1. Computer components
  2. System components
  3. Audio cards
  4. IBM
  5. DISA e-collaboration

IBM DISA e-collaboration User's Manual


Add to my manuals
51 Pages

advertisement

IBM DISA e-collaboration User's Manual | Manualzz 
DISA e-collaboration
Workstation Preparation
& New User Getting Started Guide
Version 1.8a
Copyright IBM Corporation 2008
Workstation Preparation & New User Getting Started Guide
Table of Contents
1.
QUICK START - TO CONFIGURE YOUR WORKSTATION FOR E-COLLABCENTER ................ 2
2.
INTRODUCTION & OVERVIEW........................................................................................................ 4
3.
WORKSTATION HARDWARE REQUIREMENTS ........................................................................... 5
ADDITIONAL CLIENT REQUIREMENTS FOR AUDIO/VIDEO ........................................................................ 6
3.1
3.1.3
Camera ..................................................................................................................................................6
VERIFYING THE SYSTEM AUDIO AND MICROPHONE ARE ENABLED ........................................................ 7
3.2
3.2.1
Steps To Verify Correct Device and Volume Controls Selections for Windows XP ..............................7
Steps to Verify Selection of the Appropriate Sound Playback and Recording Device...........................7
3.2.2
4.
CLIENT SOFTWARE REQUIREMENTS .......................................................................................... 9
IWS CONFLICT ................................................................................................................................. 9
4.1
4.2
LINUX CLIENTS .................................................................................................................................. 9
4.3
WINDOWS CLIENTS............................................................................................................................ 9
4.4
FDCC & SDC V2.0.4 WINDOWS CLIENTS .......................................................................................... 9
4.5
DETAILS ON THE REQUIRED SUN JAVA RUNTIME ENVIRONMENT (JRE) .............................................. 10
Enable TLS 1.0 in Java JRE 1.5.0 and later ........................................................................................12
4.5.1
SUPPORTED BROWSERS AND REQUIRED BROWSER SETTINGS .......................................................... 13
4.6
4.6.2
Firefox .................................................................................................................................................18
Mozilla .................................................................................................................................................21
4.6.3
5.
FILE UPLOAD SIZE LIMITATIONS ................................................................................................ 22
6.
NETWORK REQUIREMENTS......................................................................................................... 23
7.
TROUBLE SHOOTING .................................................................................................................... 25
8.
ADDITIONAL SUPPORT................................................................................................................. 27
APPENDIX A .............................................................................................................................................. 29
A.1 STEPS TO TEST YOUR AUDIO/VIDEO CAPABILITIES PRIOR TO ENTERING A WEB CONFERENCE (PERFORMED
WITHIN THE E-COLLABCENTER PORTAL)...................................................................................................... 29
A.2 ADDITIONAL DETAILS ON MICROSOFT’S BINARY AND SCRIPT BEHAVIOR .................................................. 31
APPENDIX B – FDCC & SDC V2.0.4 CONFIGURATION......................................................................... 31
B.1 INSTALL THE LATEST SUN JRE ............................................................................................................. 31
B.2 MAKE SURE EQUIFAX IS A TRUSTED CERTIFICATE AUTHORITY ................................................................ 31
B.3 RUN THE GROUP POLICY EDITOR AS AN ADMIN ..................................................................................... 32
B.4 EDIT INTERNET EXPLORER’S JAVA SECURITY SETTINGS ......................................................................... 35
B.5 CHANGE JAVA PERMISSIONS ................................................................................................................ 36
B.6 UPDATE GROUP POLICY AS AN ADMIN .................................................................................................. 38
B.7 ADD E-COLLABCENTER TO TRUSTED SITES IN IE 7 ............................................................................... 42
DOCUMENT INFORMATION AND REVISION HISTORY ........................................................................ 49
Page 1 of 51
Workstation Preparation & New User Getting Started Guide
1.
Quick Start - To Configure Your Workstation for E-CollabCenter
NOTICE: Our Unclassified was upgraded in August 2007 to be compliant with FIPS 140-2. The
upgrade requires Sun Java release 1.5.0, update 12. If you are using the SameTime Thick Client, a
compatible version is now available for download on our website (version ST 7.5.1 FIPS).
1. The E-CollabCenter solution requires Sun Java JRE release 1.5.0, update 12 or later.
Compatible versions of Java may be found below:
JRE 1.5.0, Update 12
NIPRNet: http://java.sun.com/javase/downloads/index_jdk5.jsp
SIPRNet: https://patches.csd.disa.smil.mil/metadata.jsp?ID=76827
JRE 1.6.0, Update 3 (Latest version as of 20 February, 2008)
NIPRNet: http://www.java.com/en/download/
SIPRNet: https://patches.csd.disa.smil.mil/metadata.jsp?ID=77506
2. For details on how to check your version, see section 4.5 Details on the required Sun Java
Runtime Environment (JRE).
3. Cookies must be enabled (this is an Internet Explorer (IE) default setting). In IE go to Tools
-> Internet Options -> Privacy and select “Medium”
4. Sun Java must be enabled in the browser and Microsoft VM disabled, here is how to check
a. Launch Internet Explorer
b. Click on Tools>Internet Options
c. Click on the ‘Advanced’ tab and verify that the Java (Sun) is checked. Also make sure
that all the options under ‘Microsoft VM’ are unchecked.
d. If the SUN Java option is not checked, it means that the browser is not using it.
e. Click on ‘OK’ on the options window for any changes to take effect and close and
restart the browser
5. TLS 1.0 must be enabled in your Browser (otherwise you will not be able to view the login
page)
a. Launch Internet Explorer (for Firefox users this is enabled by default)
b. Click on Tools>Internet Options
c. Click on the ‘Advanced’ tab and verify that TLS 1.0 is checked (by default IE 6 has TLS
1.0 not enabled while IE 7 does)
d. If TLS 1.0 is not checked, check it and then restart IE
6. TLS 1.0 must be enabled in Java. Follow the steps below:
a. From Windows click on Start
b. Highlight Settings
c. Click on Control Panel
d. Double click on Java
e. Select the Advanced tab
f. Click the “+” sign at left of Security to expand
a. Once expanded the “+” changes to “-“
i. Select/Check Use TLS 1.0
ii. Click the Apply button
iii. Click the OK button
7. Binary and script behavior must be enabled in IE (does not apply to Firefox users)
a. Launch Internet Explorer
b. Select Tools …. Internet Options from the IE menu bar
c. then click on the Security tab,
Page 2 of 51
Workstation Preparation & New User Getting Started Guide
d.
e.
f.
g.
then click the Internet zone, then click on “Custom Level”
go under the ActiveX controls and plugins section
ensure the “Binary and Script behaviors” radio button is enabled
Click OK
8. All ports necessary to access E-CollabCenter must be opened in your location’s firewall. See
section 6 Network Requirements for more details
9. Two easy ways to test that you have satisfied all the requirements above is to:
1. Go to our Getting Started URL, and click on the E-CollabCenter Workstation Checker tool:
NIPR - https://www.e-collabcenter.com/wps/portal/gettingstarted
SIPR – https://meeting.e-collabcener.nces.dod.smil.mil/check/workChecker.jsp
2. Log into https://www.e-collabcenter.com
a. Select the Web Conferencing tab
b. Click the Test Meeting link
c.
After a few seconds the Test Meeting window will display. If your workstation is
configured properly to work with Sametime meetings (a.k.a. web conferences). You
will see the screen similar to the one below in a new browser window that says
“Sample meeting to test your environment for online meetings. If you can see this
message then your environment is correctly set up for Sametime Meetings”
See Appendix A Steps to Test your Audio/Video Capabilities Prior to Entering a Web Conference
(performed within the E-CollabCenter portal) for a screenshot of this.
Page 3 of 51
Workstation Preparation & New User Getting Started Guide
2.
Introduction & Overview
This document provides instructions to optimize a user’s local workstation, ensuring optimal readiness
before logging in to E-CollabCenter. Once logged in, you will find a selection of training courses to take
you from beginner to advanced proficiency in all collaborative service functions.
Now that you have IBM® Lotus® Sametime® 7.5.1 FIPS, you can use your computer to communicate
with your colleagues and conduct online meetings. Meetings can be broadcast (the audience only
watches and listens) or interactive (participants work together using tools like screen and microphone
sharing).
Before you use Sametime, there are steps you should take to ensure that your work station meets the
minimal software and hardware requirements, and is optimally configured for Sametime. The purpose of
this guide is to take you through those steps.
For any issues which may go beyond the steps in this guide, please contact the DISA Help Desk:
DISA Help Desk
Commercial Phone
DSN
OCONUS to CONUS DSN
NIPR Emai
SIPR Email
800-447-2457
850-3136
312-850-3136
[email protected]
[email protected]
l
Page 4 of 51
Workstation Preparation & New User Getting Started Guide
3.
Workstation Hardware requirements
See pages 16 & 17 in the Sametime 7.5 Critical Fix 1 (CF1) release notes on NIPRNet:
http://www.elink.ibmlink.ibm.com/publications/servlet/pbi.wss?CTY=CA&FNC=SRX&PBL=G325258501#
The workstation (also known as client) system requirements for operation with the e-collaboration
center system are:
Minimum:
CPU
RAM
Pentium IV 1.5 GHz (or higher)
512MB (or more)
Instructions to Verify CPU Speed & Memory/RAM Size in Windows XP:
1. Go to “Start > Settings > Control Panel”.
2. Double click “System” to view the CPU Speed and Memory/RAM size.
3. See below screenshot for more information.
Page 5 of 51
Workstation Preparation & New User Getting Started Guide
3.1
Additional client requirements for audio/video
3.1.1 Sound card or chip - A full-duplex sound card is required to participate in interactive audio/video
meetings. Sound cards and cameras that work with the Multimedia Services are listed below.
™
™
™
™
™
™
™
™
™
™
™
™
™
™
™
CrystalWare (integrated)
Montego A3D Xstream
SoundBlaster Live Value
ALS120
Aureal Vortex A3D SQ1500
Aureal SB Audio PCI 64V
ES1887 (integrated)
Montego II A3D
Montego II Quadzilla
Rockwell WaveArtist
SoundBlaster PCI 128
SoundBlaster PCI 512
SoundBlaster 32 AWE
SIIG SoundWave Pro PCI
Yamaha DS-XG (integrated)
3.1.2 Microphone and speakers - High-quality microphones are recommended. Avoid microphones
with on and off switches unless they are of high quality. A headset that contains a boom microphone
performs best and is highly recommended. If a desktop microphone is used, a unidirectional dynamic
microphone that uses batteries is preferred.
3.1.3
Camera
Web cameras are optional. Users who do not have a camera can still participate in an audio/video
meeting. These users see video images of other speakers display in the Sametime Meeting Room client.
When a user without a camera speaks, others see the IBM Lotus Sametime logo display in place of a
video image in the Meeting Room client.
•
•
Choose a web camera that does NOT utilize or combine a microphone and/or speaker
On Windows machines, the camera must support Microsoft Video for Windows.
•
High-quality USB or PCMCIA PC cameras
•
Do not use parallel port cameras
Examples of Successfully Tested Web Cams
Choose items that are simple to use and easy to install. Please note that these are NIPRNet URLs.
•
Video
o
o
o
•
Audio
o
o
3.1.4
Logitech Quickcam Chat
ƒ http://www.logitech.com/index.cfm/products/details/US/EN,CRID=2204,CONTEN
TID=11635
Microsoft LifeCam VX-3000
Creative Webcam N10225 (for notebooks)
Logitech USB Headset 250
ƒ http://www.logitech.com/index.cfm/products/details/US/EN,CRID=103,CONTENT
ID=10012
Logitech Premium Stereo Headset
Video capturing software - Video for Windows.
Page 6 of 51
Workstation Preparation & New User Getting Started Guide
3.2
Verifying the System Audio and Microphone are Enabled
It is important that your local operating system has all sound devices enabled and volume levels
configured properly prior to entering the E-CollabCenter portal.
•
Verify all sound peripherals (headsets, speakers, microphones, etc.) are securely plugged in
o Verify external mute button on the headset or microphone is off
ƒ Some headsets have volume and/or mute on/off controls on the headset or cable
• Verify mute button is Off
o Push the mute or on/off button securely to the sound On
position
o Test speaking into your headset microphone
o Verify all volume levels are on/high
o Verify enablement of all playback and recording devices (see steps below)
You can adjust volume levels before entering the E-CollabCenter through your internal operating system
controls.
3.2.1
Steps To Verify Correct Device and Volume Controls Selections for Windows XP
Open the Windows Control Panel by
1. Clicking the Start button
2. Highlight Settings
3. Click on Control Panel
4. Double click on Sounds and Audio Devices
5. Click the Audio tab
6. The Sounds and Audio Devices Properties window displays
3.2.2 Steps to Verify Selection of the Appropriate Sound Playback and Recording
Device
Perform the following steps for Sound
playback and Sound recording
1
1. Select the Audio tab
2. Click the Volume button under the
Sound Playback section
• Follow steps on page 20)
3. Click the Volume button under
Sound recording
• Follow steps on page 20)
2
3
Page 7 of 51
Workstation Preparation & New User Getting Started Guide
•
When the Volume Control window displays
4. Verify the following settings:
• Volume levels are high
• All Mute boxes are unchecked
5. When the recording playback window displays:
• Adjust all volume levels to a high level
• Check the Select button for Microphone
o CD Player and Line In are user personal preferences for which E-CollabCenter has no
requirement
Page 8 of 51
Workstation Preparation & New User Getting Started Guide
4.
Client Software requirements
This section describes the software requirements for the workstation that is accessing the ecollabcenter.com web site. The workstation is sometimes referred to as a client machine. Ensuring that
your workstation meets these software requirements will enable it to work optimally the ECollabCenter environment.
4.1
IWS Conflict
Previously Sametime and IWS could both use JRE 1.4.2_14. However in order for Sametime to support
FIPS 140-2 encryption, E-CollabCenter (which is based on Sametime technology) requires Java JRE 1.5
Update 12 or greater.
IWS 3.0 does not support JRE 1.5. IWS 3.0 is the version used by most of DoD. IWS Version 3.0.6 will
be released soon and it is JRE independent so it would not conflict with Sametime at all (theoretically) 1 .
This means that a workstation running IWS would have to install JRE 1.5 (update 12 is preferred) and
most likely have to uninstall JRE 1.4.2 in order to use E-CollabCenter.
4.2
Linux clients
Library required for application sharing on Linux systems
In order to load Application Sharing native code on Linux platforms, the following library is required on the
client machine: libz.so.1, which resides in /usr/lib.
The supported Linux operating systems are: RedHat Enterprise Linux 4.0, Ubuntu 8.04, CentOS 5.1 and
Novell Linux Desktop 10.0 using Firefox 1.5. Limited testing has been done by the IBM E-CollabCenter
project team with these Linux desktops.
4.3
Windows clients
The recommended operating system for E-CollabCenter is Windows XP with Service Pack (SP) 2. Prior
versions of Windows such Windows XP SP 1 and Windows 2000 may work but have not been tested by
the E-CollabCenter team. Limited testing has been done using Windows 2003 Server SP1 and SP2 as
an E-CollabCenter client; they both appear to work fine.
For the Sametime Broadcast client, Sametime Connect (a.k.a. thick client) client, Sametime Meeting
Room client the Microsoft Virtual Machine (VM) is not supported and must be disabled. The
supported JRE for all Sametime java applet clients in the Sametime 7.5.1 release is Sun Microsystems
Java JRE release 1.5.0 (update 12 is preferred).
4.4
FDCC & SDC v2.0.4 Windows clients
The Federal Desktop Core Configuration (FDCC) is an OMB-mandated security configuration. The
FDCC currently exists for Microsoft Windows Vista and XP operating system software. While not
addressed specifically as the “Federal Desktop Core Configuration,” the FDCC was originally called for in
a March 22, 2007 memorandum from OMB to all Federal agencies and department heads and a
corresponding memorandum from OMB to all Federal agency and depart Chief Information Officers
(CIO).
The Windows Vista FDCC is based on DoD customization of the Microsoft Security Guides for both
Windows Vista and Internet Explorer 7.0. Microsoft’s Vista Security Guide was produced through a
collaborative effort with DISA, NSA, and NIST for the Windows Vista platform. The Window’s XP FDCC
1
Thanks to Tom Condon of EUCOM ([email protected]) for helping with this IWS information.
Page 9 of 51
Workstation Preparation & New User Getting Started Guide
is based on Air Force customization of the Specialized Security-Limited Functionality (SSLF)
recommendations in NIST SP 800-68 and DoD customization of recommendations in Microsoft’s Security
Guide for Internet Explorer 7.0. The SDC is used by the USAF as a customized version of the FDCC.
There are known java issues when using E-CollabCenter on a Vista FDCC, XP FDCC and SDC 2.0.4
