RealPresence CloudAXIS Suite

Transcription

1 ADMINISTRATORS GUIDE Software 1.1 April Rev A RealPresence CloudAXIS Suite

2 Trademarks 2013, Polycom, Inc. All rights reserved. POLYCOM, the Polycom "Triangles" logo and the names and marks associated with Polycom products are trademarks and/or service marks of Polycom, Inc. and are registered and/or common law marks in the United States and various other countries. All other trademarks are property of their respective owners. No portion hereof may be reproduced or transmitted in any form or by any means, for any purpose other than the recipient's personal use, without the express written permission of Polycom. Disclaimer While Polycom uses reasonable efforts to include accurate and up-to-date information in this document, Polycom makes no warranties or representations as to its accuracy. Polycom assumes no liability or responsibility for any typographical or other errors or omissions in the content of this document. Limitation of Liability Polycom and/or its respective suppliers make no representations about the suitability of the information contained in this document for any purpose. Information is provided "as is" without warranty of any kind and is subject to change without notice. The entire risk arising out of its use remains with the recipient. In no event shall Polycom and/or its respective suppliers be liable for any direct, consequential, incidental, special, punitive or other damages whatsoever (including without limitation, damages for loss of business profits, business interruption, or loss of business information), even if Polycom has been advised of the possibility of such damages. Customer Feedback We are striving to improve the quality of our documentation and we appreciate your feedback. your opinions and comments to Visit Polycom Voice Support for software downloads, product documents, product licenses, troubleshooting tips, service requests, and more. ii

3 About This Guide Contents About This Guide... v Who Should Read This Guide?... v Conventions Used in This Guide... v How This Guide is Organized... viii Chapter 1: Getting Started... 1 Understanding the Polycom RealPresence Platform... 1 Understanding the Minimum Requirements... 4 Learning the Port Usage... 6 Completing the Setup Worksheets... 8 Chapter 2: Deploying and Configuring the Services Portal and Experience Portal Deploying the Services Portal and Experience Portal Packages...18 Accessing the Services Portal...19 Accessing the Experience Portal...21 Configuring the Services Portal...22 Configuring the Experience Portal...42 Chapter 3: Creating and Managing User Accounts Understanding Account Roles...63 Creating Accounts...65 Editing Accounts...69 Deleting Accounts...73 Changing Your Password...74 Resetting a Password...75 Chapter 4: Providing Secure Guest Access Securing SIP Guest Access...78 Securing Web Access...79 Chapter 5: Troubleshooting the Services Portal User Cannot Create Meetings...80 User Cannot Launch the Welcome Screen...80 Configured Components are Not Responding...81 Super Admins and Admins Cannot Add an Active Directory User...81 User Cannot Send Notifications...81 iii

4 User Receives Unable to Create a Conference with a Personal VMR Message...81 User Receives External Server Not Set Message...81 Obtaining Services Portal Log Files...81 Appendix A: Creating a Google Talk App Appendix B: Creating a Facebook App Appendix C: Impact of DMA Factory Conference Settings on the Operation of the CloudAXIS Web Client Appendix D: Third-Party Software Appendix E: End User License Agreement iv

5 About This Guide This Administrators Guide uses a number of conventions that help you to understand information and perform tasks. Who Should Read This Guide? System administrators and network engineers should read this guide to learn how properly to set up the Services Portal. This guide describes administration-level tasks and is not intended for end users. Conventions Used in This Guide This admin guide contains terms, graphical elements, and a few typographic conventions. Familiarizing yourself with these terms, elements, and conventions will help you perform the admin tasks Terms and Writing Conventions As you read this guide, you will notice the same terms and conventions are used repeatedly. Make sure you familiarize yourself with these terms and conventions so you understand how to perform administration tasks. Apache Tomcat An open source web server and application container to run the Services Portal application. Experience Portal The meeting conference interface. Services Portal The backend for scheduling meetings, adding users, and adding contacts. NGINX An HTTP Server used to render static content and delegate requests to Apache Tomcat. FQDN Fully qualified domain name. Example of an FQDN: dma.example.com Network Time Protocol Server (NTP) The NTP server sets the time and date settings for Services Portal v

6 VMR Virtual Meeting Rooms (VMR) A virtual meeting space that users and endpoints can join to participate in a multi-party videoconference. VMRs are identified and addressed by numeric IDs. A VMR may be personal, persistent, or temporary. A personal VMR is assigned for the use of a single person to host their meetings, or shared/public. A persistent VMR remains in existence indefitnitely and can be used for different individual meeting events over time. A VMR is created for a specific meeting or time period and is deleted once the meeting or time period has ended. Also see the Polycom DMA 7000 System Operations Guide on the Polycom Support site. VMR Prefix Specifying a VMR prefix value allows the Services Portal and Experience Portal to know where to direct requests concerning a particular VMR Id. For example, if DMA-1 had the dialing prefix specified as 1 and DMA-2 had no dialing prefix specified, all portal requests concerning VMRs with Id 1xxxx would be directed to DMA-1 and requests concerning any other VMR Id would be directed to DMA-2. Information Elements The following icons are used to alert you to various types of important information in this guide: Icons Used in this Guide Name Icon Description Note Administrator Tip Caution Warning Web Info Timesaver Power Tip The Note icon highlights information of interest or important information needed to be successful in accomplishing a procedure or to understand a concept. The Administrator Tip icon highlights techniques, shortcuts, or productivity related tips. The Caution icon highlights information you need to know to avoid a hazard that could potentially impact device performance, application functionality, or successful feature configuration. The Warning icon highlights an action you must perform (or avoid) to prevent issues that may cause you to lose information or your configuration setup, and/or affect phone or network performance. The Web Info icon highlights supplementary information available online such as documents or downloads on support.polycom.com or other locations. The Timesaver icon highlights a faster or alternative method for accomplishing a method or operation. The Power Tip icon highlights faster, alternative procedures for advanced administrators already familiar with the techniques being discussed. vi

7 About This Guide Name Icon Description Troubleshooti ng Settings The Troubleshooting icon highlights information that may help you solve a relevant problem or to refer you to other relevant troubleshooting resources. The Settings icon highlights settings you may need to choose for a specific behavior, to enable a specific feature, or to access customization options. A few typographic conventions, listed next, are used in this guide to distinguish types of in-text information. Typographic Conventions Convention Bold Italics Underlined Blue Blue Text Fixed-width-font Description Highlights interface items such as menus, soft keys, file names, and directories. Also used to represent menu selections and text entry to the phone. Used to emphasize text, to show example values or inputs, and to show titles of reference documents available from the Polycom Support Web site and other reference sites. Used for URL links to external Web pages or documents. If you click on text in this style, you will be linked to an external document or Web page. Used for cross references to other sections within this document. If you click on text in this style, you will be taken to another part of this document. Used for code fragments and parameter names. This guide also uses a few writing conventions to distinguish conditional information. Writing Conventions Convention <MACaddress> Description Indicates that you must enter information specific to your installation, phone, or network. For example, when you see <MACaddress>, enter your phone s 12-digit MAC address. If you see <installed-directory>, enter the path to your installation directory. vii

