Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
566
Views
0
Helpful
4
Replies

VCS-E LDAP Deployment Discussion

Justin Ferello
Level 5
Level 5

‎05-09-2013 09:48 AM - edited ‎03-18-2019 01:05 AM

All,

For those of you that have VCS-Es deployed on the public internet or in a DMZ, do you utilize LDAP authentication for admin purposes?  If so how do you securely query your AD servers?

Is it safe to deploy the VCS-E in a DMZ and poke a hole from the DMZ to the LAN for the LDAP query?

Thank you,

Justin Ferello
Technical Support Specialist
KBZ, a Cisco Authorized Distributor
http://www.kbz.com
e/v: justin.ferello@kbz.com       

Thank you,
Justin Ferello
Technical Support Specialist, ScanSource KBZ
Labels:
0 Helpful
4 Replies 4

Jens Didriksen
Level 9
Level 9

‎05-09-2013 03:27 PM

VCS-E deployed in public, we do not use LDAP authentication for admin, only local database.

I've created a read-only account which the support staff can access, only problem I've found with that is that they can't use the tools.

/jens

Please rate replies and mark question(s) as "answered" if applicable.
0 Helpful

Justin Ferello
Level 5
Level 5
In response to Jens Didriksen

‎06-14-2013 09:02 AM

Jens,

Yeah, that would be problem.  This is kind of a huge issue for us.  There are two issues with this.

1) There are no password requirements or change frequencies on the local accounts unless you get the JITC key, but not sure we can get that or what other issues that may cause.

2) We have at least 5 admins and use LDAP for most of our systems, plus we force password changes at set intervals, so it creates more work for our admins.

Thank you,

Justin Ferello
Technical Support Specialist
KBZ, a Cisco Authorized Distributor
http://www.kbz.com
e/v: justin.ferello@kbz.com

Thank you,
Justin Ferello
Technical Support Specialist, ScanSource KBZ
0 Helpful

Martin Koch
VIP Alumni
VIP Alumni

‎06-14-2013 09:37 AM

I guess thats a question your person responsible for IT security should answer.

Please remember to rate helpful responses and identify

0 Helpful

Paulo Souza
VIP Alumni
VIP Alumni

‎06-14-2013 10:45 AM

Hi friends,

Let me give my opinion here:

What is the real need to operate VCSe? Monitor calls? Check registrations? Backup? You can do all these things via TMS. I dont think VCSe needs such operation that demands a LDAP integration.

Just my opinion...

Paulo Souza

Paulo Souza Was my response helpful? Please rate useful replies and remember to mark any solved questions as "answered".
0 Helpful
Customers Also Viewed These Support Documents