Step 5: Set the Base Security Settings

Before deploying your Solstice Pods, certain security baselines should be configured to harden the security of your deployment. The following are the base security settings that Mersive recommends configuring. These basic security settings can apply to any organization that operates in a security-conscious environment, especially for larger, centrally-managed deployments. For additional security configurations, see Security Settings.

How To

To protect Pod configurations, you can set an admin password that will be required in order to make any configuration changes. Once an admin password is set, anytime the Dashboard is opened, you will be required to enter the password to change any configuration settings. This password will also be required to retrieve usage logs from your Pod or to perform a factory reset.

  1. Select all your displays in the list of Your Solstice Instances.
  2. Go to the Security tab.
  3. If you wish to enforce password validation rules (8-character minimum, one uppercase and one lowercase character, one number or special character), select the Enforce password validation rules option.
  4. In the Admin Password field, enter in the password you wish to use to be able to change the Solstice display's configuration, or remove the password entirely .

    5. It is highly recommended that you set the same administrator password for all your Solstice instances.

  5. Click Apply.

When screen key is enabled, in-room users will be required to enter in the screen key that is visible on the Solstice display before they are able to connect.

  1. Select the displays from the list of Your Solstice Instances.
  2. Go to the Security tab.
  3. Select the Screen key enabled option. A pop-up warning may appear.
  4. If you agree with the requirements of the warning, click Yes, enable Screen Key.
  5. Click Apply.

Moderator Mode allows a user to start a moderated session where they can approve or deny requests from other users to join the session or post content to the display.

Moderator mode is enabled by default.

  1. Open the Solstice Dashboard.
  2. Go to the Security tab.
  3. In the Access Control section, deselect the Moderator approval disabled checkbox.
  4. Click Apply.

This setting allows for Solstice network traffic between the Pod and user devices to be encrypted using a standard RSA/SHA cipher with a 2048-bit private key. This also includes network traffic related to configuration via either the Solstice Dashboard or the Pod’s web-based configuration (if enabled). When this option is enabled, the Solstice Dashboard will also send SLR updates via port 443.

By default, the Pod is loaded with a self-signed TLS certificate that is used when the Pod receives TLS connections. However, there is an option to upload a custom TLS certificate to be used instead. As a note, when the encryption option is disabled, the Pod will still use the TLS certificate for HTTPS traffic. For more information about certificate management in Solstice, see Enterprise Certificate Management.

  1. Open the Solstice Dashboard.
  2. Go to the Security tab.
  3. In the Encryption section, select the Encrypt Client/Server Communications option.
  4. If you wish to upload a custom TLS certificate to be used instead of the Pod's default self-signed certificate, go to the Certificate option and click the Browse button, then browse to and select the certificate file.
  5. Click Apply.

Next Step

Step 6: Add a Room Calendar