24
D13898.08
MAY 2009
TANDBERG
CONTENT SERVER
ADMINISTRATOR GUIDE
Table of
Contents
Introduction
Installation
Quick Setup
TCS
Administration
Backing up and
Restoring
Administrator
Settings
Conference
Setup
View
Conferences
Appendices
Product Registration, Security Updates and Security Certificate
Product Registration
You need to register the product if you would
like to receive an email from TANDBERG
Constant Care Services when updates to the
TANDBERG Content Server become available.
You can register using the Registration Card
provided with your Content Server or via the
web at
www.tandberg.com/register
.
You can also check the following ftp site for all
available downloads:
http://ftp.tandberg.com/pub/software/
content_server/
Security Updates
All relevant security updates for the
TANDBERG Content Server are available from
the following ftp site:
http://ftp.tandberg.com/
pub/software/device_security/
.
IT IS IMPORTANT THAT YOU DOWNLOAD AND
INSTALL THE MOST RECENT SECURITY UPDATE
FOR EACH YEAR FROM THE TANDBERG FTP
SITE BEFORE USING THIS PRODUCT. YOU
SHOULD ALSO CHECK THIS SITE REGULARLY
TO SEE IF NEW SECURITY UPDATES ARE
AVAILABLE. ALL SECURITY UPDATES RELEVANT
TO THE Content Server ARE CUMULATIVE
THROUGHOUT THE CALENDAR YEAR.
Security Certificate Management
Content Server software upgrades and security updates need to be installed using Remote
Desktop Connection.
Remote Desktop Connection is also used for:
•
Backing up the Content Server. See also the
Backing Up and Restoring
section.
•
Changing the default media storage location. See also the
Media Storage Location
section.
•
Installing the Security Certificate. See the
Security Management
section.
For more information about Remote Desktop Connection, see
Appendix 4: Using Remote Desktop
.
About Remote Desktop Connection
The TANDBERG Content Server has implemented SSL (Secure Sockets Layer) protocol for sending
user authentication information (username and password) in a secure way at user log in. The SSL
implementation means that the Content Server website needs to establish its credentials with the
user’s browser through an electronic document known as a security certificate.
Each TANDBERG Content Server is shipped with a self signed certificate issued by TANDBERG,
which is valid for a year. As TANDBERG is not a trusted Certificate Authority, when users try to log in
to the Content Server, most browsers will display a message that the identity of the site could not
be verified. Users may add the Content Server to the Trusted sites list in Internet Explorer or add an
exception in Firefox to avoid getting error messages at log in.
Once the original Content Server certificate has expired, browsers will display another warning,
in addition to any previous warning related to self-signed certificates that are installed. A new
certificate request can be generated using the IIS certificate wizard. Once this request is
generated, another self signed certificate may be created, using a third party tool, or this request
can be forwarded to a certificate issuing authority.
TANDBERG recommends purchasing a security certificate from a certificate issuing authority that
has a trusted relationship back to a root authority, such as VeriSign or Comodo. These credentials
are most likely to be trusted by browsers, removing the need to add the Content Server to the list
of trusted sites. This certificate needs to be generated against the Windows machine name or the
DNS entry associated with the IP address that the TCS is using.
The security certificate must be installed for the TCS default website. You may also install it for the
Windows Media Administration website and the Windows Server Administration website to avoid
getting security warnings when administrators log in to those sites. Do NOT remove the expired
certificate, as this will result in the HTTPS service being unavailable, preventing any logon attempts.
Example of an invalid security certificate warning in Internet Explorer: