23
D13898.07
NOVEMBER 2008
TANDBERG CONTENT SERVER
ADMINISTRATOR GUIDE
Table of
Contents
Introduction Installation Quick Setup
TCS
Administration
Backing up and
Restoring
Administrator
Settings
Conference
Setup
View
Conferences
Appendices
Product Registration, Security Updates and Security Certicate
Product Registration
You need to register the product if you would
like to receive an email from TANDBERG
Constant Care Services when updates to the
TANDBERG Content Server become available.
You can register using the Registration Card
provided with your Content Server or via the
web at
www.tandberg.com/register.
You can also check the following ftp site for all
available downloads:
http://ftp.tandberg.com/pub/software/
content_server/
Security Updates
All relevant security updates for the
TANDBERG Content Server are available from
the following ftp site: http://ftp.tandberg.com/
pub/software/device_security/.
IT IS IMPORTANT THAT YOU DOWNLOAD AND
INSTALL THE MOST RECENT SECURITY UPDATE
FOR EACH YEAR FROM THE TANDBERG FTP
SITE BEFORE USING THIS PRODUCT. YOU
SHOULD ALSO CHECK THIS SITE REGULARLY
TO SEE IF NEW SECURITY UPDATES ARE
AVAILABLE. ALL SECURITY UPDATES RELEVANT
TO THE Content Server ARE CUMULATIVE
THROUGHOUT THE CALENDAR YEAR.
Security Certicate Management
Content Server software upgrades and security updates need to be installed using Remote
Desktop access.
Remote Desktop access is also used for:
Backing up the Content Server. See also the
•
Backing Up and Restoring section.
Changing the default media storage location. See also the
•
Media Storage Location section.
Installing the Security Certicate. See the
•
Security Management section.
For more information about Remote Desktop access, see Appendix 5: Using Remote Desktop.
About Remote Desktop
The TANDBERG Content Server has implemented SSL (Secure Sockets Layer) protocol for sending
user authentication information (username and password) in a secure way at user log in. The SSL
implementation means that the Content Server website needs to establish its credentials with the
user’s browser through an electronic document known as a security certicate.
Each TANDBERG Content Server is shipped with a self signed certicate issued by TANDBERG,
which is valid for a year. As TANDBERG is not a trusted Certicate Authority, when users try to log in
to the Content Server, most browsers will display a message that the identity of the site could not
be veried. Users may add the Content Server to the Trusted sites list in Internet Explorer or add an
exception in Firefox to avoid getting error messages at log in.
Once the original Content Server certicate has expired, browsers will display another warning,
in addition to any previous warning related to self-signed certicates that are installed. A new
certicate request can be generated using the IIS certicate wizard. Once this request is
generated, another self signed certicate may be created, using a third party tool, or this request
can be forwarded to a certicate issuing authority.
TANDBERG recommends purchasing a security certicate from a certicate issuing authority that
has a trusted relationship back to a root authority, such as VeriSign or Comodo. These credentials
are most likely to be trusted by browsers, removing the need to add the Content Server to the list
of trusted sites. This certicate needs to be generated against the Windows machine name or the
DNS entry associated with the IP address that the TCS is using.
The security certicate must be installed for the TCS default website. You may also install it for the
Windows Media Administration website and the Windows Server Administration website to avoid
getting security warnings when administrators log in to those sites. Do NOT remove the expired
certicate, as this will result in the HTTPS service being unavailable, preventing any logon attempts.
Example of an invalid security certicate warning in Internet Explorer: