<!DOCTYPE html
  PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns:jxb="http://java.sun.com/xml/ns/jaxb" xmlns:none="http://none"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><title>PlcmSecuritySettingsV2.json</title><meta http-equiv="X-UA-Compatible" content="IE=7"><style type="text/css"><!--@import url("https://staged.poly.com/clariti2/apidocs/3.8.0/representations/book_conversion_apr2012.css");--></style><link rel="stylesheet" type="text/css" href="../css/plcm-wadl-xsd.css"><!--
             [if IE]>
             <STYLE type="text/css">.altova-rotate-left-textbox{filter: progid:DXImageTransform.Microsoft.BasicImage(rotation=3)} .altova-rotate-right-textbox{filter: progid:DXImageTransform.Microsoft.BasicImage(rotation=1)} </STYLE>
             <![endif]
          --><!--[if !IE]><!--><style type="text/css">.altova-rotate-left-textbox{-webkit-transform: rotate(-90deg) translate(-100%, 0%); -webkit-transform-origin: 0% 0%;-moz-transform: rotate(-90deg) translate(-100%, 0%); -moz-transform-origin: 0% 0%;-ms-transform: rotate(-90deg) translate(-100%, 0%); -ms-transform-origin: 0% 0%;}.altova-rotate-right-textbox{-webkit-transform: rotate(90deg) translate(0%, -100%); -webkit-transform-origin: 0% 0%;-moz-transform: rotate(90deg) translate(0%, -100%); -moz-transform-origin: 0% 0%;-ms-transform: rotate(90deg) translate(0%, -100%); -ms-transform-origin: 0% 0%;}</style><!--<![endif]--><style type="text/css">@page { margin-left:0.60in; margin-right:0.60in; margin-top:0.79in; margin-bottom:0.79in } @media print { br.altova-page-break { page-break-before: always; } }</style></head><body><h1><span>PlcmSecuritySettingsV2</span></h1><dl style="margin-left: 18.000pt;"><dt><span><a name="plcm-cipher" href="plcm-security-settings-v2.json.htm#PlcmCipher">PlcmCipher</a></span></dt><dd><p>
        Represents a single security cipher and its configuration (enabled, disabled, allowed for FIPS, etc...).
      </p></dd><dt><span><a name="plcm-security-settings-v2" href="plcm-security-settings-v2.json.htm#PlcmSecuritySettingsV2">PlcmSecuritySettingsV2</a></span></dt><dd><p>
        Security settings switch between enhanced security mode and a custom security mode in
        which one or more insecure capabilities are allowed. 
        Content-Type: application/vnd.plcm.plcm-security-settings-v2+xml.
        All attributes are used in ETag calculation except for entity-tag and atom-links.
      </p></dd></dl><hr><h4><a name="PlcmSecuritySettingsV2"><span>PlcmSecuritySettingsV2 Fields</span></a></h4><table style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; " rules="all"><thead style="background-color:#ccc; "><tr bgcolor="#d2d2d2"><th style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:2.50in; "><span>Name</span></th><th style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:3in; "><span>Type</span></th><th style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:4.50in; "><span>Description</span></th><th style="border-color:black; border-style:solid; border-width:1 px; width:4.50in; "><span>Attributes</span></th></tr></thead><tbody><tr style="top:auto; vertical-align:top; "><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:2.50in; "><span>atomLinkList&nbsp;</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:3in; "><span>Array of </span><a href="https://staged.poly.com/clariti2/apidocs/3.8.0/representations/atom.json.htm#link">Link</a></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:4.50in; "><span>See Definition of&nbsp;</span><span>Link</span></td><td style="border-color:black; border-style:solid; border-width:1 px; width:4.50in; "></td></tr><tr style="top:auto; vertical-align:top; "><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:2.50in; "><span>signalingCiphers</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:3in; "><span>Array of </span><a href="plcm-security-settings-v2.json.htm#PlcmCipher">PlcmCipher</a></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:4.50in; "></td><td style="border-color:black; border-style:solid; border-width:1 px; width:4.50in; "></td></tr><tr style="top:auto; vertical-align:top; "><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:2.50in; "><span>managementCiphers</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:3in; "><span>Array of </span><a href="plcm-security-settings-v2.json.htm#PlcmCipher">PlcmCipher</a></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:4.50in; "></td><td style="border-color:black; border-style:solid; border-width:1 px; width:4.50in; "></td></tr><tr style="top:auto; vertical-align:top; "><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:2.50in; "><span>securityMode</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:3in; "><a href="plcm-security-settings-v2.json.htm#SecurityMode">SecurityMode</a></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:4.50in; ">

              ENHANCED security mode is the recommended setting for normal operation.
              CUSTOM security mode enables one or more of the unsecured methods of network access allow secure protocol tlsv11s
              listed below in leaf nodes.
            </td><td style="border-color:black; border-style:solid; border-width:1 px; width:4.50in; "><span>Mandatory</span></td></tr><tr style="top:auto; vertical-align:top; "><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:2.50in; "><span>allowLinuxConsoleAccess</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:3in; "><span>boolean</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:4.50in; ">
              Enables the Linux remote user account to log into the system using SSH. This direct
              Linux access isn’t needed for normal operation, routine maintenance, or even
              troubleshooting, all of which can be done through the administrative GUI.
              In extreme circumstances, this option might enable expert Polycom Global
              Services personnel to more fully understand the state of a troubled system or
              correct problems. Enable this option only when asked to do so by Polycom
              Global Services.
              Note :- If this field remains null then it will automatically set to default value i.e. True.
              Action required for the change to take effect :- none.
            </td><td style="border-color:black; border-style:solid; border-width:1 px; width:4.50in; "></td></tr><tr style="top:auto; vertical-align:top; "><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:2.50in; "><span>allowSshRootAccess</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:3in; "><span>boolean</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:4.50in; ">
              Enables an authorized system root user to log into the system using an SSH connection. This low-level
              direct access is not required for normal daily operation, routine maintenance, or even standard
              troubleshooting, all of which can be done through the administrative GUI.
              In certain situations, enabling this option may assist Polycom Global Services personnel in more
              fully understanding the state of a troubled system or correcting problems.
              You may wish to enable this option only when asked to do so by Polycom Global Services.
              Note: If this field remains null then it will automatically be set to the default value (True for
              Core configuration; False for Edge configuration).
              Action required for the change to take effect: None.
            </td><td style="border-color:black; border-style:solid; border-width:1 px; width:4.50in; "></td></tr><tr style="top:auto; vertical-align:top; "><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:2.50in; "><span>sshIdleTimeout</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:3in; "><span>int</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:4.50in; ">
              Number of seconds before an idle SSH connection will be closed.  
              The value must be greater than zero if provided or else a default will be chosen by the system.
              It is up to the server whether the provided value will be adheared to or not, and/or how strictly, and 
              no warning/error/status will be provided.
            </td><td style="border-color:black; border-style:solid; border-width:1 px; width:4.50in; "></td></tr><tr style="top:auto; vertical-align:top; "><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:2.50in; "><span>unencryptedEnterpriseDirectoryAccessAllowed</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:3in; "><span>boolean</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:4.50in; ">
              Select to specify that endpoints whose status is Inactive (that is, their
              registrations have expired) are deleted from the system after the specified
              number of days.Some dial rule actions, such as Resolve to registered endpoint, can route
              calls to endpoints with an inactive registration. Deleting the registration record
              is the only way to prevent resolution to an inactive endpoint.
              Note :- If this field remains null then it will automatically set to default value i.e. False.
              Action required for the change to take effect :- none.
            </td><td style="border-color:black; border-style:solid; border-width:1 px; width:4.50in; "></td></tr><tr style="top:auto; vertical-align:top; "><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:2.50in; "><span>unencryptedMcuAccessAllowed</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:3in; "><span>boolean</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:4.50in; ">
              The Polycom RealPresence DMA system uses only HTTPS for the
              conference control connection to RealPresence Collaboration Server or RMX 
              MCUs, and therefore can’t control an MCU that accepts only HTTP (the
              default). This option enables the system to fall back to HTTP for MCUs not
              configured for HTTPS.Recommend configuring your MCUs to accept encrypted connections
              rather than enabling this option. When unencrypted connections are used, the
              RealPresence Collaboration Server or RMX login name and password are
              sent unencrypted over the network.
              Note :- If this field remains null then it will automatically set to default value i.e. True.
              Action required for the change to take effect :- none.
            </td><td style="border-color:black; border-style:solid; border-width:1 px; width:4.50in; "></td></tr><tr style="top:auto; vertical-align:top; "><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:2.50in; "><span>httpCalendarNotificationsAllowed</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:3in; "><span>boolean</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:4.50in; ">
              If calendaring is enabled, the Polycom RealPresence DMA system
              gives the Microsoft Exchange server an HTTPS URL to which the Exchange
              server can deliver calendar notifications. In that case, the Polycom
              RealPresence DMA system must have a certificate that the Exchange server
              accepts in order for the HTTPS connection to work.allow secure protocol tlsv11
              If this option is selected, the Polycom RealPresence DMA system does not
              require HTTPS for calendar notifications.
              Recommend installing a certificate trusted by the Exchange server and
              using an HTTPS URL for notifications rather than enabling this option.
              Note :- If this field remains null then it will automatically set to default value i.e. False
              Action required for the change to take effect :- none.
            </td><td style="border-color:black; border-style:solid; border-width:1 px; width:4.50in; "></td></tr><tr style="top:auto; vertical-align:top; "><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:2.50in; "><span>basicCalendarAuthAllowed</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:3in; "><span>boolean</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:4.50in; ">
              If calendaring is enabled, the Polycom RealPresence DMA system
              authenticates itself with the Exchange server using NTLM authentication.
              If this option is selected, the Polycom RealPresence DMA system still
              attempts to use NTLM first. But if that fails or isn’t enabled on the Exchange
              server, then the RealPresence DMA system falls back to HTTP Basic
              authentication (user name and password).
              We recommend using NTLM authentication rather than enabling this option.
              In order for either NTLM or HTTP Basic authentication to work, they must be
              enabled on the Exchange server.
              Note :- If this field remains null then it will automatically set to default value i.e. False.
              Action required for the change to take effect :- none.
            </td><td style="border-color:black; border-style:solid; border-width:1 px; width:4.50in; "></td></tr><tr style="top:auto; vertical-align:top; "><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:2.50in; "><span>nonFipsCipherAllowed</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:3in; "><span>boolean</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:4.50in; ">
              When true, non-FIPS ciphers are allowed. 
              Non-FIPS ciphers are not allowed when false.
              Note :- If this field remains null then it will automatically set to default value, which is true.
              Action required for the change to take effect :- application restart.
            </td><td style="border-color:black; border-style:solid; border-width:1 px; width:4.50in; "></td></tr><tr style="top:auto; vertical-align:top; "><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:2.50in; "><span>skipServerCertValidation</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:3in; "><span>boolean</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:4.50in; ">
              When the Polycom RealPresence DMA system connects to a
              server, it validates that server’s certificate.
              This option configures the system to accept any certificate presented to it
              without validating it.allow secure protocol tlsv11
              Recommend using valid certificates for all servers that the system may
              need to contact rather than enabling this option. Depending on system
              configuration, this may include:
              MCUs
              Active Directory
              Exchange
              RealPresence Resource Manager or CMA system
              Other RealPresence DMA systems
              Endpoints
              Note: Either the Common Name (CN) or Subject Alternate Name (SAN) field
              of the server’s certificate must contain the address or host name specified for
              the server in the Polycom RealPresence DMA system.
              Polycom MCUs don't include their management IP address in the SAN field of
              the CSR (Certificate Signing Request), so their certificates identify them only
              by the CN. Therefore, in the Polycom RealPresence DMA system, a Polycom
              MCU's management interface must be identified by the name specified in the
              CN field (usually the FQDN), not by IP address.
              Similarly, an Active Directory server certificate often specifies only the FQDN.
              So in the Polycom RealPresence DMA system, identify the enterprise
              directory by FQDN, not by IP address.
              Note :- If this field remains null then it will automatically set to default value i.e. True.
              Action required for the change to take effect :- none.
            </td><td style="border-color:black; border-style:solid; border-width:1 px; width:4.50in; "></td></tr><tr style="top:auto; vertical-align:top; "><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:2.50in; "><span>skipCallSignalingCert</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:3in; "><span>boolean</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:4.50in; ">
              During encrypted call signaling (SIP over TLS), the Polycom
              RealPresence DMA system requires the remote party (endpoint or MCU) to
              present a valid certificate. This is known as mTLS or two-way TLS.allow secure protocol tlsv11
              This option configures the system to accept any certificate (or none).
              Recommend installing valid certificates on your endpoints and MCUs
              rather than enabling this option.
              Note :- If this field remains null then it will automatically set to default value i.e. True.
              Action required for the change to take effect :- none.
