No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Web Online Help

TE10 Videoconferencing Endpoint V600R019C00

This document describes the help information on the web interface.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Setting Security Parameters

Setting Security Parameters

Correct security settings on your endpoint improve the security level of video communication using your endpoint.

Procedure

  1. Choose System Settings > Security.
  2. Set the security parameters listed in Table 3-22.

    Table 3-22  Security parameters

    Parameter

    Description

    Setting

    Encryption

    Encryption

    Specifies whether media streams are encrypted. Encryption can be SRTP encryption.

    Enable this parameter to harden video communication security.

    • None: Media streams are not encrypted in any conditions.
    • Forced: Media streams are forcibly encrypted. Then, your endpoint can join only encrypted conferences. To ensure communication security, this option is recommended.
    • Auto: Your endpoint automatically determines an appropriate policy.
    NOTE:
    To hold encrypted conferences over SIP, set Transmission type to TLS or Auto under System Settings > Network > Registration.

    The default value is Auto.

    SSH/Telnet

    SSH

    Specifies whether to enable users to remotely log in to your endpoint using Secure Shell (SSH). SSH clients use ciphertext to communicate with the endpoint. The SSH login function is enabled, and a maximum of three concurrent SSH logins are allowed.

    The default value is Do not allow.

    Telnet login

    Specifies whether users can log in to your endpoint using Telnet to query system status and logs and maintain your endpoint.

    Change the password at your first login and keep your new password secret to prevent unauthorized logins.

    The default value is Do not allow.

    Using Telnet login may impose security risks. Exercise caution when setting this parameter.

    GUI

    Password

    Specifies whether to encrypt the Wizard screen on the remote control UI.

    To improve device security, set a password at your first login and regularly change the password afterward.

    The password contains a maximum of 32 characters.

    If you set this password to blank, no password is required when you access the Wizard screen on the remote control UI.

    NOTE:
    It is recommended that you set a complex password. A simple or empty password brings security risks.

    AirPresence

    Connection policy

    Specifies the way in which the AirPresence client connects to the endpoint. The options are as follows:
    • Projection code: Obtain the projection code from the remote control UI of the endpoint. Then enter the projection code in the text box on the home screen of the AirPresence mobile client or in the main window of the AirPresence PC client to connect to the endpoint. When Connection policy is set to Projection code, the AirPresence PC client cannot connect to the endpoint through the endpoint's IP address or URI.
    • IP+password: To connect to the endpoint, enter its IP address or URI in the text box in the main window of the AirPresence PC client.
    NOTE:
    • When Connection policy is set to IP+password, you can also use the AirPresence mobile client to scan the QR code on the remote control UI of the endpoint to connect to the endpoint.
    • The projection code can be generated by the endpoint itself or the EUA.

    The default value is Projection code.

    Projection code policy

    Specifies the policy based on which the local projection code is generated.
    • Auto: IP address displayed on the remote control UI of the endpoint.
    • Eth0: Ethernet IP address. No projection codes will be generated if the endpoint does not have an Ethernet IP address.
    • STA: IP address of the Wi-Fi client. No projection codes will be generated if the endpoint has the Wi-Fi client function disabled.
    • AP: IP address of the Wi-Fi hotspot. No projection codes will be generated if the endpoint has the Wi-Fi hotspot function disabled.
    NOTE:
    This parameter is available only when Connection policy is set to Projection code.

    The default value is Auto.

    AirPresence desktop password

    Specifies the password that the endpoint needs to authenticate when receiving a connection request from the AirPresence client installed on a PC.

    NOTE:
    This parameter is available only when Connection policy is set to IP+password.

    To improve device security, set a password at your first login and regularly change the password afterward.

    The password contains 8 to 64 characters. In addition, it must include at least two of the following: uppercase letters, lowercase letters, digits, and special characters.

    Password validity period

    Specifies the validity period of the password used by an AirPresence client to connect to your endpoint.

    NOTE:
    When Connection policy is set to Projection code, this parameter takes effect only for the local projection code.

    When Connection policy is set to Projection code, the default value of Password validity period is 10 minutes.

    When Connection policy is set to IP+password, the default value of Password validity period is 8 hours.

    AirPresence mobile password length

    Specifies the length of the password contained in the projection code displayed on the remote control UI of the endpoint.

    NOTE:
    This parameter is available only when Connection policy is set to Projection code. Set this parameter only for the local projection code.

    The default value is 6.

    Three options are available: 0, 2, and 6.

    EUA projection code complexity

    Specifies the complexity of the projection code displayed on the remote control UI of the endpoint. The options are as follows:
    • Auto: The endpoint automatically displays a simple or complex projection code at random.
    • Simple: The projection code contains only digits.
    • Complex: The projection code is a combination of digits and letters.

    The default value is Auto.

    Connection over Wi-Fi only

    After this function is enabled, only the device that is connected to the endpoint's Wi-Fi hotspot or whose IP address is in the whitelist can connect to the endpoint using the AirPresence client.

    The default value is Disable.

    Whitelist

    If the whitelist is empty, only the device that is connected to the endpoint's Wi-Fi hotspot can connect to the endpoint. If the endpoint is deployed on a public network, it is recommended that frequently used IP addresses or IP address segments be whitelisted to prevent network attacks.

    NOTE:

    You can whitelist IP addresses or IP address segments only after selecting Enable for Connection over Wi-Fi only.

    No IP address or IP address segment is whitelisted by default.

    Upgrade Password

    Upgrade password

    Specifies the password required to upgrade your endpoint software using the upgrade tool.

    To improve device security, set a password at your first login and regularly change the password afterward.

    The password contains 8 to 32 characters. In addition, it must include at least two of the following: uppercase letters, lowercase letters, digits, and special characters.

    Web Login

    Maximum login attempts

    Specifies the maximum number of attempts that you can enter incorrect passwords for any endpoint account or incorrect authentication passwords for connecting to the endpoint. When this number is reached, the endpoint automatically locks the account.

    The value can be 3, 5, or 10.

    The default value is 5.

    Lock time

    Specifies the duration an endpoint account will be locked. You can attempt to log in again only when this duration ends.

    The duration can be 5, 10, 15, 20, 30, or 60 minutes.

    The default value is After 5 min.

    HTTP

    To ensure data transmission security, the endpoint uses HTTPS to access its web pages by default.

    If a third-party interface uses HTTP to access the endpoint, set this parameter to Enable; otherwise, the interface cannot access the endpoint.

    The default value is Disable.

    Enable cookie for third-party API

    Specifies whether to enable cookies when a third-party application uses an API account to access your endpoint.

    The default value is Enable.

    Overtime

    Enable overtime

    Specifies the allowed idle time, exceeding which the current user will be automatically logged out. If you set this parameter to Disable, the endpoint will not log out users automatically.

    The default value is 1 h.

  3. Click Save.

    The settings take effect immediately.

Translation
Download
Updated: 2019-10-22

Document ID: EDOC1100044672

Views: 13867

Downloads: 16

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next