8 Convention Description > Indicates that you need to select an item from a menu. For example, Settings > Basic indicates that you need to select Basic from the Settings menu. parameter.* Used for configuration parameters. If you see a parameter name in the form parameter.*, the text is referring to all parameters beginning with parameter. How This Guide is Organized This guide is organized into four chapters: Chapter 1: Getting Started Gives you a brief overview of the Services Portal and Experience Portal, the deployment prerequisites, and Setup Worksheets to assist you with configuring the Services Portal and Experience Portal. Chapter 2: Deploying and Configuring the Services Portal and Experience Portal Shows you how to deploy and configure the Services Portal and Experience Portal. Chapter 3: Creating and Managing User Accounts Shows you how to create, edit, and delete Active Directory and local user accounts. Chapter 4: Providing Secure Guest Access Gives you suggestions for enabling secure access to users located outside of your organization s firewall. Chapter 5: Troubleshooting the Services Portal Gives you troubleshooting procedures to resolve errors experienced by users. Appendix A: Creating a Google Talk App Shows you how to create a Google Talk app for enabling access to Google Talk contacts from the Experience Portal. Appendix B: Creating a Facebook App Shows you how to create a Facebook app for enabling access to Facebook contacts from the Experience Portal. Appendix C: DMA Factory Conference Template Settings Impact on the Operation of the CloudAXIS Web Client Uses a table to show you how DMA factory conference template settings impact CloudAXIS web client behavior. Appendix D: Third-Party Software Gives you the license details for third-party software mentioned in this guide. Appendix E: End-User License Agreement Gives you the Polycom end-user license agreement details. viii

9 Chapter 1: Getting Started The CloudAXIS Suite extends and enhances the Polycom RealPresence Platform by providing access to a shared meeting and collaboration experience that can include users from the hosting business and guests from outside the business. The key components of the suite are two virtualized server components deployed by the business: the Services Portal and the Experience Portal. The Services Portal enables users to create and participate in online video conference meetings. Users create meetings by logging into the Services Portal, selecting the type of meeting they want to create, setting the meeting parameters, and entering a list of participants to invite. The Services Portal also provides administrative capabilities for creating and managing users and for configuring the components that enable the online video conference meetings. The Experience Portal provides the meeting interface, enabling users to interact with features such as content share, group chat, and privacy settings. This guide shows you how to deploy and configure the Services Portal and Experience Portal packages and create and manage user accounts. This chapter gives you an overview of the RealPresence Platform, lists the deployment requirements for the Services Portal and Experience Portal, and provides worksheets to complete before starting the deployment and configuration. When you are ready to deploy and configure the Services Portal, see Deploying and Configuring the Services Portal and Experience Portal. This chapter is organized as follows: Understanding the Polycom RealPresence Platform Understanding the Minimum Requirements Learning the Port Usage Completing the Setup Worksheets Understanding the Polycom RealPresence Platform The Polycom RealPresence Platform is a suite of products used to enable and enhance standards-based videoconference collaboration between hardware and software endpoints from Polycom and optionally other vendors. In this implementation, it may include one or more of the components listed in the following table. 1

10 Table 1: RealPresence Platform Components Required or Optional Polycom Platform Component Purpose Required Distributed Media Application (DMA) Signaling, call control, and bridge virtualization. Required RealPresence Collaboration Server MCU for hosting conferences. Note that an external MCU can be used as well, which enables a connection directly to the DMA. Optional RealPresence Resource Manager Provisioning and managing endpoints Optional RealPresence Access Director solution* Firewall traversal Optional RSS recording and streaming server Media recording *An Acme Packet Net-Net Enterprise Session Director may alternately be used to secure firewall traversal. The Services and Experience Portals interoperate with the RealPresence Platform components along with the following standard IT infrastructure elements that the deploying organization should provide: Dynamic Host Configuration Protocol (DHCP) addresses. Allows the portals to obtain their IP Active Directory Server (LDAP) Enables integration with enterprise Active Directory servers for user management and authentication. Simple Mail Transport Protocol Server (SMTP) Enables sending meeting invitations and other notifications to users including login information and password reset/updates. HTTP Reverse Proxy Server Provides web clients with secure access to the CloudAXIS portals from outside the organizational firewall. For best results, a proxy server should be used that supports the Web Sockets protocol (RFC 6455). Note: Diagram Legend The components in the following diagram are specified as follows: CloudAXIS Components Identified by light blue. Third-Party Components Identified by orange. RealPresence Components Identified by bright red. End-Points Identified by dark red. 2

11 Getting Started Figure 1: Polycom RealPresence Platform The RealPresence Platform components work with the CloudAXIS Suite to enable users to create and participate in video conference meetings accessed from a web browser or other hardware and software video endpoints, including mobile devices running the Polycom RealPresence Mobile application. The meetings are scheduled in the Services Portal and run in the Experience Portal. The Services Portal and Experience Portal run on one or more VMware ESXi 5.x hosts. Scheduling a meeting in the Services Portal requires user or admin account access (see Understanding Account Roles). Participating in meetings, however, only requires access to a URL link sent in an or instant message and a downloaded plug-in. Users may be added to the Services Portal locally or through an integration with an enterprise Active Directory (LDAP) server. If LDAP is configured, all enterprise users are allowed to use their network credentials to access and host meetings on the Services Portal and to log into the Experience Portal.. To create a scheduled meeting, users log in to the Services Portal, select their meeting options, list the participants they want to invite, and then select the Schedule option. The Services Portal then contacts the DMA system to create a Virtual Meeting Room (VMR) on an MCU for all participants to join and an SMTP server sends out notifications to each invited participant. The invitation contains a URL, but can also contain information for SIP, H.323, and ISDN 3

12 access. When the meeting takes place, the DMA system validates the VMR and routes the call to the destination RealPresence Collaboration Server. When a user creates a meeting that starts immediately (ad-hoc), the user s Experience Portal launches and enables the user to begin inviting participants. The participants may be invited from an aggregated list of the meeting creator s Facebook, Google Talk, and/or Skype contacts. Accessing Facebook, Google Talk, and/or Skype contacts requires the Services Portal administrator to enable and provision app-user credentials. Then, the user downloads and installs a social plug-in to enable social integration by performing the following: Google Talk Log into Google Talk service via the Experience Portal. Facebook Log into Facebook service via the Experience Portal. Skype Run the Skype software, log in to the Skype service via the Skype software, instruct the Portal to integrate with the Skype session and allow that integration in the Skype client. All of the meeting creator s contacts that are currently online populate the contacts list in the Experience Portal. When a contact is selected, a URL is sent to the contact on that particular social IM. The invited participants click the URL or paste it in to their browser to gain access to the meeting. If a Polycom RSS server has been configured for the environment hosting the meeting, the creator of the meeting may select the record meeting option, which records all aspects of the meeting including all video streams, audio streams, and shared content. The Services Portal and Experience Portal are each packaged in an.ova file and must be deployed on VMware ESXi hosts using vsphere tools. For example, VMware vcenter using the vsphere client. Before deployment, be sure all the minimum requirements are met as outlined in the next section. Understanding the Minimum Requirements Before deploying the Services Portal and Experience Portal, you must complete the setup worksheets and meet the requirements listed in Table 2. To complete the setup worksheets, see Completing the Setup Worksheet. Table 2: Minimum Requirements Component RealPresence Platform Description Functioning RealPresence Platform with DMA and sufficient MCU capacity to meet your requirements. For more info, please see Understanding the Polycom RealPresence Platform. 4

13 Getting Started Component.OVA One or more ESXi hosts VMware vsphere vcenter controller Dynamic Host Configuration Protocol (DHCP) LDAP Server SMTP Server Edge Proxy HTTP Reverse Proxy Description Latest Experience Portal.OVA file, downloaded to your local machine from the Polycom support site. Latest Services Portal.OVA file, downloaded to your local machine from the Polycom support site. Must be version 5.0 or higher. Using a vsphere client, you must be able to access and administer your VMware ESXi hosts either directly or via a vcenter controlling the hosts. Optional Allows the portals to obtain their IP addresses. (Optional) Enables Enterprise user s authentication using their network credentials. Note that the Services Portal currently supports integration with only Microsoft Active Directory. This feature also enables administrators to import Enterprise LDAP server users. The administrator can edit the imported user s role or set the user status as inactive. For information on user roles, see Understanding Account Roles. For information on changing imported user accounts, see Editing Accounts Created from the Active Directory. Enables the Services Portal to deliver meeting invites and other notifications such as user onboarding. If providing access to external guests, a functioning firewall/nat traversal element such as RealPresence Access Director or. Acme Packet Net-Net Enterprise Session Director is required (see Understanding the Polycom RealPresence Platform). This element should be provisioned to allow SIP guest access (required) and H.323 access (optional) to your DMA and MCUs. If providing access to external guests, a functioning HTTP reverse proxy is required. This element should be provisioned to allow HTTPS and web socket access to the Experience Portal and HTTPS access to the Services Portal (optional). 5