            </td><td style="border-color:black; border-style:solid; border-width:1 px; width:4.50in; "></td></tr><tr style="top:auto; vertical-align:top; "><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:2.50in; "><span>allowANonEvents</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:3in; "><span>boolean</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:4.50in; ">
              The SIP SUBSCRIBE/NOTIFY conference notification service (as described
              in RFCs 3265 and 4575), allows SIP devices to subscribe to a conference and
              receive conference rosters and notifications of conference events. Normally,
              the subscribing endpoints are conference participants.
              This option configures the system to let devices subscribe to a conference
              without being participants in the conference.
              Note: A subscription to a conference by a non-participant consumes a call
              license. Call history doesn’t include data for non-participant subscriptions.
              Note :- If this field remains null then it will automatically set to default value i.e. True.
              Action required for the change to take effect :- none.
            </td><td style="border-color:black; border-style:solid; border-width:1 px; width:4.50in; "></td></tr><tr style="top:auto; vertical-align:top; "><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:2.50in; "><span>skipLoginCert</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:3in; "><span>boolean</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:4.50in; ">
              This option may be configured in any security mode.
              If this option is turned off, you can only connect to the Polycom RealPresence
              DMA system if your browser presents a client certificate issued by a CA that
              the system trusts (this is known as mTLS for administrative connections).
              Turn this option off only if:
              You’ve implemented a complete public key infrastructure (PKI) system,
              including a CA server, client software (and optionally hardware, tokens, or
              smartcards), and the appropriate operational procedures.
              The CA’s public certificate is installed in the Polycom RealPresence DMA
              system so that it trusts the CA.
              All authorized users, including yourself, have a client certificate signed by
              the CA that authenticates them to the Polycom RealPresence DMA system.
              Note :- If this field remains null then it will automatically set to default value i.e. True.
              Action required for the change to take effect :- none.
            </td><td style="border-color:black; border-style:solid; border-width:1 px; width:4.50in; "></td></tr><tr style="top:auto; vertical-align:top; "><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:2.50in; "><span>ipv6DstUnreachable</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:3in; "><span>boolean</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:4.50in; ">
              This option may be configured in any security mode.
              If this option is off, the Polycom RealPresence DMA system has an internal
              firewall rule that blocks outbound dallow secure protocol tlsv11estination unreachable messages.
              If this option is on, that firewall rule is disabled.
              Note: The Polycom RealPresence DMA system currently doesn’t send such
              messages, regardless of this setting.
              Note :- If this field remains null then it will automatically set to default value i.e. True.
              Action required for the change to take effect :- none.
            </td><td style="border-color:black; border-style:solid; border-width:1 px; width:4.50in; "></td></tr><tr style="top:auto; vertical-align:top; "><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:2.50in; "><span>ipv6EchoReply</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:3in; "><span>boolean</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:4.50in; ">
              This option may be configured in any security mode.
              If this option is off, the Polycom RealPresence DMA system doesn't reply to
              echo request messages sent to multicast addresses (multicast pings).
              If this option is on, the system responds to multicast pings.
              Note :- If this field remains null then it will automatically set to default value i.e. True.
              Action required for the change to take effect :- none.
            </td><td style="border-color:black; border-style:solid; border-width:1 px; width:4.50in; "></td></tr><tr style="top:auto; vertical-align:top; "><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:2.50in; "><span>ignoreSipPrivacyHeader</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:3in; "><span>boolean</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:4.50in; ">
              This option may be configured to ignore sip privacy header.
              Note :- If this field remains null then it will automatically set to default value i.e. False.
              Action required for the change to take effect :- none.
            </td><td style="border-color:black; border-style:solid; border-width:1 px; width:4.50in; "></td></tr><tr style="top:auto; vertical-align:top; "><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:2.50in; "><span>preventSipPrivacyCriticalFlagPropagation</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:3in; "><span>boolean</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:4.50in; ">
              This option may be configured to prevent sip privacy critical flag propagation.
              Note :- If this field remains null then it will automatically set to default value i.e. False.
              Action required for the change to take effect :- none.
            </td><td style="border-color:black; border-style:solid; border-width:1 px; width:4.50in; "></td></tr><tr style="top:auto; vertical-align:top; "><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:2.50in; "><span>allowSecureProtocolSslv3</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:3in; "><span>boolean</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:4.50in; ">
              This option may be configured to allow secure protocol sslv3.
              Note :- If this field remains null then it will automatically set to default value i.e. False.
              Action required for the change to take effect :- application restart.
