Lifesize Icon conference room systems support port-based mutual authentication based on the IEEE 802.1x standard using the EAP-TLS subprotocol. IEEE 802.1x enhances security and deployment by providing support for centralized user identification, authentication and dynamic key management.
The IEEE 802.1x standard provides port-based authentication involving communications between a supplicant, an authenticator (an 802.1x-capable Ethernet switch in this application) and an authentication server. By default, 802.1x authentication is disabled on Lifesize Icon conference room systems.
Before you enable this feature, ensure that your environment meets the following prerequisites:
- The authentication server is installed with the CA certificate, the server certificate and the server certificate private key
- The authenticator is configured to access the authentication server and to allow one or more of its ports to provide 802.1x access control
- A certificate authority has produced a CA certificate, a client certificate, a client key and a client key passphrase (optional) for the Lifesize Icon conference room system
To enable 802.1x authentication:
- Log in to the web interface and select Preferences > Network.
- Scroll down to 802.1x Authentication. Select the checkbox to enable.
- Add files:
- Certificate PEM File
- CA PEM File
- Key PEM File
- Type in your Client Key Private Key Passphrase (optional).
- Select Save.
- You will be prompted to confirm the changes, and then the network interface will restart and you will need to relaunch your browser. When you are ready, select Yes.