machine. Appendix B highlights the administrative level adjustments needed to ensure that ECollabCenter works seamlessly with FDCC and SDC v2.0.4. There are no known issues once the
changes in Appendix B are applied to FDCC and SDC v2.0.4. For more information about FDCC please
visit http://nvd.nist.gov/fdcc/index.cfm. For detailed instructions on the necessary adjustments needed to
ensure that E-CollabCenter functions optimally with FDCC and SDC 2.0.4 please click here to go to
Appendix B.
4.5
Details on the required Sun Java Runtime Environment (JRE)
The E-CollabCenter solution requires Sun Java JRE release 1.5.0, update 12 or later. Links to
compatible versions may be found in Section 1 of this document.
Some of the common effects of not having the correct JRE:
1. Meeting hangs at testing connectivity and inability to enter a meeting.
2. Ability to enter a meeting, but only see a blue/grey screen.
3. Inability to screen share/whiteboard, no Audio/Video etc. If you check the meeting logs, the native
libraries for screen sharing, audio/video will not have been downloaded, etc.
How to verify that your workstation has Sun Java JRE release 1.5.0 or later installed
1. Go to Start>Settings>Control Panel.
2. If you have Sun Java installed, you should see a ‘Java’ tea cup
3. Click to open it and click on the ‘About’ tab to check the version.
If your workstation does not have Sun Java build 1.5.0_12 or greater installed on the
machine, you can acquire it using one of the following URLs. Please note that you must
have local administrative privileges to install Java. If you do not have local
administrative privileges, please contact your local Help Desk.
Page 10 of 51
Workstation Preparation & New User Getting Started Guide
JRE 1.5.0, Update 12
NIPRNet: http://java.sun.com/javase/downloads/index_jdk5.jsp
SIPRNet: https://patches.csd.disa.smil.mil/metadata.jsp?ID=76827
JRE 1.6.0, Update 3 (Latest version as of 20 February, 2008)
NIPRNet: http://www.java.com/en/download/
SIPRNet: https://patches.csd.disa.smil.mil/metadata.jsp?ID=77506
Page 11 of 51
Workstation Preparation & New User Getting Started Guide
4.5.1
Enable TLS 1.0 in Java JRE 1.5.0 and later
TLS 1.0 must be enabled in the Sun Java Control Panel. There are two ways to do this:
1) Via Java tea-cup icon
To do this, right-click on the Java icon (Tea cup) and select “Open Control Panel.”
Click on the Advanced Tab. Check the “Use TLS 1.0” box and hit apply. By default, Sun Java JRE 1.5.0
does not have TLS 1.0 enabled so these steps are necessary before using Sametime 7.5. Sun JRE 1.6
does have TLS 1.0 enabled by default though.
Page 12 of 51
Workstation Preparation & New User Getting Started Guide
2) Via Control Panel
1. Click on Start
2. Highlight Settings
3. Click on Control Panel
4. Double click on Java
5. Select the Advanced tab
6. Click the “+” sign at left of Security to expand
o Once expanded the “+” changes to “-“
7. Select/Check Use TLS 1.0 (See screenshot above)
8. Click the Apply button
9. Click the OK button
4.6
Supported Browsers and Required Browser Settings
In all desktop configurations the browser must be configured to allow session cookies and allow
pop-ups from E-CollabCenter site.
The list below shows the supported browsers (all must be configured to use Sun Java and have TLS 1.0
enabled). For Firefox and Mozilla browsers you must also enable TLS 1.0 in the Sun Java Control
Panel in addition to enabling TLS 1.0 in the browser itself.
1) Internet Explorer (IE) 7
2) Firefox 2.0.0.x
3) Firefox 1.5.0.x
4) Internet Explorer 6 SP2
5) Mozilla 1.7.12
Due to the fact that Internet Explorer 6 SP1 is outdated and has so many security vulnerabilities, it is not
supported with E-CollabCenter. Internet Explorer 6 SP2 came out in August 2004
Opera browsers will not work with E-CollabCenter because Opera does not support iFrames. Netscape
browsers are not supported.
Page 13 of 51
Workstation Preparation & New User Getting Started Guide
Internet Explorer
4.6.1.1 Cookies
You must have enabled cookies for either the www.e-collabcenter.com (NIPRNet) or the www.ecollabcenter.nces.dod.smil.mil (SIPRNet) or if you are using an enclave have cookies enabled for
the URL to that enclave site.
The following Microsoft article (found on NIPRNet) describes cookies and how to configure them
in Internet Explorer http://support.microsoft.com/kb/283185. The default IE privacy settings (medium)
will allow session cookies for E-CollabCenter.com. Below is a screenshot of this setting, which is found
under Tools … Internet Options … Privacy
Page 14 of 51
Workstation Preparation & New User Getting Started Guide
4.6.1.2 Sun Java
To verify if the Internet Explorer browser is configured to use Sun Java:
™ Usually IE (Internet Explorer) uses Microsoft’s Virtual Machine by default. To change this,
from an IE browser, click on Tools>Internet Options
™ Click on the ‘Advanced’ tab and verify that the Java (Sun) is checked. Make sure that all
the options under ‘Microsoft VM’ are unchecked.
™ If the SUN Java option is not checked, it means that the browser is not using it.
™ Click on ‘OK’ on the options window for any changes to take effect and close and
restart the browser
Page 15 of 51
Workstation Preparation & New User Getting Started Guide
4.6.1.3 TLS 1.0
Now verify that Internet Explorer has TLS 1.0 Enabled (a government requirement to satisfy FIPS
140-2 encryption)
• Launch Internet Explorer
• click on Tools>Internet Options
• Click on the ‘Advanced’ tab and verify that TLS 1.0 is checked (by default IE 6 does not have
TLS 1.0 enabled, while IE 7 does)
• If TLS 1.0 is not checked, check it and then restart IE
4.6.1.4 Binary and Script Behavior
E-CollabCenter does NOT require ActiveX to run. The IBM Sametime development team removed all
ActiveX dependencies from its product in version 7.0; consequently, Sametime 7.5.1 FIPS does not use
ActiveX. In an effort to avoid 3rd party litigation, Microsoft added the binary and scripting behavior set to
control Internet Explorer (IE) running embedded user interface controls such as Java applets. Sametime
uses Java Applets for web conferencing. There are two options in Internet Explorer to allow Sametime's