            </td><td style="border-color:black; border-style:solid; border-width:1 px; width:4.50in; "></td></tr><tr style="top:auto; vertical-align:top; "><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:2.50in; "><span>allowSecureProtocolTlsv10</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:3in; "><span>boolean</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:4.50in; ">
              This option may be configured to allow secure protocol tlsv10.
              Note :- If this field remains null then it will automatically set to default value i.e. True.
              Action required for the change to take effect :- application restart.
            </td><td style="border-color:black; border-style:solid; border-width:1 px; width:4.50in; "></td></tr><tr style="top:auto; vertical-align:top; "><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:2.50in; "><span>allowSecureProtocolTlsv11</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:3in; "><span>boolean</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:4.50in; ">
              This option may be configured to allow secure protocol tlsv11.
              Note :- If this field remains null then it will automatically set to default value i.e. True.
              Action required for the change to take effect :- application restart.
            </td><td style="border-color:black; border-style:solid; border-width:1 px; width:4.50in; "></td></tr><tr style="top:auto; vertical-align:top; "><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:2.50in; "><span>allowSecureProtocolTlsv12</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:3in; "><span>boolean</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:4.50in; ">
              This option may be configured to allow secure protocol tlsv12.
              Note :- If this field remains null then it will automatically set to default value i.e. True
              Action required for the change to take effect :- application restart.
            </td><td style="border-color:black; border-style:solid; border-width:1 px; width:4.50in; "></td></tr><tr style="top:auto; vertical-align:top; "><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:2.50in; "><span>enforceTlsForLdap</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:3in; "><span>boolean</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:4.50in; ">
              This option is used to enforce TLS for LDAP
            </td><td style="border-color:black; border-style:solid; border-width:1 px; width:4.50in; "></td></tr><tr style="top:auto; vertical-align:top; "><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:2.50in; "><span>enableAccessProxyWhitelistAuth</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:3in; "><span>boolean</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:4.50in; ">
              This option is used to enable access proxy white list authentication for LDAP and XMPP access
            </td><td style="border-color:black; border-style:solid; border-width:1 px; width:4.50in; "></td></tr><tr style="top:auto; vertical-align:top; "><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:2.50in; "><span>allowBootingFromUsbOrOpticalDrive</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:3in; "><span>boolean</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:4.50in; ">
              This option may be configured to allow booting from the optical drive or a USB device.
              Note :- If this field remains null then it will automatically set to default value i.e. True.
              Note :- This setting does not apply to DMA Virtual Edition.
              Action required for the change to take effect :- system reboot.
            </td><td style="border-color:black; border-style:solid; border-width:1 px; width:4.50in; "></td></tr><tr style="top:auto; vertical-align:top; "><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:2.50in; "><span>lastModifiedBy</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:3in; "><span>string</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:4.50in; ">
              This option will keep track of last user to modify security settings, this is 
              read-only parameter.
            </td><td style="border-color:black; border-style:solid; border-width:1 px; width:4.50in; "></td></tr><tr style="top:auto; vertical-align:top; "><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:2.50in; "><span>minDheKeySizeInbound</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:3in; "><span>short</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:4.50in; ">
              The minimum Diffie-Helman Ephemeral key size to accept from clients and other servers when 
              negotiating TLS connections. Clients and other servers that use DHE keys smaller than this
              size will fail to connect.
            </td><td style="border-color:black; border-style:solid; border-width:1 px; width:4.50in; "></td></tr><tr style="top:auto; vertical-align:top; "><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:2.50in; "><span>dheKeySizeOutbound</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:3in; "><span>short</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:4.50in; ">
              The Diffie-Helman Ephemeral key size that the local server will use when negotiating TLS
              connections to other servers.
            </td><td style="border-color:black; border-style:solid; border-width:1 px; width:4.50in; "></td></tr><tr style="top:auto; vertical-align:top; "><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:2.50in; "><span>entityTag</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:3in; "><a href="plcm-security-settings-v2.json.htm#EntityTag">EntityTag</a></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:4.50in; ">
              The unique value generated from the server object instance. This value is the same value 
              that MUST be applied to the HTTP Entity Tag (ETag) header for a single instance of this object. 
              Client modification of this field is not allowed for this instance.
