RMX 2000 Administrator's Guide Version 7.6.1 - Polycom

Information Collector
Standard Security Mode
Ultra Secure Mode
Chapter 20-RMX Administration and Utilities
The Information Collector comprehensively attains all information from all the MCU
internal entities for data analysis. That data, stored in a central repository, is logged from the
following system components:
• System Log Files • Full faults
• CDR • Apache logs
• OS (Core dumps, CFG - DNS, DHCP,
NTP, kernal state, event logs
• CFG directory (without IVR)
• Signaling Trace files (H.323 & SIP) • Cards info: HW version, state and status
• Central Signaling logs • SW version number
• Processes internal state and statistics
The data collected is saved into a single compressed file containing all the information from
each system component in its relative format (.txt, .xml, etc...). In case the disk is
malfunctioning, the file will be written to the RAM (involves only a small amount of
information where the RAM size is 1/2 a gigabyte). The zipped file (info.tgz) can be opened
with the following applications: WinRAR and WinZip. The entire zipped file is then sent to
Polycom’s Network Systems Division for analysis and troubleshooting.
The Information Collector logs information from the RMX’s Network Intrusion Detection System
(NIDS), saving it into a compressed disk file. (If the disk malfunctions, the file is written to
RAM.) The zipped file (info.tgz) can be opened with either WinRAR or WinZip. The entire
zipped file can be sent to Polycom for analysis.)
Network Intrusion Detection System (NIDS)
The RMX system uses iptables for access control. For each different kind of packet
processing, there is a table containing chained rules for the treatment of packets. Every
network packet arriving at or leaving from the RMX must pass the rules applicable to it.
Depending on the nature of the suspect packets, the rules may reject, drop, or limit their
arrival rate (dropping the rest)
The RMX maintains a log that includes all unpermitted access attempts blocked by the fire
wall.
Unpermitted access includes:
• Access to ports which are not opened on the RMX
• Invalid access to open ports.
Using the Information Collector
When the Information Collector is used the following steps are performed:
• Step 1: Creating the Information Collector file.
• Step 2: Saving the Information Collector file.
Polycom, Inc. 20-55