14 Minimum Server Requirements The Services Portal and Experience Portal in the Polycom RealPresence CloudAXIS Suite are deployed as two virtual machine instances (one for the Services Portal and one for the Experience Portal). Each instance must meet the requirements in the following table. Table 3: Server Components per VM Instance Component CPU Virtual Cores RAM Accessible Storage Description Each instance must be hosted on a physical CPU with the following clock-speed characteristics: >=2.0 Ghz (Intel Xeon E5 Series or better CPU) >=2.5 Ghz (Intel Xeon 5500 Series or better CPU) Each instance must have 8 virtual cores. 8 GB 100 GB Learning the Port Usage This section lists the ports used to ensure successful network traversal for the Services Portal. 6

15 Getting Started Figure 2: Port Usage Diagram Table 4: Port Usage Inbound Protocol/Function Component Ports HTTP/HTTPS To provide access to the UI and REST APIs. 80 is enabled but redirects to 443. Table 5: Port Usage Outbound Protocol/Function Component Ports SMTP Between the Services Portal and SMTP server 25 for non-secure (SMTP). 587/465 for secure (SMTP-S). 7

16 Protocol/Function Component Ports LDAP XMPP SIP RTP/SRTP Between the Services Portal and LDAP Between web clients and social media. Between web-based clients and RPAD/DMA. Between web-based clients and RMX 800s for non-secure (LDAP). 636 for secure (LDAP-S). The CloudAXIS Social Plug-in running on a host-user's PC uses this port to communicate with Google Talk and Facebook services to get contact presence info and deliver instant message invites (UDP/TCP) /5061 (TLS) The SIP is the signaling protocol used between endpoints and the DMA for the Web Client, RPM, and other SIP endpoints. UDP ports These are used to cary visual and audio media between endpoints and the MCU(s). Completing the Setup Worksheets Before you begin the Services Portal deployment, complete the fields in the My System Values column of the Setup Worksheets. As you progress through the configuration, use the information in these worksheets as a reference. Table 6: Setup Worksheet for the LDAP Server Configuration LDAP Options My System Values Description Server Secure Enter the FQDN or IP address of the LDAP Server. Select to establish a secure connection to the LDAP Server. 8

17 Getting Started LDAP Options My System Values Description Port BaseDN Username Password Enter the port number to connect to the LDAP Server. Typical values: 389 for non-secure (LDAP). 636 for secure (LDAP-S). Specify the distinguished name (DN) of a subset of the Active Directory hierarchy. This determines the set of users that are able to schedule meetings via the Services Portal. Enter the LDAP service account user ID. Enter the login password for the service account user ID. Table 7: Setup Worksheet for the SMTP Server Configuration Server Settings My System Values Description Server Secure Port Login Id Password Enter the FQDN or IP address of the SMTP Server Select to establish a secure connection to the SMTP Server. After deployment, enter the port to use connect to SMTP Server. Typical values: 25 for nonsecure (SMTP). 587/465 for secure (SMTP-S). After deployment, enter the SMTP service account user ID. Enter the login password for service account user Id. 9

18 Server Settings My System Values Description Sender Mail Id Enter the ID to be used as the return address for notifications sent by the Services Portal. This will typically be configured as a null or no reply address. Table 8: Setup Worksheet for the Server Settings SMTP Options My System Values Description MEA Server Enter the URL including the FQDN assigned to the IP address of the Experience Portal. See Accessing the Experience Portal. This information is used in constructing the meeting links. Please make sure that this domain name is accessible to all users of the solution including any that may be located outside of the organization. WSP Server Enter the URL including the FQDN assigned to the IP address of the Services Portal. See Accessing the Services Portal. This domain name is used in constructing the login link to Services Portal. Please make sure that this domain name is accessible to all users who will access the Services Portal. 10

19 Getting Started Table 9: Setup Worksheet for the DMA Configuration System Configuration Information Name My System Values Description Enter a nickname to assign to the DMA system to distinguish it in the Services Portal configuration. Host Port Enter the FQDN or IP address of an individual DMA or the FQDN of the supercluster's virtual address if the DMA is part of a supercluster. Enter the TCP port number to use when communicating with the DMA system. Typically, you will specify port 8443 (corresponding to the https REST API for the DMA system). 11

20 System Configuration Information VMR Prefix Default Admin My System Values Description Enter the VMR prefix that corresponds to this DMA system. This is optional and for use in environments where a dialing plan is used to assign different VMR IDs to be handled by a peered set of DMA systems. Specifying this value allows the portals to know where to direct API requests concerning a particular VMR ID. For example, if DMA-1 had the dialing prefix specified as 1 and DMA-2 had no dialing prefix specified, all portal requests concerning VMRs with ID 1xxxx would be directed to DMA-1 and requests concerning any other VMR ID would be directed to DMA-2. Note that the VMR prefix must match what s on the DMA. To set this up this value, see the Polycom DMA 7000 System Operations Guide on the Polycom Support site. Enter a user account name with an administrative role that exists on the DMA system. Note that if the DMA system is configured to have multiple domains, make sure that the admin user account has access to all the domains and hence can search the VMRs of all users. This typically requires a domain account rather than a local DMA account. Also note that the DMA system must have an MCU Pool order named Factory Pool Order. See the Polycom DMA 7000 System Operations Guide for more on adding MCU Pool orders. 12

21 Getting Started System Configuration Information Admin Password Owner Domain Owner Username Generate VMR From Range My System Values Description Enter the password value defined on the DMA system for the Default Admin account. Enter the domain of the user account assigned for creating meetings in the DMA system. For local domains, enter LOCAL. Enter the username assigned for creating meetings in the DMA system. The username must match the name of a user account defined on the DMA system. The user does not need to be an administrator. For information on how to create a username for the DMA system, see the Polycom DMA 7000 System Operations Guide on the Polycom Support site. This is a checkbox option. Selecting this box displays two text boxes for entering a range. This option is used by admins to allow the Service Portal to randomly generate VMRs on the DMA within a specified range. This allows admins to separate the VMRs used with meetings that start immediately from permanent VMRs on same DMA. Note that the range must be all positive numbers with a maximum of 10 digits. The first text box is for the lowest of the range and the second text box is for the highest. As an example, entering a range of 123 to 1234, the Services Portal will generate VMRs between 123 and

22 Table 10: Setup Worksheet for the DMA Server Point of Presence Configuration System Configuration Information Location Transport My System Values Description Enter the location name assigned in the Services Portal to identify a particular Point of Presence available for dialing. A single location may have multiple transport protocols configured for it. Note that a point of presence is a network location that is routed directly or indirectly to the DMA from where clients or endpoints can connect to participate in a conference. Select the transport protocol associated with the location and dial string. Select from SIP, H.323, ISDN, and PSTN. For information on provisioning endpoints for SIP, see the Polycom RealPresence Resource Manager Operations Guide. For information on enabling SIP calls for mobile apps, see the help files on the Polycom RealPresence Mobile support page. Note that it is mandatory for Experience Portal to have at least one SIP POP configured. 14

23 Getting Started System Configuration Information My System Values Description Dialstring Dialstrings (SIP URI, H.323 E.164 enum, PSTN phone number) are used by a video or audio endpoint to join a conference hosted by the DMA. Typically for SIP and H.323 callers, this string includes the address or domain name (preferred) of the edge traversal device (RPAD or Acme) provisioned to allow external access to this DMA. Table 11: Setup Worksheet for the Date Time Configuration System Configuration Information NTP Server My System Values Description Enter the Network Time Protocol server FQDN or IP address. The Services Portal synchronizes time and date settings from this server. Entering the NTP will automatically populate the Date and Time fields. Note that the portals are configured to UTC time zone and this is not configurable. 15

24

25 17

26 Chapter 2: Deploying and Configuring the Services Portal and Experience Portal The Services Portal and Experience Portal require deployment on a VMware EXSi host using a vsphere Client administrative GUI. Deploy the Services Portal first then the Experience Portal. Once they are both deployed, log in to the Services Portal with the default super admin credentials and configure the server settings then complete the Experience Portal configurations. When the configurations are complete, the Services Portal is ready for adding and managing users. Once users receive access, they can use the Services Portal to create meetings and add contacts and use the Experience Portal to enable conference interaction. You can find information on accessing and using the Services Portal as a user in the RealPresence CloudAXIS Suite User Guide. This chapter shows you how to deploy and configure the Services Portal. Before you begin, confirm the prerequisites and complete the Setup Worksheets provided in Getting Started. See the steps for deploying and configuring the Services Portal in the following sections of this chapter. 1 Deploying the Services Portal and Experience Portal Packages 2 Accessing the Services Portal 3 Accessing the Experience Portal 4 Configuring the Services Portal 5 Configuring the Experience Portal Deploying the Services Portal and Experience Portal Packages Before you begin, confirm that you meet the prerequisites listed in Getting Started then deploy the Services Portal and Experience Portal.OVA files to your VMware vcenter. Note that when the portal instances boot up, they will each attempt to obtain an IP address via DHCP. The instance IP address and MAC address can be determined by accessing the instance information using the vsphere Client. It is recommended that the instance IP assignments be made permanent by modifying your DHCP server s configuration to map the current IP address or another preferred address of your choosing to the respective instance MAC address. Then, reboot the instance if necessary for it to obtain a new address. It is also recommended that you modify your DNS server settings to assign a domain name to each instance based on the permanent IP address you have selected. 18

27 Deploying and Configuring the Services Portal and Experience Portal Note: Order of Deployment The packages may be deployed, accessed, and configured in any logical relative order.. The order described in this document is recommended for those unfamiliar with the overall process, however. Accessing the Services Portal Obtain the Services Portal FQDN from your DNS server, open a browser, and enter the FQDN in the address bar. The Services Portal login screen displays, and you are now ready to configure the Services Portal for use. For the first Services Portal login, use admin/admin, then accept the End User License Agreement (EULA). Until the EULA is accepted, no further action can be taken. After accepting the EULA, change the password for security. For changing passwords, see Changing Your Password. Note that you should activate the Services Portal license before beginning the configuration process. To activate the license, see Activating the Services Portal License. Troubleshooting: URL (FQDN) Does Not Respond If the Services Portal URL does not respond and open the Services Portal login screen, confirm that the Nginx, Apache, or all servers are running as follows: To check the Nginx, Apache, or all servers: 1 Using your SSH client, access the Services Portal FQDN. 2 Login as a priveleged administrator using [caxis/caxis]. 3 Get status: Enter the following to get the Nginx status: service nginx status Enter the following to get the Apache status: services tomcat6 status Enter the following to get the status on all servers: service --status-all 4 Start servers if they are not running and restart them if they are running but you are still having problems with the link: Start up servers: services <SomeServer> start Restart servers: services <SomeServer> restart Note: Configuration Note The FQDN is required when configuring the Services Portal. Enter the Services Portal FQDN you noted in the Setup Worksheet for the Server Settings. 19

28 Activating the Services Portal License When the Services Portal is first accessed and the End User License Agreement is accepted and the Activate License alert, shown next, displays at the top of the screen. You should activate the license before configuring the Services Portal. Activating the license requires having an account on the Polycom Support site. If you do not have an account, create one now. This section explains the process for activating your license. Before you begin, locate your license number in your CloudAXIS product documentation. Figure 3: Activate License Alert To activate the license: 1 On the Actice License alert, click Activate Now. The License screen displays the serial number, shown next. Keep this screen open 2 Open a new browser page, sign in to the Polycom Support, hover your mouse over License & Product Registration to display menu options, then select Activation/Upgrade. 3 Select Site & Single Activation/Upgrade. 4 In the Site & Single Activation/Upgrade screen s Serial Number text box, enter the serial number from the License screen displayed in step 1 and click Accept Agreement. 5 Enter the license number from your Polycom CloudAXIS product documentation into an empty License Number text box and click Activate. 20

29 Deploying and Configuring the Services Portal and Experience Portal The key code displays. 6 Enter the key code in the License screen s Activation Key text box, displayed in step 1, and click Activate. The license is now activated. Accessing the Experience Portal Obtain the Experience Portal FQDN from your DNS server, open a browser, and enter the FQDN in the address bar. The full URL of the server is FQDN>:9445. Note: Configuration Note The FQDN is required when configuring the Experience Portal. Enter the Experience Portal FQDN in the Setup Worksheet for the Server Settings To directly call a VMR, enter the URL FQDN>. No additional port number is needed. Activating the Experience Portal License When the Experience Portal server is online, the Polycom System Administration application launches in your default browser with an alert to activate your license at the top of the screen. You must activate the license before configuring the Experience Portal. Note that activating the license requires having an account on the Polycom Support site. This section explains the process for activating your license. Before you begin, locate your license number in your CloudAXIS product documentation; this is the same product documentation used for Activating the Services Portal License. To activate the license: 1 Log in to the Polycom System Administration app. For first time login, use the default credentials: admin/admin. Admin Tip: Admin Credentials After logging in with default credentials, change your password. See Changing the System Administration Application Password 2 In the System Administration app, select Maintenance > Tools > Read Serial Number, shown next. 21

30 3 Select Go. Your serial number is displayed. 4 Open a new browser page, sign in to the Polycom Support site, hover your mouse over License & Product Registration to display menu options, select Activation/Upgrade. 5 Select Site & Single Activation/Upgrade. 6 In the Site & Single Activation/Upgrade screen s Serial Number text box, enter the serial number from step 3 and click Accept Agreement. 7 Enter the license number from your Polycom CloudAXIS product documentation into an empty License Number text box and click Activate. The key code displays. 8 In the System Administration app, select Settings > Admin UI and locate the License Key text entry box. 9 Enter the key code from step 7 in the License Key text box and click Submit. The license is now activated. Configuring the Services Portal The Services Portal supports three types of accounts: super admin, admin, and user. Each account type provides a different level of access. Only super admin accounts have access to the Services Portal Platform Settings screen. You must log in as a super admin to configure and update the Services Portal settings. For information on the account roles, see Understanding Account Roles. For first-time configurations, log in to the default super admin account and enter the LDAP, SMTP, core settings, and DMA system information in the Services Portal Settings screen. This information enables user management and video conference meeting creation and management functionalities. This section shows you the steps for configuring the Service Portal. Before you begin, you must deploy the Services Portal and Experience Portal packages as described in Deploying the Services Portal and Experience Portal Packages. Perform the first-time configuration steps in the following order: 1 Logging in as the Super Admin 2 Configuring Connection to the LDAP Server 22

31 Deploying and Configuring the Services Portal and Experience Portal 3 Configuring the Connection to the SMTP Server 4 Configuring Additional Server Settings 5 Configuring Social Policies 6 Configuring the Connection to the DMA System and RPAD Servers 7 Setting Date and Time 8 Managing Certificates 9 Selecting and Downloading Log Level Logging in as the Super Admin You must log in as a super admin to configure or update the Services Portal settings. The super admin account has special access to the Settings and Platform Settings tabs, shown next. For first-time configurations, log in with the default super admin credentials (Username/Password: admin/admin) then change the password for security. For changing passwords, see Changing Your Password. Figure 4: Super Admin Tabs Admin Tip: Creating Additional Super Admins When the Services Portal is launched for the first time, it is recommended that you create another super admin account after the configuration is completed. See Creating Accounts for more information. Login with the new super admin credentials and delete the default super admin account for secure access. 23

32 Configuring Connection to the LDAP Server The LDAP server enables the Services Portal to import external user accounts, edit external user account default roles, set external user accounts as active or inactive, and authenticate user logins. This section shows you how to configure connection to the LDAP server. You must log in as a super admin before configuring this connection. For more information, see Logging in as the Super Admin. Note: Setup Worksheet This section specifically refers to information entered in the Setup Worksheet for the LDAP Server Configuration. Complete the worksheet in advance and use it as a reference during the configuration process and to obtain information about each field. To configure the connection to the LDAP server: 1 Select Settings > Core Settings > LDAP. The LDAP Settings screen displays, shown next. 24

33 Deploying and Configuring the Services Portal and Experience Portal 2 Enter the following in the LDAP Settings screen: Server Enter the LDAP FQDN or IP address. Secure Check the checkbox to establish a secure connection. This is optional but recommended. Port Enter the LDAP port number (typically 636 for secure and 389 for non-secure). BaseDN Enter the distinguished name entered in the Setup Worksheet for the LDAP Server Configuration. Username Enter the LDAP services account user ID for system access to the Active Directory.Password Enter the login password for the LDAP services account user ID. 3 Click Update to finish the configuration or Reset to populate the fields with the most recently updated LDAP information. 25

34 Configuring the Connection to the SMTP Server The SMTP server enables the Services Portal to send notifications to users when their account is created, when their account details are updated, when they are invited to a meeting, or when a meeting they created or have been invited to is updated or cancelled. This section shows you the steps for configuring the connection to the SMTP server. You must log in as a super admin before configuring the SMTP server. For more information, see Logging in as the Super Admin. Note: Setup Worksheet This section specifically refers to information entered in the Setup Worksheet for the SMTP Server Configuration. Complete the worksheet in advance and use it as a reference during the configuration process and to obtain information about each field. Note: Active Directory Users Because the Services Portal considers all imported Active Directory users to have enabled accounts until explicitly disabled, s are not sent when an Active Directory user is imported. To configure the connection to the SMTP server: 1 Select Settings > Core Settings > SMTP. The SMTP Settings screen displays, shown next. 26

35 Deploying and Configuring the Services Portal and Experience Portal 2 Enter the following in the SMTP Settings screen: Server Enter the SMTP FQDN or IP address. Secure Check the checkbox to establish a secure SMTP-S/SSL connection. This is optional but recommended if the SMTP server supports secure connection. Port Enter the SMTP port number (typically 25 for non-secure SMTP and 587 or 465 for SMTP-S). Login Id Enter the SMTP service account user ID. This is not required for non-secure connection. Password Enter the service account user ID login password. This is not required for non-secure connection. Sender Mail Id Enter the ID used to send notifications. 3 Click Update to finish the configuration or Reset to populate the fields with the most recently updated SMTP information. 27

36 Configuring Additional Server Settings This section shows you how to enter the locations of the Services Portal and Experience Portal servers. The purpose of each server follows: Web Services Portal (WSP) Server Hosts the Services Portal. Meeting Experience Application (MEA) Server Hosts the Experience Portal. Before you begin, you must be logged in to the Services Portal as a super admin. For more information, see Logging in as the Super Admin. Note: Setup Worksheet This section specifically refers to information entered in the Setup Worksheet for the Server Settings. Complete the worksheet in advance and use it as a reference during the configuration process and to obtain information about each field. To configure the additional server settings: 1 Select Settings > Core Settings > Server Settings. The Server Settings screen displays, shown next. 2 Enter the following in the Server Settings screen MEA Server Enter the Experience Portal s FQDN from Accessing the Experience Portal. 28

37 Deploying and Configuring the Services Portal and Experience Portal WSP Server Enter the Services Portal s FQDN from Accessing the Services Portal. 3 Click Update to finish the configuration or Reset to populate the fields with the most recently updated Server Settings information. Configuring Social Policies Users can send conference invitations in an instant message to any online contacts listed in their Skype, Facebook, and/or Google Talk accounts. How you enable access to social contacts depends on which social connector(s) you want to use: Skype To enable access to Skype contacts, select the Skype checkbox in the Social Policy page. Google Talk Enabling access to Google Talk contacts requires the following steps: a Create a Google Talk app. See Appendix A: Creating a Google Talk App. This app is only enabled to share the contacts lists while keeping the usernames, passwords, and other information private. b Select the Google_Talk checkbox in the Social Policy page. c Enter the app ID and App Secret, retrieved from step 10 of Appendix A: Creating a Google Talk App. Facebook Enabling access to Facebook contacts requires the following steps: a Create a Facebook app. See Appendix B: Creating a Facebook App. This app is only enabled to share the contacts lists while keeping the usernames, passwords, and other information private. b Select the Facebook checkbox in the Social Policy page. c Enter the app ID and App Secret, retrieved from step 4 of Appendix B: Creating a Facebook App.. Note: CloudAXIS Social Plug-in Accessing any of the social connectors also requires the CloudAXIS Social Plug-in; this plug-in is downloaded when a user accesses the Experience Portal menu s Contacts option. For more information, see the RealPresence CloundAXIS User Guide. This section shows you how to enable and disable Skype, Facebook, and/or Google Talk account access in the Services Portal. Before enabling access to Google Talk contacts, you must create a Google Talk app. See Appendix A: Creating a Google Talk App for more information. Before enabling Facebook contacts, you must first create a Facebook app. See Appendix B: Creating a Facebook App for more information. Note that you must log in to the Services Portal as a super admin before entering the social policy settings. For more information, see Logging in as the Super Admin. 29

38 To configure social policies: 1 Select Settings > Social Policy. The Social Policy Settings screen displays, shown next. Skype, Facebook, and Google Talk options are displayed. 2 Click the checkboxes for Skype, Google Talk, and/or Facebook to select or deselect the social policy options. Selecting a checkbox enables users to access the account type s contact list from the Experience Portal; deselecting disables users from accessing the account type s contact list from the Experience Portal. When selecting Google Talk and/or Facebook, the App ID and App Secret text boxes display, shown next. 30

39 Deploying and Configuring the Services Portal and Experience Portal Enter the following: Google_Talk When selecing Google Talk, enter the following information:.» App ID Enter the Client ID from step 10 of of Appendix A: Creating a Google Talk App.» App Secret Enter the Client Secret from step 10 of Appendix A: Creating a Google Talk App. Facebook When selecing Facebook, enter the following information:» App ID Enter the App ID and from step 4 of Appendix B: Creating a Facebook App.» App Secret Enter the App Secret from step 4 of Appendix B: Creating a Facebook App. 3 Click Update. 31

40 Configuring the Connection to the DMA System and RPAD Servers This section shows you how to enter the configuration details for your DMA system, RPADs, and points of presence. The DMA system enables the Services Portal to launch online video conference meetings, the RPAD is an external link to the DMA that enables firewall traversal, and a point of presence enables you to route directly or indirectly to the DMA. As an example, a point of presence configured with an FQDN that points to the RPAD externally and points to the DMA from within the Polycom network enables the Services Portal to communicate with the DMA from either side of a firewall. You must log in to the Services Portal as a super admin before entering the server settings. For more information, see Logging in as the Super Admin. Note: Setup Worksheet This section specifically refers to information entered in the Setup Worksheet for the DMA Configuration. Complete the worksheet in advance and use it as a reference during the configuration process and to obtain information about each field. To configure the connection to the DMA system: 1 Select Settings > DMA Config. The DMA Config Settings screen displays, shown next. 2 Click +Another DMA. A group of text boxes displays on the screen, shown next. 32