use of Java - either add the Sametime URLs as a trusted site or set Binary and Script Behavior to
'enable'.
Page 16 of 51
Workstation Preparation & New User Getting Started Guide
The default IE settings have “Binary and Script Behavior” enabled, here are instructions on how to enable
it.
In the Internet Explorer browser under the ActiveX Security controls and plug-ins area, the
“Binary and Script Behaviors” must be enabled for both meeting rooms and alerts in chat rooms to
function. To accomplish this within Internet Explorer (see the screenshots below):
1. Launch Internet Explorer, then select
2. Tools …. Internet Options from the IE menu bar
3. then click on the Security tab,
4. then click the Internet zone, then click on “Custom Level”
5. go under the ActiveX controls and plugins section
6. ensure the “Binary and Script behaviors” radio button is enabled
7. Click OK
The NIPRNet links below explain the “binary and script behaviors” setting in more detail:
• http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/sp2brows.mspx#EXOAC
•
http://technet2.microsoft.com/WindowsServer/en/library/291a929b-ea18-47da-be87-9e566698fbc51033.mspx?mfr=true
•
http://msdn.microsoft.com/msdnmag/issues/01/01/cutting/
Page 17 of 51
Workstation Preparation & New User Getting Started Guide
4.6.2
Firefox
4.6.2.1 Sun Java
To verify if the Firefox browser is configured to use Sun Java do the following:
1. Launch Firefox , then select…
2. Tools …. Options...
3. Then make sure “Enable Java” is checked. If not checked, check it and click OK
4. Close down and restart Firefox.
The default for Firefox is to have Java Enabled
4.6.2.2 TLS 1.0
Now verify that Firefox has TLS 1.0 Enabled (Firefox enables this by default)
1. Launch Firefox
2. Click on Tools > Options
3. Click on the ‘Advanced’ icon then click the Security tab (Firefox 1.5) or the Encryption tab in Firefox
2.0 and verify that TLS 1.0 is checked (by default Firefox 1.5.0.x and 2.0.0.x both have TLS 1.0
enabled)
4. If TLS 1.0 is not checked, check it and then restart Firefox
Below are screenshots that show these steps for Firefox 1.5 and 2.0, respectively.
Page 18 of 51
Workstation Preparation & New User Getting Started Guide
Page 19 of 51
Workstation Preparation & New User Getting Started Guide
Page 20 of 51
Workstation Preparation & New User Getting Started Guide
4.6.3
Mozilla
4.6.3.1 Sun Java
To verify if the Mozilla browser is configured to use Sun Java do the following:
1. Launch Mozilla , then select…
2. Edit …. Preferences... Advanced
3. Then make sure “Enable Java” is checked. If not checked, check it and click OK
4. Close down and restart Mozilla.
The default for Mozilla is to have Java Enabled
4.6.3.2 TLS
Now verify that Mozilla has TLS Enabled (Mozilla enables this by default)
1. Launch Mozilla
2. Click on Edit … Preferences … Privacy and Security … SSL
3. Verify that TLS is checked (by default Mozilla 1.7.12 has TLS 1 enabled)
4. If TLS 1 is not checked, check it and then restart Mozilla
Page 21 of 51
Workstation Preparation & New User Getting Started Guide
5.
File Upload Size Limitations
In meetings, chat rooms, and instant message sessions, there are limits on attachment sizes.
• For Web Conferences, the practical size limit is 20 MB.
• Chat Rooms have a 10 MB file size limit that the users cannot exceed
• Instant Messages have a 20 MB file size limit that on files that can be transferred from one
person to another via an IM session
Page 22 of 51
Workstation Preparation & New User Getting Started Guide
6.
Network Requirements
The access statements (rules) for firewalls, and all packet forwarding or filtering devices,
need to be in place in order to use the E-CollabCenter service are listed below.
The NIPRNET Destination IP addresses are: 216.12.152.1 through 216.12.152.127 2
For SIPRNet Destination IP addresses, please contact the DISA Help Desk
Source Address: The addresses for all the workstations on your network
Source Ports: High ports (ports above 1024, tcp and udp)
Direction: Static Ports initiated by Source only (NOT Bi-Directional), Dynamic Ports (Bi-Directional)
Destination IPs: The IP Addresses for the all the e-collab servers
Static Destination Ports:
Port 80
TCP – HTTP web trafic
Port 443
TCP – HTTPS encrypted web traffic
Port 554
TCP - needed to play back recorded meetings
Port 1533
TCP – needed for samtime connect (thick client) for instant message traffic
Port 8081
TCP - needed for web conferences (a.k.a. meetings)
Port 8008
TCP – fallback port if port 1533 is blocked & traffic is tunnelled in http though.
Port 8084
TCP – fallback for audio and video in meetings if Dynamic UDP ports are blocked
Port 8080
TCP – used launch a web conference from browser Instant Messaging session
Dynamic (Ephemeral) Destination Ports:
Ports 49,252 through 65,535* UDP (Bi-directional firewall rules are needed for UDP, this means that
connections must be allowed that are initiated by the source (workstations) to the destination (IBM
servers) and also connections initiated from the destination (IBM servers) to the source (workstations)
•
The Dynamic ports are used for interactive audio and video using the Real-Time application
streaming protocol standard (RTP RFC1889) over UDP and are selected randomly. If the
selected UDP ports are blocked, the service will fall back to TCP over Port 8084. This may result
in higher delay and lower quality with dropped audio syllables on occasion under certain network
conditions. These ports are listed in the locations found below:
o
o
NIPR https://www.jtfgno.mil/operations/messages/2006/index.htm
SIPR http//www.jtfgno.smil.mil/site/documents/CTO2007/CTO_07011_NCES_Collab_Ports.rtf
In addition to the ports above the Sametime 7.5.1 FIPS Connect client (also known as the thick client)
has the capability to make desktop to desktop audio and video calls. This capability requires 4 ports
(20,830 through 20,833) to be opened to the Sametime servers. These 4 ports have not been
approved by the government; please do NOT open these 4 ports to the Sametime servers. We are
only listing them below so administrators are aware of this. Since these ports are not opened to the
Sametime servers, the audio and video call features are disabled in the thick client, so the end user will
