end values. This defines the port range to use for ephemeral
outbound connections not otherwise constrained by VCS call processing.
outbound connections not otherwise constrained by VCS call processing.
The default range of 30000 – 35999 applies to new installations of X8.1 or later; the previous default range of 40000 –
49999 still applies to earlier releases that have upgraded to X8.1.
49999 still applies to earlier releases that have upgraded to X8.1.
Administration Access Settings
While you can administer the VCS via a PC connected directly to the unit via a serial cable, you may want to access
the system remotely over IP. You can do this using either the web interface (via HTTPS) or through a command line
interface (via SSH).
the system remotely over IP. You can do this using either the web interface (via HTTPS) or through a command line
interface (via SSH).
The configurable options are:
39
Cisco TelePresence Video Communication Server Administrator Guide
Network and System Settings