Remote monitoring option key works ... along with TC7.3.3 .

Question I have now is how does one control the remote monitoring?

Used to have an option to enable or disable this feature on demand?

I am looking on my EX60 and don't see the option to enable or disable it on demand ???

That feature should still be available even if one wants to have the remote monitoring capability ...

Or am I looking in the wrong place on my browser.

The whole point I think your missing is that it should NOT be Cisco's job to unilaterally thrown down some obscure mandate for the masses based on some farcical sense or responsibility (yes, its a bit of a Monty Python reference). Why not force all of your switches to ONLY use x.509 certificates for authenticating devices?

Supreme executive power should be derived by those who are employed to make those very decisions - i.e. US!

Just for kicks, https://www.youtube.com/watch?v=dOOTKA0aGI0

Help, help, we're being repressed :)

"Some countries also have legislation around video surveillance, where it is not legal to do any type of video surveillance unless the people being under surveillance are notified."

We have large signs in all of our rooms where we have video surveillance in place, i.e. computer labs etc - we could very easily, and quickly, put these signs in our telepresence teaching spaces as well - which would take care that particular requirement - so your point doesn't really hold water....

/jens

Thanks Roger, but that's a very limited view.

"Some" countries have legislation around video surveillance, but there are many that don't, or those that allow it.  So why should the rest of the world be limited by the "some" that don't allow it.

And, as the web snapshot functionality has been there for many years in the old state, and is still there on other model endpoints in that old state, I can't see why it's being crippled so much in the later versions of software on the newer devices, especially for those of us that have relied on the use of that feature.

Also, as I and others have mentioned here, and in the SR I have previously mentioned (631997469), many of us use the Integrator codecs for other purposes than straight video conferencing, so, it would be great if the websnapshot functionality was returned to the previous behaviour for at least the Integrator codecs (C Series, SX80), or there was a way to turn the new privacy message off for those usage scenarios that do not support it.

If this can't be done, I'm sure that there are a few of your larger customers that are going to start looking further in to your competitor's products (we don't currently have any viewing issues on the Polycom endpoints)..

Wayne
--
Please remember to rate responses and to mark your question as answered if appropriate.

"In worst case you can imagine someone previewing confidential information on their PC and they don't know that others are watching"

That would mean encryption would've been turned off as well, isn't snapshots disabled in secure calls?

/jens

There is the possibility that the administrator could view the PC (if it's connected up as a Presentation Source, even when not in a call, but yes, in an encrypted call, the snapshots of the remote end are disabled, but from my testing, I'm still able to see the local end, and the presentation source - which is a good thing in my environment.

Wayne
--
Please remember to rate responses and to mark your question as answered if appropriate.

The snapshot warning wouldn't be so bad, if it weren't so huge, and let's just add more icons on the screen why don't we too. After all, we already have mute, Proximity, encryption, and now snapshots.. and there might be more. It's a distraction to have all these icons appearing into the screen in front of someone speaking, even if for just a few seconds, then you have everyone freaking out trying to figure out what is going on to their conference, which can also lead to bad user experiences.

I think if someone takes the necessary steps to insure their users know they might or are being monitored, be it signs in the room or something, then why have it displayed on the screen.  If anything, get rid of the text, if not that, then don't make it so intrusive.  If you have to have a message, shorten it up and to the point like "Admin Monitoring Conference" or something.  Or make the timing of the message configurable, right now it stays on screen for what seems like forever.

One last point, if you have an MCU in the mix, you have the ability to view the snapshots their as well. This is not always the most convenient place to view but, eradicates the senseless pointers suggesting that snapshots on the device need to be further policed.

Cheers

Chris

Hi Roger,

We have around 70 endpoints at different sites and all of them are spread across Austrlia. Many of the sites are unmanned and in remote locations and snapshot is the greatest tool to monitor those. 

Recently we had a complaint regarding some issues in the middle of a day long board meeting, the endpoint in question was in Perth in western Australia in a unmanned site and one of the board of directors was joining the call from there. Had it not been for the snapshot, we would be in real trouble fixing the issue.

If we as administrators, cannot even monitor our systems remotely and have to send some resource to the site for that, it consumes lot of time for troubleshooting and not very convenient always.

I understand Cisco's point and concerns about security, but you cannot undermine the convenience of snapshot for remote monitoring and troubleshooting of systems. Why cant you lock the snapshot option with a password (different than the admin password)? So that anyone who has the snapshot password is only  authorized to view it. For all other users (even the admin login), it would look disabled?

Regards,

-Deepti

Hi Deepti,

I think you may have misunderstood the issue here.

The snapshot is still there - it hasn't been removed completely.

The big problem for my deployment, and those by others complaining in this thread, are about the large intrusive message that appears across the screen, and the constant need to keep clicking on the browser to keep the displaying the snapshot (about every 5 seconds).  As well as the fact that the icon seems to stay on the screen for a prolonged period even after the administrator stops viewing the snapshots.

We also had a custom web page which pulled snapshots from a number of our devices and displayed them all on one screen.  This was very handy to see which rooms were in use and to identify issues with incorrect camera placement before the devices were used in anger.  With TC7.2, we have not been able to see the image from any device that is in Standby, and, now with TC7.3, we don't get an image at all when using the same URL (http://<IP Address of Endpoint>/websnapshot/get).  The last software release that allows us to use all the functionality as we've been using it for many years is TC7.1 - but, obviously with all the bug fixes, we need to migrate to a newer version, but at the moment, we can't due to the change in functionality. 

The main issue is the large intrusive on-screen message and icon - if these could be disabled (via a template, via the remotesupport accouunt, stopping the websnapshot from being applied remotely again, or any other "secure" method) we'd be happy again.

Wayne
--
Please remember to rate responses and to mark your question as answered if appropriate.

Thanks Jens,  That mirrors what I've seen here.  It's a very annoying and intrusive message, and the fact the icon stays on the screen indicating someone is watching for 10 minutes, even after you stop viewing it, gives the end user a completely false impression that you're watching, even though you may not be any more.

With the numbers of issues we've been finding in these more recent software releases (not only this issue, but a number of others) it makes you wonder sometimes if they even test some of this stuff before pushing it out to the customers?

For those that haven't seen it yet, I've attached a photo of an EX90 showing the on-screen message.  I haven't tried on a device with a lower screen resolution, but expect that the message could be even bigger / more intrusive at say 1024x768 on an older screen/projector.

Wayne
--
Please remember to rate responses and to mark your question as answered if appropriate.

Wow, talk about taking up the screen, on a personal desktop endpoint that will freak someone out when that just out of no where appears. Worst part on the EX Series, it's so large and obtrusive, it can easily kill a conversation and put someone off.

This image is taken from a C20. It's a snapshot of the OSD, resolution is 1080p.