Skip to end of banner
Go to start of banner

new.Brand-specific security settings

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 5 Next »

Select the provisioning and management protocol for each brand within your tenants by modifying the brand-specific security settings.

https://www.youtube.com/watch?v=vsyZepBnBP0

With brand-specific security settings, you can select the provisioning and management protocol for each brand within your tenants. This feature must be configured by Phonism support.

The supported protocol options include:

  • HTTPS

  • MTLS (Mutual TLS) 

  • HTTP

  • DEFAULT - If DEFAULT is configured, the system communicates by the protocol used in the device's request. Most manufacturers use HTTPS.

CONFIGURE

You can configure these settings per tenant.

  1. Click the Tenants tab.

  2. Find the tenant you’d like to modify these settings for and click Edit in the Actions column.

  3. Scroll down to Brand Specific Security Settings.

  4. Make your edits and click Save.

The brand security is active on the next provisioning time of the device.

image-20240730-210946.png

MTLS LIMITATIONS

  • Currently, MTLS (Mutual TLS) is only supported for PolycomYealink, and Cisco brands. 

  • Support for MTLS in these brands is specific to the firmware version the device is running. Some older firmware versions of the brand may not support it.
    Phonism supports versions according to the documentation provided by the device vendor.

  • When MTLS is selected for a brand, any device of that brand is expected to provide a client certificate, which is baked into the device’s firmware.

  • For the case when the tenant is configured with MTLS for a brand but a specific device of that brand on that tenant does not support MTLS, then the device is allowed to provision over default transport.

  • Currently, MTLS is not supported with whitelabel domains.

LOGS AND MONITORING

MTLS status

In the phones list, you can see which devices are successfully or unsuccessfully connected via MTLS.

  1. Select the Phones tab to see the MTLS status.

  2. See the connection status in the State column.

A Green or Blue badge indicates success, and a Red badge indicates failure.

image-20240730-211025.png

MTLS functionality

You can view the MTLS functionality from the Logs page. Requests from devices are logged and listed with the protocol that was used to perform the request. In the example below, the request was performed (using MTLS). If it was performed via plain SSL/TLS it would show (using HTTPS) instead.

image-20240730-211047.png

Debug potential issues with MTLS

Device protocol/communications-related problems (mostly around MTLS) are logged and can be seen on the Logs page. To easily find which errors are regarding TLS errors for your devices, filter using the keyword “TLS.”

image-20240730-211108.png

  • No labels