Linking Security to the ADECIA System

Linking Security to the ADECIA System

1. Function Overview

As conferencing systems are increasingly assigned IP values, it has become essential to have security functions for preventing unauthorized access to the network.
Yamaha’s ADECIA one-stop sound solution for teleconferencing uses technology (device authentication) with a solid track record in the IT industry to ensure the system is robust in terms of security risks.

image

This product functions in combination with the ADECIA system to ensure even users unfamiliar with IT technologies can easily utilize the security functionality.
More specifically, product security functions can be enabled via the graphic user interface (GUI) for the teleconferencing processor, which is a component of the ADECIA system. (For more details about teleconferencing processor specifications, refer to ADECIA Product Information.)
If the product security function is enabled, devices not registered as authenticated cannot access the network.

The product achieves linked security using the following three functions.

  1. Automatic recognition of ADECIA components
    The teleconferencing processor GUI automatically displays information about applicable network switches being controlled.

  2. Remote network switch control
    From the teleconferencing processor, enable device authentication of the network switch.

  3. Status notification from network switches
    A notification is sent to the teleconferencing processor if unauthorized access is detected by a network switch.

2. Definition of Terms Used

ADECIA

The ADECIA is a sound system equipped with microphones and speaker systems optimized for rooms/classrooms where teleconferencing or lectures will be conducted.
The ADECIA system includes the following components.

  • Teleconferencing processor that handles routing within the system, audio processing, and connection to the computer where teleconferencing application software is installed

  • Network switches for connecting to respective components

  • Dante-compatible microphone

  • Dante-compatible speaker system

Dante

Dante is a digital audio network specification developed by the Audinate Corporation.

Yamaha Unified Network Operation Service (Y-UNOS)

Y-UNOS is a service for linking devices via the network.
Also, network switches are linked to ADECIA security functionality by compliance with Y-UNOS. This product and teleconferencing processors in ADECIA components support the Y-UNOS service.

3. Function Details

3.1. Automatic recognition of ADECIA components

This product automatically recognizes Y-UNOS-compatible devices within the same network (maintenance VLAN) as the product.
Security links to the ADECIA system utilize this functionality for the following.

  • The GUI for the teleconferencing processor displays a list of network switches where security is specified.

  • The GUI for the teleconferencing processor displays a list of devices subject to device authentication (devices with permission for connecting to the network).

  • The network switch determines which teleconferencing processor is notified of unauthorized access.

image

3.2. Remote network switch control

This product can use Y-UNOS functionality to apply settings from other devices connected to the same network (maintenance VLAN).
To link security, the following settings are applied to individual network switches by commands from the teleconferencing processor. Note that those settings are configured automatically by the security linking function for all devices at the same time, so users do not need to think about each setting.

  • Generate root certificate authority

  • Specify authenticated users (devices)

  • Set local RADIUS server function

  • Set host mode (all interfaces)

  • Set MAC authentication function (all interfaces)

  • Set RADIUS server host

  • Set MAC authentication function for the entire system

image

3.3. Status notification from network switches

This product can use Y-UNOS functionality to notify other devices connected to the same network (maintenance VLAN) about its own status.
To link security, this product can notify all teleconferencing processors if invalid access to the product occurred (an unregistered device was connected).

image

4. Related Commands

Related commands are indicated below.
For command details, refer to the command reference.

Operations Operating commands

Enable/disable the security linking function (Y-UNOS)

y-unos

Show Y-UNOS status

show y-unos

5. Security Linking Default Settings

If security is linked to the ADECIA system, use the most recent firmware to apply security linking settings.
For information about how to update the firmware and apply settings, refer to Linking security to ADECIA in the product technical information site for Yamaha network switch products.

6. Points of Caution

  1. Be sure to configure default settings for security linking before the above functionality is first used.

  2. Do not change settings during use, such as by using product commands or the GUI.

    • The functionality might not function properly if the settings are changed.

  3. Be sure to remove the microSD card after default settings for security linking are executed.

    • If the microSD card left inserted, the firmware update and configuration will be applied the next time the product is started.

  4. This function cannot be used if the stack function is enabled.

    • Disable the stack function before using this function.

    • Beware that the functionality for automatic SD card booting (firmware and system configuration) will not function if the stack function is enabled.