Security
Polycom, Inc. 155
Certificates and Security Profiles within a Provisioned System
When your RealPresence Group system is provisioned through the RealPresence Resource Manager
system and you use PKI certificates, consider the following information. Be sure to enable provisioning after
you follow the procedures applicable to each Security Profile type.
● To use the Maximum Security Profile with provisioning:
The RealPresence Resource Manager system must be using Maximum Security Mode.
You must manually assign the Maximum Security Profile to the RealPresence Group endpoint
during installation using the setup wizard, or afterwards using the web interface.
You must use full PKI and observe the following procedures before you enable provisioning on
the RealPresence Group endpoint:
1 You must install a signed client certificate on the RealPresence Group system to enable the
provisioning connection to be authenticated by the RealPresence Resource Manager system.
2 Decide whether to automatically validate web clients by enabling the Always Validate Peer
Certificates from Browsers setting. If you do enable the setting, you’ll need to install a
signed server certificate and all of the CA certificates needed to validate browser certificates
for all web clients. Then configure the certificate revocation method.
3 Decide whether to validate servers by enabling the Always Validate Peer Certificates from
Servers setting. If you do enable the setting, you must install of the CA certificates needed to
validate server certificates from all remote servers. Then adjust the certificate revocation
method accordingly. For example, you might need to load additional CRLs if you use the CRL
revocation method).
● To use the Medium or High Security Profile with provisioning:
The RealPresence Resource Manager system must be using commercial mode.
You must manually assign the Medium or High Security Profile to the RealPresence Group
endpoint during installation using the setup wizard, or afterwards using the web interface.
Configure PKI according to your company’s guidelines.
● To use the Low Security Profile with provisioning:
The RealPresence Resource Manager system must be using commercial mode.
You can enable provisioning in the setup wizard. All provisionable settings are taken from the
RealPresence Resource Manager system.
Delete Certificates and CRLs
In some cases, expired certificates or CRLs might prevent you from accessing the web interface. You can
use the local interface to reset your system without certificates, to restore access to the web interface.
To delete all certificates and CRLs the RealPresence Group system is using:
1 In the local interface, go to System > Diagnostics > Reset System.
2 If needed, enter the Admin ID and Password.
3 Enable the Delete Certificates field.
4 Select Reset System.
The RealPresence Group system restarts after deleting all installed certificates and CRLs.
To Next Page
Loading...
Need help?
General
