© 2016 Avaya Inc. All rights reserved. NDA Confidential; use pursuant to your agreement.
Release Notes for Avaya Scopia® XT Series What’s New | 57
Figure 36: IP Addresses can be changed with single save
Security Enhancements
Several security enhancements have been added in this version.
Certificate expiration alerts and configuration.
Certificate revocation status validation. [CEC-016:147434-07]
Certificate hostname validation. [CEC-016:147434-063]
Prevent use of wildcards in CSR. [CEC-016:147434-056.1]
Possibility to specify the minimum size of the DH encryption key. Default is 1028, but it
can be increased to 2048. AES 256 is also available. [CEC-017:147513-051.1]
Autocomplete is now disabled in web login page also for username. [CEC-019:147849-
160]
Disabled the possibility to follow a symbolic link in a web page [CEC-019:147849-200]
Possibility to change enabling of TLS 1.0/1.1 for SIP and Web separately. They are now
disabled by default [CEC-017:147513-080]
Security event logging. [CEC-015:147873-065]
TLS Client Support for Extended Hostname/Domain Validation [CEC-016:147434-063]
An encrypted PKCS #12 file format can now be used to import/export both the private
key and the corresponding certificate into the Codec Unit [CEC-016:147434-030]
Coded alarms are now present in the CS Package[CEC-004:147585-250 Fault Event
Content]
SSH Service hardening [CEC-019:147849-191]
Changed some Linux/Unix Networking parameters[CEC-019 147849-250.1]
Support for checking Certificate Revocation status. Received certificate check using
OCSP in SIP application. OCSP is the preferred mode. If OCSP is not supported by the
CA that has issued the certificate, CRL is used (if available).[CEC-016 147434-070]
Possibility to configure certificate validation based on ‘Key Usage’ or ‘Extended Key
Usage’ inclusion [CEC-016:147434-061]
Improved resilience to UDP flood attacks and SYN Flood Denial of Service attacks
Added Subject Alternative Name and Thumbprint info to viewable certificate details[CEC-
016:147434-010]
To Next Page
Loading...