41 Deploying and Configuring the Services Portal and Experience Portal 3 Enter the following in the DMA Config screen options: Name Enter the name to this DMA system. Host Enter the DMA system interface FQDN. Port Enter 8443 as the DMA system communication port. VMR Prefix Enter the VMR prefix configured on the DMA system, maxium 4 digits. This is optional. Note that a personal VMR will only work if it exists on the DMA system. Default Admin Enter the DMA system admin user name. Admin Password Enter the DMA system admin account password. Owner Domain Enter the domain of the owner who creates the meetings. Owner Username Enter the user name of the owner who creates the meetings. Generate VMR range Select to enter the range of numbers allowed for generating VMRs. When selected, two text boxes display, shown next: 4 Click + Another POP to enter your point of presence information. The Point of Presence screen is shown next. 33

42 Note: Point of Presence A point of presence is a network location that is routed directly or indirectly to the DMA from where clients or endpoints can connect to participate in a conference The points of presence are configurable as follows: Direct connection to DMA. Externally to access the DMA via h.323 video border proxy. Externally routed via SIP Session Board Controller (SBC) including Polycom Real Presence Access Director (RPAD) or any third-party session boarder controller. ISDN. Audio dial-in via Public Switch Telephony Network (PSTN). The client or end point could be the CloudAXIS Experience Portal, a seperate soft client such as Polycom RealPresence Mobile, a hardware appliance such as Polycom Group Series or a telephone Enter your point of presence information from the Setup Worksheet for the DMA Server Point of Presence Configuration as follows: Note: Entering Points of Presence (POP) Enter the POPs in the order you want the Services Portal to use first. For example, internal POPs should be entered first. Also note that it is mandatory to add at least one SIP POP. Location Enter the geographic location name of the URI. This is optional. Transport PSTN). Select the protocol associated with the access point (SIP, H323, ISDN, Dialstring Enter the string associated with the protocol that is configured to have access to DMA system externally. Click +Another POP to enter another point of presence as needed. 5 Click Configure. 34

43 Deploying and Configuring the Services Portal and Experience Portal Setting Date and Time The Services Portal uses a Network Time Protocol Server (NTP Server). This section shows you how to set the date and time for the Services Portal. Note: Setup Worksheet) This section specifically refers to information entered in the Setup Worksheet for the Date Time Configuration. Complete the worksheet in advance and use it as a reference during the configuration process and to obtain information about each field.. To set the date and time: 1 Select Platform Settings > Date Time. The Date Time screen displays, shown next. 2 The Date Time screen displays the following text boxes: NTP Server Enter NTP server IP address or FQDN to synchronize the time on Services Portal system. Time Zone Nothing needs to be entered in this field. This field displays the time zone of the Services Portal. Date & Time Nothing needs to be entered in this field. This field displays the time of the Services Portal. 3 Click Update. 35

44 Managing Certificates The Services Portal requires a secure connection. When a secure connection is established, the browser receives a self-signed certificate or a certificate signed by a third party Certificate Authority verifying the identity of the Services Portal. This section shows you how to generate self-signed certificates and certificate sign requests (CSRs); how to view, download, and delete certificates; and how to upload third-party signed and trust certificates to the Services Portal. Generating Certificates and CSRs This section shows you how to generate self-signed certificates and certificate sign requests (CSRs). You must send the CSRs to a third party Certificate Authority for a digital signature then upload the signed certificate. For uploading certificates, see Uploading Certificates. Note that you must log in as a super admin to create certificates and CSRs. To determine your account type, see Understanding Account Roles. Caution: Overwrite Warning Be sure you need a new certificate or CSR before following this procedure. Generating a new certificate or CSR overwrites the previous. To check, see Viewing, Downloading, and Deleting Certificates. Note: Other Requirements The certificates created from CSRs generated by the Services Portal will only authenticate the user connection to the Services Portal. A separate CSR needs to be externally generated for the Experience Portal and RealPresence components. Send the externally generated CSR to a Certificate Authority, then upload the signed certificate and key to the components and Services Portal. For uploading to the Services Portal, see Uploading Certificates. To generate certificates and CSRs: 1 Select Platform Settings > Certificate > Generate CSR/Certificate. The Certificate Management screen displays, shown next. 36

45 Deploying and Configuring the Services Portal and Experience Portal 2 Enter the following in the Certificate Management screen: Operation Type Select the Operation Type drop-down and choose one of the following:» CSR Generates a Certificate Signing Request (CSR). Send the CSR to a Third Party Certificate Authority for a digital signature then upload the signed certificate to the server. For uploading, see Uploading Certificates.» Certificate Generates a self-signed certificate. 37

46 Type Select the drop-down and select WebServer. Organization Enter your organization name. Organizational Unit Enter your organization unit information. Country Enter the two letter ISO code for your organization s country. State Enter your state with full spelling. Location Enter your organization s city or location. Sub Alternate Name Enter the list of host names protected by this certificate. The host names must be separated by commas. 3 Click Generate. Note: Restart Services Portal Server After generating your certificate, the Services Portal server must be restarted to recognize the certificate. Note that a restart is not needed for generating CSRs. To restart: 1 Using your SSH client, access the Services Portal FQDN. 2 Login as a priveleged administrator using [caxis/caxis]. 3 Restart servers: services <SomeServer> restart Viewing, Downloading, and Deleting Certificates Super admins use the certificate list to confirm if a certificate is needed and to delete obsolete certificates. This section shows you how to view, download, and delete certificates in the Services Portal. To view, download, or delete certificates and CSRs: 1 Select Platform Settings > Certificate > Certificate List. The Certificate List screen is shown next. Any existing certificates are displayed. 38

47 Deploying and Configuring the Services Portal and Experience Portal 2 Select one of the following options: View Click to view and/or download the certificate. To download: 1. After selecting View, copy the entire hash from BEGIN CERTIFICATE to END CERTIFICATE. 2. Paste the text in to a text file. 3. Rename the extension.cer. If the file is a CSR, you can now send the file to a third-party CA for signing. Delete Click to delete the certificate. This option is only available to WebApp-trust certificates. Webserver certificates can only be regenerated or uploaded as a Certificate Authority signed certificate. For generating WebApp certificates, see Generating Certificates and CSRs. Caution: Deleting Trust Certificates Deleting trust certificates can break the chain of certificate trust. Uploading Certificates or Certificate Chain The Services Portal enables super admin users to upload two types of required certificates: third party certificates signed by a Certificate Authority and trust certificates. Upload the signed certificate to establish a secure communication with users and verify the identity information of Services Portal servers. Upload the trust certificate for servers that require secure communication such as the Active Directory server, SMTP server, and DMA system. This section shows you how to upload signed third party and trust certificates to the Services Portal. To upload certificates: 1 Select Platform Settings > Certificate > Upload Certificate, shown next. 39

48 2 Perform the following: a To upload a third-party signed certificates 1. Select the WebServer Own option in the Type drop-down menu. 2. Click the icon. 3. Navigate to the certificate or certificate chain and select Open. 4. Click Upload. b To upload a trust certificate. 1. Select the WebServer Trust option in the Type drop-down menu. 2. Click the icon. 3. Navigate to the certificate and select Open. 4. Click Upload. Note: Restart Services Portal Server After uploading your certificate, the NGINX and Tomcat servers must be restarted to recognize the certificate. To restart: 1 Using your SSH client, access the Services Portal FQDN. 2 Login as a priveleged administrator using [caxis/caxis]. 3 Restart servers: services <SomeServer> restart 40

49 Deploying and Configuring the Services Portal and Experience Portal Selecting and Downloading Log Levels The Services Portal log levels are listed by hierarchy and displayed in a drop-down menu. When you select a log level, the Services Portal prints the selected level, along with all the lower levels, to a log file that can be downloaded. This section explains each log level, shows you how to select a log level to print, and shows you how to download the log file. To select a log level or download the log file: 1 Select Platform Settings > Logs. The log level options screen displays, shown next. 2 Select the Level drop-down arrow to display all the log level options in order of hierarchy, shown next. 3 Choose one of the following log levels: ALL Turns on all logging. Error Logs errors that might still allow the Services Portal to keep running. Warn Logs potentially harmful situations. 41

