Security

When setting up Media Gateway/SRT Gateway, you may configure additional security settings. Changing any of these settings requires a reboot.

Setting	Description
High Security (STIG) Environment	Enables security hardening features for high-security environments, including: Session timeouts/locks for all interfaces. Stronger password requirements. Lock/disable accounts due to multiple authentication failures or expired passwords. Disabling unnecessary services.
Web Server	Enables/Disables SSL protocols and ciphers, and HTTP Strict Transport Security (HSTS) support. Available TLS (Transport Layer Security) versions accepted: TLS v1, TLS v1.1, TLS v1.2. Available SSL Ciphers include various AES encryption ciphers.
Advisory Notice and Consent Banner	You may also configure an Advisory Notice and Consent Banner to appear when users first access the web interface's and Console UI's log in screen. The banner is typically an advisory/warning notice the user must consent to before signing in. For example:

To configure appliance security:

1. In the side menu under Administration, click System Settings.
2. Click Security in the navigation toolbar.
3. To configure your Haivision Gateway for use in a high-security environment, toggle the High Security (STIG) Environment button to On.
4. To enable/disable SSL protocols use the SSL Protocol checkboxes.
5. To add SSL ciphers, under SSL Ciphers click the 

   

    icon and select the desired cipher. To remove a cipher click the 

   

    icon for each added cipher.
   

   

6. To enable HSTS, toggle the HTTP Strict Transport Security button to On.
7. To configure a banner, toggle the Advisory Notice button to On, and enter the desired banner text in the Message textbox.
8. Click the Save Settings button.
9. Click the Reboot button to have your security configuration changes take effect.