            </td><td style="border-color:black; border-style:solid; border-width:1 px; width:4.50in; "></td></tr></tbody></table><br><h4><a name="PlcmCipher"><span>PlcmCipher Fields</span></a></h4><table style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; " rules="all"><thead style="background-color:#ccc; "><tr bgcolor="#d2d2d2"><th style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:2.50in; "><span>Name</span></th><th style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:3in; "><span>Type</span></th><th style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:4.50in; "><span>Description</span></th><th style="border-color:black; border-style:solid; border-width:1 px; width:4.50in; "><span>Attributes</span></th></tr></thead><tbody><tr style="top:auto; vertical-align:top; "><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:2.50in; "><span>forProtocols</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:3in; "><span>Array of </span><a href="plcm-security-settings-v2.json.htm#SecureProtocols">SecureProtocols</a></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:4.50in; "></td><td style="border-color:black; border-style:solid; border-width:1 px; width:4.50in; "></td></tr><tr style="top:auto; vertical-align:top; "><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:2.50in; "><span>name</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:3in; "><span>string</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:4.50in; ">
              Textual name of the cipher suitable for display and/or labeling.
            </td><td style="border-color:black; border-style:solid; border-width:1 px; width:4.50in; "><span>Mandatory</span></td></tr><tr style="top:auto; vertical-align:top; "><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:2.50in; "><span>idName</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:3in; "><span>string</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:4.50in; ">
              Programatic identifier for the cipher that may or may not be the same as the name.
            </td><td style="border-color:black; border-style:solid; border-width:1 px; width:4.50in; "><span>Mandatory</span></td></tr><tr style="top:auto; vertical-align:top; "><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:2.50in; "><span>classes</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:3in; "><span>Array of </span><span>string</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:4.50in; ">
              Values (optional) that can be used to group similar ciphers (i.e. 3DES, RC4, AES, ECDH, ...).
            </td><td style="border-color:black; border-style:solid; border-width:1 px; width:4.50in; "></td></tr><tr style="top:auto; vertical-align:top; "><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:2.50in; "><span>enabled</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:3in; "><span>boolean</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:4.50in; ">
              States the particular cipher is enabled or disabled
            </td><td style="border-color:black; border-style:solid; border-width:1 px; width:4.50in; "><span>Mandatory</span></td></tr><tr style="top:auto; vertical-align:top; "><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:2.50in; "><span>isADefault</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:3in; "><span>boolean</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:4.50in; ">
              Is the cipher enabled in the default cipher set or not.
            </td><td style="border-color:black; border-style:solid; border-width:1 px; width:4.50in; "></td></tr><tr style="top:auto; vertical-align:top; "><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:2.50in; "><span>validForFips</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:3in; "><span>boolean</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:4.50in; ">
              Is the cipher valid for a FIPS configuration or not.
            </td><td style="border-color:black; border-style:solid; border-width:1 px; width:4.50in; "></td></tr></tbody></table><br><hr><h3><span>Nested Types/Restrictions</span></h3><br><table style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; " rules="all"><thead><tr bgcolor="#d2d2d2"><th style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:2.50in; "><span>Name</span></th><th style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:3in; "><span>Type</span></th><th style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:4.50in; "><span>Restrictions</span></th></tr></thead><tbody><tr style="top:auto; vertical-align:top; "><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:2.50in; "><a name="SecureProtocols"><span>SecureProtocols</span></a></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:3in; "><span>string</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:4.50in; "><br><span>Value must be one of:</span><ul><li><span style="top:auto; vertical-align:top;">TLS_1_3</span></li><li><span style="top:auto; vertical-align:top;">TLS_1_2</span></li><li><span style="top:auto; vertical-align:top;">TLS_1_1</span></li><li><span style="top:auto; vertical-align:top;">TLS_1_0</span></li><li><span style="top:auto; vertical-align:top;">SSL_V3</span></li></ul></td></tr><tr style="top:auto; vertical-align:top; "><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:2.50in; "><a name="EntityTag"><span>EntityTag</span></a></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:3in; "><span>string</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:4.50in; "><br><span>Length of value must be &gt;=</span><span>1</span><br><span>Length of value must be &lt;=</span><span>64</span></td></tr><tr style="top:auto; vertical-align:top; "><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:2.50in; "><a name="SecurityMode"><span>SecurityMode</span></a></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:3in; "><span>string</span></td><td style="border-collapse:collapse; border-color:black; border-style:solid; border-width:1px; width:4.50in; "><br><span>Value must be one of:</span><ul><li><span style="top:auto; vertical-align:top;">ENHANCED</span></li><li><span style="top:auto; vertical-align:top;">CUSTOM</span></li><li><span style="top:auto; vertical-align:top;">UNKNOWN</span></li></ul></td></tr></tbody></table></body></html>