50 Info Logs messages that highlight the progress of the application at coarse-grained level. Debug Logs fine-grained information that are helpful for debugging. Trace Logs finer-grained information than Debug. These logs are also helpful for debugging. Off Turns off the logging. Note: Log Level Heirarchy When a log level is selected, all levels beneath the selected level are also printed. For example, selecting Info will print the Info, Debug, and Trace levels. 4 Select one of the following options: Click Update to begin printing from the selected level. Click Download to download the log file. Configuring the Experience Portal Before configuring the Experience Portal, you must have the address for the DMA/conference provider, deploy the Experience Portal, and activate the Experience Portal license. For deploying the Experience Portal, see Deploying the Services Portal and Experience Portal Packages. For activating the Experience Portal license, see Activating the Experience Portal License. When the Experience Portal server is online, opening Portal FQDN>:9445 in your default browser will launch Experience Portal Administration app, enabling you to configure the Experience Portal server. The Administration app has a number screens, each containing fields that require specific values. This section is divided by screen name and uses tables with field names and value descriptions to help you configure the Experience Portal. The Experience Portal configurations are saved in the settings.json file, which can be exported and saved as a back up or imported to another Experience Portal server. This section explains how to set the Experience Portal configurations with the Experience Portal Administration tool and is divided as follows: Configuring the Server Settings Configuring the Environment General Settings Configuring the Meeting Hosts Configuring the Services Portal Connection (WSPConf) Settings Configuring the VMR Settings 42

51 Deploying and Configuring the Services Portal and Experience Portal Configuring the Services Portal Authentication Provider (WSPAuth) Settings Configuring the DMA Settings Viewing Experience Portal Log Files Applying Experience Portal Configurations Changing the System Administration Application Password Exporting the Experience Portal Configuration File Importing the Experience Portal Configuration File Configuring the Server Settings This section uses a table with field names and value descriptions to help you configure the server settings in the Administration app. This configuration applies to the entire server instance across all configured environments. To configure the Server Settings: 1 With the System Administration application open in your browser, select the Settings tab at the top > Server, shown next The screen displays a list of text box fields, shown next. 43

52 2 The Server Fields table, shown next, contains a list of fields found in the System Administration app s Server screen. Use the value descriptions for each field listed in the table to determine the values you need to enter in the Server screen. Table 12: Server Fields Field Name Base Port License Key Value Enter the internal port 9301 used by the hosts. Contact your sales representative to obtain the license key that applies to your serial number. Note that you can find your serial number in the Administration application by selecting Maintainence > Tools > Read Serial Number. Maximum Instances Select 1 3 Click Submit. 44

53 Deploying and Configuring the Services Portal and Experience Portal Configuring the Environment General Settings This section uses a table with field names and value descriptions to help you configure the general settings in the Administration app. The General Settings applies to all sub-components within the specified environment. To configure the General Settings: 1 With the System Administration application open in your browser, select the Settings tab at the top > Environment > General Settings, shown next. The screen displays a list of text box fields, shown next. 45

54 2 The General Settings Fields table, shown next, contains a list of fields found in the System Administration app s General Settings screen. Use the value descriptions for each field listed in the table to determine the values you need to enter in the General Settings screen. Table 13: General Settings Fields Field Name Description Enabled Value Enter a description of the Experience Portal Place a check in the Enabled checkbox. 46

55 Deploying and Configuring the Services Portal and Experience Portal Field Name SSL Proxy Type Secure External Address External Address (non-secure) Secure Internal Address Internal Address (non-secure) Value This is the method used to proxy internally from the internal URL port to the host. In TCP mode, traffic is routed to host 0. Select TCP. Enter the secure public web address of Experience Portal exposed to clients. This is usually via an edge device such as a reverse proxy. This should match the CN or be listed in the SAN in the certificate. Enter a public fully qualified web address that the server will listen on. Enter the internal FQDN that the server will listen on. May incude a port if non-standard. This should match the CN certificate. By default, this port is 8443 The private fully qualified web address that the server will listen on. May include a port if nonstandard. If a secure URL is also specified, this interface will redirect to the secure interface. By deault, this port is Select Submit. Configuring the Meeting Hosts This section uses a table with field names and value descriptions to help you configure the Meeting Host settings in the Administration app. The Meeting Host is the service responsible for serving the user interface to the end-user and acts as a broker between all components in the system. To configure the Meeting Hosts: 1 With the System Administration application open in your browser, select the Settings tab at the top > Environment > Meeting Hosts, shown next. 47

56 The screen displays a list of text box fields in two areas of the Meeting Hosts screen. Note that the top of the screen, shown next, contains the fields listed in the Meeting Hosts Fields table and the Authmatch Fields table. The bottom of the screen contains the fields listed in the Lobby Rule Fields table. 2 The Meeting Hosts Fields table, shown next, contains a list of fields found in the System Administration app s Meeting Hosts screen. Use the value descriptions for each field listed in the table to determine the values you need to enter in the fields at the top of the Meeting Hosts screen text boxes. For fields listed under authmatch, see step 3. Table 14: Meeting Hosts Fields Field Name Default Skin Log Level Value Enter the skin file to customize the meeting UI. If no match is found for this meeting, this is the skin applied. Enter a comma separated list from trace, error, debug, and info. 48

57 Deploying and Configuring the Services Portal and Experience Portal 3 The authmatch lists rules made up of three fields: Match, Property, and Realm. The rules can be dragged into a specific order. The authentication matching stops when it matches the first rule. The authmatch field descriptions follow: Match Enter a regular expression that will be applied to the value. For example, entering https?://<domainname> will search for a specific secure domain. Property Select the property to apply the rule to. There are three properties:» UserAddress Users s address.» SSOSource URL of the website the user enters the meeting from. This field is preconfigured and should not be modified unless explicitly directed to.» SSOUsername Sets the realm to Services Portal address. This field is preconfigured and should not be modified unless explicitly directed to. Realm Enter the target authentication realm. This routes messages to authentication agents with this realm listed in their realms property. This can also be a regular expression value such $1 for the first match. This authentication agent is most likely the Services Portal that is also being deployed. 4 Lobby Rules are used to determine the meeting experience behavior when an attendee joins a meeting. This can include aspects such as the visual skin they see. The Lobby Rule Fields table contains a list of fields listed under the Meeting Hosts screen s Lobby Rules section, shown next. Use the value descriptions for each field listed in the table to determine the values to enter in the Lobby Rule screen. Note that multiple Lobby Rules can be set. Drag the Lobby Rules to determine the order of rules. The meeting matching stops when a match is made. 49

58 Table 15: Lobby Rule Fields Field Name Match Property Route Skin Value Enter an expression that will be applied to the value. The property applied to the rule. The property is preconfigured and does not need to changing. There are two possible properties: Lobby Code This is the part of the URL after the /. Host This is the part of the URL before the /. A unique name in the routing plan, used to route messages to agents with this route listed in the agent s routes property. The skin that will be applied if this rule matches 50

59 Deploying and Configuring the Services Portal and Experience Portal 5 Click Submit. Configuring the Services Portal Connection (WSPConf) Settings This section uses a table with field names and value descriptions to help you configure the WSPConf settings in the Administration app. 1 With the System Administration application open in your browser, select the Settings tab at the top > Environment > Agents > WSPConf Settings, shown next. The screen displays a list of text box fields, shown next. 51

60 2 The WSPConf Settings screen contains the Target Url field. In this field, enter the Services Portal URL including an existing super admin username and password. Note that the default existing account is meaconf/meaconf. Do not change any other fields in this screen. Format: Portal Domain> Example: 3 Click Submit. Configuring the VMR Settings This section uses a table with field names and value descriptions to help you configure the VMR settings in the Administration app. To configure the Personal VMR Settings 1 With the System Administration application open in your browser, select the Settings tab at the top > Environment > Agents > VMR Settings, shown next. The screen displays a list of text box fields, shown next. 52

