AudioCodes C455HD Series - Audiocodes Device Manager Validation; Sandboxing; Device File System; Keystore

AudioCodes C455HD Series

124 pages

To Next Page

To Next Page

To Previous Page

To Previous Page

Loading...

CHAPTER1 Overview

C455HD | Users & Administrator's Manual

■ MicrosoftTeamsAdminCenter(forNativeTeamsdevices)overHTTPSprotocols,enabled

afterasuccessfulsign-inauthenticationprocess.

■ AudioCodesDeviceManager(partofAudioCodes'OVOCsuite)overHTTPS.

■ DebugginginterfaceoverSSH.NotethatSSHmustbedisabledbydefaultandenabledonly

perspecificcasefordebuggingpurposesonly.

AudioCodes Device Manager Validation

TheAudioCodesNativeTeamsdevicesvalidatetheAudioCodesDeviceManageridentityusinga

knownRootCA:

■ ThedeviceisshippedwithknownRootCAsinstalled.SeeAudioCodesRootCACertificate

onthenextpage.

■ Fortheinitialconnection,theAudioCodesDeviceManageraccessesdevicesusingaknown

CA.

■ Onceasuccessfulsecuredconnectionhasbeenestablishedbetweenthedeviceandthe

DeviceManager,theusercanreplacetheRootCAontheDeviceManagerandonthe

phone,andre-establishtheconnectionleveraginganyPrivateRootCA.

Sandboxing

AudioCodesNativeTeamsdevicesuseAndroidApplicationSandboxsothateachapplication

canaccessitsowndataandisisolatedfromotherapplications.Thispreventsamaliciousapp

fromaccessingthecodeorthedataofotherapplicationsinthesystem.

Device File System

TheAudioCodesNativeTeamsdevice'sfilesystemisencryptedon455HDdevices.Customers

mayenforceapolicyofdeviceencryptionviaMicrosoft'scloud-basedIntuneservice.

Keystore

WithAudioCodesNativeTeamsdevices,thecertificatekeysareencryptedonthedevicefile

system.

Device Certificate

AudioCodesNativeTeams devices are  shipped with a  unique certificate which is  signed by

AudioCodesRootCA.Networkadministratorscaninstallathird-partycertificateontheTeams

phone  in  the  customer’s  trusted  environment.  Network  administrators  should  follow  the 

followingguidelineswhenreplacingtheexistingtrustedCAs:

■ ThedevicecertificateURLwillonlybevalidifnoSCEPserverURLispresent

■ Usethefollowingtwoparameterstosetthedevicecertificateinthephone'sconfiguration

file:

● security/device_certificate_url=http://<server-ip>/device.crt

- 8 -

Table of Contents

Related product manuals

Preview: AudioCodes C455HD

AudioCodes C455HD

Preview: AudioCodes C450HD

AudioCodes C450HD

Preview: AudioCodes C435

AudioCodes C435

Preview: AudioCodes C470HD

AudioCodes C470HD

Preview: AudioCodes C435HD

AudioCodes C435HD

Preview: AudioCodes C448HD

AudioCodes C448HD

Preview: AudioCodes 405

Preview: AudioCodes 405HD

AudioCodes 405HD

Preview: AudioCodes 450HD

AudioCodes 450HD

Preview: AudioCodes 420HD

AudioCodes 420HD

Preview: AudioCodes 440HD

AudioCodes 440HD

Preview: AudioCodes 400HD Series

AudioCodes 400HD Series