not see the icons on the thick client that would otherwise allow audio and video calls.
3
Port 20830
Port 208312
Port 208322
Port 208332
UDP –
UDP –
UDP –
UDP –
RTP - used for Audio by Sametime thick client
RTCP - used for Audio by Sametime thick client
RTP - used for Video by Sametime thick client
RTCP - used for Video by Sametime thick client
2
The old NIPRNET IP address range was 216.12.138.1 through 216.12.138.127 and was changed in April 2007
These 4 ports are not mentioned in the https://www.jtfgno.mil/operations/messages/2006/index.htm web site as they
are new to Sametime 7.5.1 FIPS Connect client (a.k.a. thick client). The ports have not been approved by the JTFGNO and should not be opened. They are listed merely as a reference.
3
Page 23 of 51
Workstation Preparation & New User Getting Started Guide
For an end user to determine if their workstation can communicate to the collaboration service over UDP,
have the user attend a meeting or go to the Support Tab and click on the Attend a Test Meeting. Then
click View …. Meeting Room Status Log from the top menu
In the browser window that is opened, if something is blocking UDP you will see the following
UDP stream for Video RTP failed
If UDP is successful you will see
UDP stream for Audio RTP succeeded
Here is a screenshot of the browser window that a successful UDP connection
Page 24 of 51
Workstation Preparation & New User Getting Started Guide
7.
Trouble Shooting
If you are having problems accessing the service and you have verified you have the proper Sun JRE
and you browser settings are correct please perform the following steps. If you encounter a problem that
you cannot correct using the steps below, please contact the NCES Help Desk.
Internet Explorer:1) Control Panel > Internet Options> General tab
- Delete Cookies
- Delete Files (delete all offline content.....make sure its checked)
- Clear History
Firefox:1) Open Firefox > Tools > Options... > Privacy Section
- History tab > Clear Browsing History Now
- Download History tab > Clear Download History Now
- Cookies tab > Clear Cookies Now
- Cache tab > Clear Cache now
or
Open Firefox > Tools > Clear Private Data...
After performing these steps, close your browser window and open another browser session to allow the
changes to take effect. After you have completed this step, clear the Java temporary files. To do this
right-click on the Java icon (Tea cup) and select “Open Control Panel”
Page 25 of 51
Workstation Preparation & New User Getting Started Guide
1) Control Panel > Java > General tab > Delete Files...
2) All checkboxes must be checked, hit OK
Page 26 of 51
Workstation Preparation & New User Getting Started Guide
If problems still exist, ask the client to send the Java Console log to the NCES Help Desk.
How to view the Java console log>>>
Right-click on the Java icon (Tea cup) and select ‘Open Console’ to bring up the java console log.
Contact List ‘Awareness’ does not work. What do you do?
Check if the JRE version is correct and if browser is configured correctly to use it.
If it is, then just clear the cookies and temporary internet files. Close all browser sessions and open a new
session and login back into the E-CollabCenter website.
FDCC/SDC v2.0.4 Error: Java not enabled. What do you do?
If you are using FDCC or SDC machines and are experiencing a java error similar to the
screenshot below, please read “Section 4.4: FDCC & SDC v2.0.4 Windows clients”
8.
Additional Support
Page 27 of 51
Workstation Preparation & New User Getting Started Guide
This document is a user workstation requirements document designed to provide general software,
hardware and configuration requirements for workstations for the e-collaboration solution that is based
upon Sametime 7.5.1 FIPS.
For more detailed information and support regarding e-collaboration products and services, refer to the
on line guide, or contact the DISA Help Desk via phone or e-mail.
DISA Help Desk
Commercial Phone
DSN
OCONUS to CONUS DSN
NIPR Emai
SIPR Email
800-447-2457
850-3136
312-850-3136
[email protected]
[email protected]
l
Page 28 of 51
Workstation Preparation & New User Getting Started Guide
APPENDIX A
A.1 Steps to Test your Audio/Video Capabilities Prior to Entering a Web
Conference (performed within the E-CollabCenter portal)
•
Log into E-CollabCenter and select the Web Conferencing tab
•
Click the Test Meeting link
•
For a few second the following Test Meeting window displays
•
Then if your workstation is configured properly to work with Sametime meetings (a.k.a. web
conferences) you will see the screen similar to the one below in an new browser window
Page 29 of 51
Workstation Preparation & New User Getting Started Guide
5. Click File … Leave Meeting to leave the test and close this window
Please Note:
The following support options are available once you have logged into ECollabCenter
•
IBM E-CollabCenter Training
o Log into the portal at https://www.e-collabcenter.com, then click on the Help and
Training tab
ƒ How Do I?
• Provides a set of step-by-step written guides for basic E-CollabCenter
functions.
ƒ Tutorials
• Provides a set of step-by-step video tutorials for basic E-CollabCenter
functions.
ƒ Training Calendar.
• Lists available and upcoming training courses.
•
NCES Help Desk Support
o
Log into the portal at https://www.e-collabcenter.com, then click on the Chat Rooms tab.
Scroll down the list and click on the E-CollabCenter Help Desk chat room, then click on
the Enter Place(s) button at the bottom of the window to enter the Help Desk Chat
Room.
Page 30 of 51
Workstation Preparation & New User Getting Started Guide
A.2 Additional Details on Microsoft’s Binary and Script Behavior
Internet Explorer defines "interactive controls" as Java or ActiveX components which provide user
interfaces. IBM Lotus Sametime does not use ActiveX controls but does use Java applets for chat rooms
and web conferences. That Microsoft decided to lump Java with it's well understood sandbox isolation
and the unrestricted native code of ActiveX together is unfortunate and doesn't seem logical from a
security perspective. However, Internet Explorer's default setting for "Binary and Script Behavior" is
