Cisco Cisco TelePresence Video Communication Server Expressway 관리 매뉴얼
Reference material
Cisco VCS Administrator Guide (X7.0)
Page 313 of 488
Presence configuration
The Subscription expiration time and Publication expiration time settings can no longer be
configured on the
configured on the
Presence
page. They can still be modified via the CLI.
X6
Enhanced authentication policy
Authentication policy can now be applied at the zone and subzone levels. It controls how the VCS
authenticates incoming messages from that zone or subzone and whether those messages are rejected
or are subsequently treated as authenticated or unauthenticated within the VCS.
authenticates incoming messages from that zone or subzone and whether those messages are rejected
or are subsequently treated as authenticated or unauthenticated within the VCS.
This provides increased flexibility and allows system administrators to:
n
control registrations via subzones; this allows, if required, a combination of authenticated and
unauthenticated endpoints to register to the same VCS
unauthenticated endpoints to register to the same VCS
n
limit the services available to unregistered or unauthenticated endpoints and devices
n
cater for endpoints from third-party suppliers that do not support authentication within their registration
mechanism through a "treat as authenticated" setting
mechanism through a "treat as authenticated" setting
External policy services
The VCS can be configured to use external policy services to manage its registration and call policies.
This is particularly suitable for large-scale deployments where policy decisions can be managed through
an external, centralized service rather than by configuring policy rules on the VCS itself.
an external, centralized service rather than by configuring policy rules on the VCS itself.
Secure communication between cluster peers
The VCS uses IPsec (Internet Protocol Security) to enable secure communication between each cluster
peer. Authentication is carried out through the use of a pre-shared access key (configured on the
peer. Authentication is carried out through the use of a pre-shared access key (configured on the
Clustering
page).
View registrations and calls across a cluster
You can now view all of the registrations and calls across a cluster from any one of the peers in the
cluster. A Peer column on the registrations and calls status pages identifies the relevant peer.
cluster. A Peer column on the registrations and calls status pages identifies the relevant peer.
Client-initiated connection management
The VCS has implemented support for RFC 5626 (known as "SIP Outbound"). This allows a UA to route
calls when a peer in a cluster has failed, and also allows a UA to close all listening ports ensuring all calls
can only be routed via their existing (authenticated, authorized) connection to the VCS.
calls when a peer in a cluster has failed, and also allows a UA to close all listening ports ensuring all calls
can only be routed via their existing (authenticated, authorized) connection to the VCS.