enabled in the Internet Security Zone so most commercial users of Sametime never see any problem with
Java controls.
To use an interactive control on a web page, the designer uses the APPLET, EMBED, or OBJECT
elements to load the control. Internet Explorer makes that control "inactive" and prevents keyboard or
mouse window messages from reaching the control. The control's user interface is blocked until the user
activates it. To activate an interactive control, the user clicks it or uses the TAB key to set focus on it and
then press the SPACEBAR or the ENTER key.
Internet Explorer can prevent activation of interactive controls through the security setting for "Binary and
Script Behavior". When the value of this setting is "DISABLE", the user is prevented from activating the
control. On a typical web page the user may see this as a broken function or may not see the capability
at all. Unfortunately, in the case where the component is in fact an application scripted into a web page,
IE's behavior is to simply fail and display a nondescript catchall "Error loading page" message. This is
the behavior that users see when attempting to enter a Sametime meeting. In IBM Lotus Sametime Web
Conferencing, the "Meeting Room" is a Java applet. The webpage to join a meeting contains JavaScript
which configures the meeting room applet and allows participants to join and use the various meeting
functions (group chat, attendance list, document and screen sharing, polling etc.) The script displays the
"Preparing the Sametime meeting room" and executes the Meeting Room applet but never passes the
"Checking for Java ..." test. Users report this as "Sametime stops when trying to join a meeting"
because the don't see the IE error message or, if they see the message, may try several times getting the
same result and eventually assume there is something wrong with the application.
Individual webpages and websites listed as "Trusted Sites" are not affected by the setting of "Binary and
Script Behavior".
Also see http://en.wikipedia.org/wiki/Eolas
APPENDIX B – FDCC & SDC v2.0.4 Configuration
Login to the FDCC/SDC machine as an Admin.
B.1 Install the latest Sun JRE
Currently the latest version of Sun JRE is 1.6.0.5_b13, and that’s what we used in our test. Sun JRE can
be downloaded from www.sun.com
B.2 Make sure Equifax is a trusted Certificate Authority
Equifax must be listed under Internet Explorer’s Trusted CA
Note: This is only necessary with FDCC and NOT SDC v2.0.4
Page 31 of 51
Workstation Preparation & New User Getting Started Guide
B.3 Run the Group Policy Editor as an Admin
Go to the “Start” menu
Type in “gpedit.msc” as seen below:-
Page 32 of 51
Workstation Preparation & New User Getting Started Guide
Right-click on the “gpedit” program as seen below and select “Run as administrator”
Page 33 of 51
Workstation Preparation & New User Getting Started Guide
Click “Continue” to proceed with using the Group Policy Editor as an Admin
Page 34 of 51
Workstation Preparation & New User Getting Started Guide
B.4 Edit Internet Explorer’s Java security settings
Under the Group Policy Editor go to:“Computer Configuration\Administrative Templates\Windows Components\Internet
Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Java Permissions”
AND “Computer Configuration\Administrative Templates\Windows Components\Internet
Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Java
Permissions”
Note: You must change the Java permission for BOTH Locked-Down Trusted Sites Zone AND
Trusted Sites Zone
Refer to the screenshots below on how to edit Internet Explorer Security Settings in the Group Policy
Editor:Under the Group Policy Editor go to:Computer Configuration
Administrative Templates
Windows Components
Internet Explorer
Internet Control Panel
Security Page
Trusted Sites Zone & Locked-Down Trusted Sites Zone
Java Permissions
Double-click the “Java Permissions” option on the right, as shown below
Page 35 of 51
Workstation Preparation & New User Getting Started Guide
B.5 Change Java Permissions
By default under FDCC, java permissions is set to “enabled”, but the permission level is set to
“disable java”. This setting disables the use of any java based application on the machine as in
Sun JRE, and not just Microsoft JVM. This Internet Explorer security setting is discussed in detail
on FDCC site at:http://blogs.technet.com/fdcc/archive/2008/01/31/internet-explorer-security-setting-java-permissionsdisable-java.aspx
In our test, we were able to use Sametime services on E-CollabCenter portal under the following
different conditions:1. Java Permissions set to “Disabled”
2. Java Permissions set to “Enabled: High”
3. Java Permissions set to “Enabled: Medium”
4. Java Permissions set to “Enabled: Low”
5.
Refer to the screenshots below on how to change Java Permissions:By default, the option is set to “Enabled” and Java permissions set to “Disable Java”, as seen below
Page 36 of 51
Workstation Preparation & New User Getting Started Guide
To access and use Sametime services on E-Collabcenter portal, the above Java Permission settings
must be changed to either ONE of the following options
1. Java Permissions set to “Disabled”
2. Java Permissions set to “Enabled: High” (most secure and recommend option)
3. Java Permissions set to “Enabled: Medium”
4. Java Permissions set to “Enabled: Low”
Java Permissions set to “Disabled”
OR
Page 37 of 51
Workstation Preparation & New User Getting Started Guide
Java Permissions set to Enabled, with High, Medium, or Low
B.6 Update Group Policy as an Admin
Open the command prompt as an Admin, and run the following command: “gpupdate /force”
For changes to take affect, a Windows restart is recommended.
Refer to the screenshots below on how to update the Group Policy as an Admin:Go to the “Start” menu
Page 38 of 51
Workstation Preparation & New User Getting Started Guide
Right-click on the “Command Prompt” shortcut, and select “Run as administrator”
Page 39 of 51
Workstation Preparation & New User Getting Started Guide
If the command prompt is not listed under the Start Menu, type “cmd” under “Start Search” box in the
Start Menu
Click “Continue” to use the Command Prompt as an Admin
Page 40 of 51
Workstation Preparation & New User Getting Started Guide
Type in the command “gpupdate /force” and hit Enter
When the “OK to Restart?” prompt appears, type “y” and hit Enter
*Note that SDC v2.0.4 a restart was not prompted or required.
Page 41 of 51
Workstation Preparation & New User Getting Started Guide
Click “Close” or simply wait a few seconds for the Windows OS to restart
Once the FDCC/SDC machine’s Windows Vista OS has been restarted, all group policy changes will
have taken effect.
B.7 Add E-CollabCenter to Trusted Sites in IE 7
Click on Start and type regedit in search and run regedit as admin
Page 42 of 51
Workstation Preparation & New User Getting Started Guide
Click on “Continue”
Page 43 of 51
Workstation Preparation & New User Getting Started Guide
Go to HKEY_Local_Machine
- Software
- Policies
- Microsoft
- Windows
- Current Version
- Internet Settings
(Any of the following 3 items should be = 0)
- Security_HKLM_only
- Security_Options_Edit
- Security_Zones_Map_Edit
*Note that once you are done with this appendix you will want to come back and change these settings to
their original values. Typically a restart will also cause these values to revert as well.
Page 44 of 51
Workstation Preparation & New User Getting Started Guide
Now run Internet Explorer 7 as admin and click on “Tools” then “Internet Options”
Page 45 of 51
Workstation Preparation & New User Getting Started Guide
Page 46 of 51
Workstation Preparation & New User Getting Started Guide
Click on the “Security” tab and then highlight “Trusted sites” and click on the “Sites” button
Page 47 of 51
Workstation Preparation & New User Getting Started Guide
Add “*.e-collabcenter.com” and make sure you uncheck the box at the bottom
Now you are done adding E-CollabCenter to your trusted sites zone and ready to use E-CollabCenter!
Page 48 of 51
Workstation Preparation & New User Getting Started Guide
Document Information and Revision History
Revision
1.0
Date
Feb 22,
2007
Feb 28,
2007
March 14,
2007
Author / Editor
Jim Stroud
Nature of Change
Initial Draft
Jim Stroud
April 3,
2007
April 4,
2007
Jim Stroud
1.5
April 5,
2007
Jim Stroud
1.6
April 9,
2007
Jim Stroud
Doruk Akan
1.6a
April 9,
2007
Jim Stroud
1.7a
April 11,
2007
Jim Stroud
1.7b
April 12,
2007
April 13,
2007
Jim Stroud
1.7d
1.7e
May 11
May 17
Jim Stroud
Jim Stroud
1.7f
1.7g
June 11
July 13
Jim Stroud
Ames Trebing
Ron Sticinski
Corrected information on how to determine if
UDP ports are in use w/ Sametime 7.5
Updated to include the need for TLS 1.0 in the
Sun 1.5 JRE and updated to include Firefox ver.
2.0.0.x instead of 2.0.0.1
Updated to include that session cookies must be
enabled on the browser
Updated to mention that Internet Explorer
"Binary and Script Behaviors"
must be enabled
Added information on supported client Operating
Systems, clarified recommended JREs, and
provided more information on required ports.
Merged information from “New User Getting
Started Guide”
Many grammatical corrections. Brief mention
that Java JRE 1.6.01 has undergone limited
testing and appears to work fine with e-collab.
Added screenshot for successful UDP
connectivity and updated test meeting section of
Appendix.
Added links that explain what the “Binary and
Script Behaviors” in Internet Explorer is and
explained that e-collab does not use ActiveX.
Added ports needed by Sametime Connect
“thick client” to support audio and video
messaging
Made document generic for enclaves, classified
and unclassified service (removed old unclass IP
addresses for the service).
Added additional information on binary and script
behavior and added details on this in Appendix
Added to include that Mozilla 1.7.13 works with
e-collab and provided Mozilla browser setting
details. Also clarified support for JRE 1.4.2
release. Included abbreviated explanation of
ports. Clarified support on IE 6 as IE 6 SP2.
Also mentioned that some version of Netscape
(7.2, 8.0.2, 8.0.0.3, & 8.0.4) may work with ecollab but are not supported.
Added 1 page Quick Start Guide in front of doc
Explained that network admins should not allow
4 ports related to the thick client. Also clarified
JRE versions.
Added how to get IWS to work with e-collab
Updated with client requirements for FIPS
compliance
1.1
1.2
1.3
1.4a
1.7c
Jim Stroud
Jim Stroud
Jim Stroud
Page 49 of 51
Workstation Preparation & New User Getting Started Guide
1.7h
1.7i
1.7j
1.7k
1.8a
July 17,
2007
July 25,
2007
Neil Starkey
Misc corrections
Ames Trebing
James Stroud
February
8, 2008
February
16, 2008
James Stroud
May 28,
2008
Mostafa
Sekandari
Yasir Saleem
Added notice for network changes to network
systems: firewalls, packet forwarding and
filtering devices. Added TLS java setting to
summary. Added info that on the conflict with
IWS due to JREs.
Corrected Firewall Port Info, removing several
UDP port requirements
Updated JRE versions, Help Desk contact
information, and training and Help Desk
navigation info in Appendix A.
Added FDDC & SDC procedures. Section 4.4
and Appendix B were created. Section 4.2 was
also updated to reflect compatibility with Ubuntu
8.01 and CentOS 5.1. Moved revision history to
the end of the document, and can now be seen
in the Table of Contents. Fixed the version seen
in the footer on the title page, and the page
numbering in table of contents. Page numbers
are no long restarting from 1 for Appendices,
instead they continue onwards from previous
section. Minor adjustment to the title on page 2.
Jennifer Sackett
End of Document.
Page 50 of 51

advertisement

Was this manual useful for you? Yes No
Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

Related manuals

IBM G325-2585-02 User's Manual

IBM

G325-2585-02

  • User's Manual
Korg MR-1000 User's Manual

Korg

MR-1000

  • User's Manual
IBM Lotus Sametime 3.0 Quick Start Manual

IBM

Lotus Sametime 3.0

  • Quick start manual
Voyetra Turtle Beach Montego II Quadzilla User`s guide

Voyetra Turtle Beach

Montego II Quadzilla

  • User`s guide
HP SmartCard NIPRNet Solution for US Government Guide

HP

SmartCard NIPRNet Solution for US Government

  • Guide
AWE AA75 Quick Setup Manual

AWE

AA75

  • Quick Setup Manual

advertisement