61 Deploying and Configuring the Services Portal and Experience Portal 2 The Personal VMR Settings Fields table, shown next, contains a list of fields found in the System Administration app s Personal VMR Settings screen. Use the value descriptions for each field listed in the table to determine the values you need to enter in the Personal VMR Settings screen. Do not enter or change values of any fields that are not listed in the table. Table 16: Personal VMR Settings Fields Field Name ExitMeetingActions Value Set the action to take place when exiting a meeting by selecting options in the following template.exitmeetingactions fields: Role Enter a numeric value to represent the role. For example, 1 represents a user, 2 represents a participant, and 3 represents a presenter. Destination Enter a URL. This URL directs users matching the specified role to another location after exiting the meeting. 53

62 Field Name AccessPoints Value Specifies access point information (see the Setup Worksheet for the DMA Server Point of Presence Configuration for more information). Enter the information specified for the following text boxes: AccessPoints.DialString Add the address of the DMA after symbol. AccessPoints.Location Enter the access point location. AccessPoints.POPAddress By default this is the URI of the DMA or RPAD. AccessPoints.Transport point transport protocol. Enter the access 3 Click Submit. Configuring the Services Portal Authentication Provider (WSPAuth) Settings This section uses a table with field names and value descriptions to help you configure the WSPAuth settings in the Administration app. To configure the WSPAuth Settings 1 With the System Administration application open in your browser, select the Settings tab at the top > Environment > Agents > WSPAuth Settings, shown next. The screen displays a list of text box fields, shown next. 54

63 Deploying and Configuring the Services Portal and Experience Portal 2 The WSPAuth Settings Fields table, shown next, contains a list of fields found in the System Administration app s WSPAuth Settings screen. Use the value descriptions for each field listed in the table to determine the values you need to enter in the WSPAuth Settings screen. Table 17: WSPAuth Settings Fields Field Name Target Url Realms Value Enter the Services Portal URL including an existing super admin username and password. Note that the default existing account is meaauth/meaauth Format: Portal Domain> Example: mple.com Lists realms, each one separated by a comma. Should contain the address of the Services Portal. 55

64 3 Click Submit. Configuring the DMA Settings This section uses a table with field names and value descriptions to help you configure the DMA settings in the Administration app. To configure the DMA Settings 1 With the System Administration application open in your browser, select the Settings tab at the top > Environment > Agents > DMA Settings, shown next. The screen displays a list of text box fields, shown next. 56

65 Deploying and Configuring the Services Portal and Experience Portal 2 The DMA Settings Fields table, shown next, contains a list of fields found in the System Administration app s DMA Settings screen. Use the value descriptions for each field listed in the table to determine the values you need to enter in the DMA Settings screen. Table 18: DMA Settings Fields Field Name Target Url Value Enter the DMA username, password, and URL in the text box as follows: Username>:<DMA Password>@<DMA Address>:<API Port Number> 57

66 Field Name Prefixes Value Enter the DMA prefix. This should match the prefix defined in the DMA and WSP. 3 Click Submit. Viewing Experience Portal Log Files This section explains how to access and view your Experience Portal log files. To access the Experience Portal log files 1 Select Maintenance > Logs > List of Logs, shown next. The List of Logs screen appears. 2 Click Go. A list of hyperlinked logs appears. 3 Select a hyperlink from the list of logs to view the log or right click the hyper link and select Save link as.. to save the log file to another location. Applying Experience Portal Configurations The Experience Portal must be restarted to apply your configuration settings. You can restart the Experience Portal through the Administration tool or by rebooting the VMWare console. This section explains how to restart using the Administration tool using Apply Configuration (preferred) and Restart Server. The preferred method for applying the Experience Portal configuration from the Administration tool is to select Maintenance > Tools > Apply Configuration, shown next. 58

67 Deploying and Configuring the Services Portal and Experience Portal Another method for applying theexperience Portal configuration from the Administration tool is to select Maintenance > Tools > Restart Server, shown next. Changing the System Administration Application Password This section explains how to change your System Administration application password. To change the System Administration application password: 1 Select Settings > Admin UI. The Admin UI screen appears with two text boxes: admins[0] and admins[1], shown next. 2 The admins[1] text box contains <username>:<password>. To change the password, delete the value on the right of the colon and enter a new value, shown next. 59

68 3 Click Submit. The password changes. Exporting the Experience Portal Configuration File Your configurations are saved in the Experience Portal portal s settings.json file. This file can be exported from your Experience Portal server, enabling you to import the file in to another Experience Portal server or to save it as a back up. This section explains how to export the Experience Portal settings file. For importing, see Exporting the Experience Portal Configuration File To export the Experience Portal configuration file: 1 Select Maintenance > Tools > Export Configuration, shown next. 2 Click Go. The setting.json configuration file downloads. Importing the Experience Portal Configuration File The Experience Portal portal s settings.json file can be imported to your Experience Portal server. This enables you to transfer the Experience Portal configuration settings to another Experience Portal server. This section explains how to import the Experience Portal settings file. For exporting, see Exporting the Experience Portal Configuration File. To import the Experience Portal: 1 Select Maintenance > Tools > Import Configuration, shown next. 60

69 Deploying and Configuring the Services Portal and Experience Portal The Import Configuration screen displays, shown next. 2 Select Choose File and locate the settings.json configuration file. 3 Click Upload. 61

70

71 Chapter 3: Creating and Managing User Accounts After successfully deploying and configuring your Services Portal, create user accounts locally or add users through the Active Directory. The account types you create depend on your account role. Super admin accounts add and manage super admin, admin, and user accounts. Admin accounts add and manage admin and user accounts. User accounts cannot add or manage any accounts. This chapter shows you the following: Understanding Account Roles Creating Accounts Editing Accounts Deleting Accounts Changing Your Password Resetting a Password Understanding Account Roles The Services Portal supports three different account roles. Each role determines your account type and a different set of capabilities. See the following list for a brief description of each roll: Super Admin Creates and manages the Services Portal settings and other super admin, admin, and user accounts but cannot schedule meetings. Super admin accounts display the tabs shown in Figure 5. Admin Creates and manages admin accounts, user accounts, and online video conference meetings. Admin accounts display the tabs shown in Figure 6. User Creates and manages online video conference meetings. User accounts display the tabs shown in Figure 7. Note: Identifying Your Roll Logging in to the Services Portal and comparing your available tabs with the following figures is a good way to confirm your assigned roll. 63

72 Figure 5: Super Admin Role Tabs Figure 6: Admin Role Tabs Figure 7: User Role Tabs 64

73 Creating and Managing User Accounts Creating Accounts The Services Portal enables super admin and admin users to create accounts locally or from the Active Directory. This section shows you how to add active directory users and how to create local accounts. Adding Active Directory Users The LDAP server configuration enables access to Services Portal for all the users in Active Directory without requiring the administrator to explicitly create each Services Portal account. By default, the Services Portal assigns user roles to all the Active Directory accounts. Add a user from Active Directory only if you need to change the default user role or to block the user.to change the default user role, see Editing Accounts Created from the Active Directory. Note: Before You Begin Before adding an Active Directory user account, you must log in to the Services Portal as an admin or super admin. Adding Active Directory users: 1 Select User Management. The Users screen displays, shown next. 2 Click + LDAP User. The Import Active Directory Users screen displays, shown next. 65

74 3 In the Import Active Directory Users search box, enter the name of the user you want to add and tap Enter. 4 Place a checkmark in the checkbox of each user you want to add. 5 Click Add. Note: Active Directory Default User Roles Users added from the Active Directory are assigned the user role by default. To change the role type, see Editing Accounts. Adding Local Users The Services Portal enables super admin and admin users to add other local users. This section shows you how to create local accounts. Note: Before You Begin Before you adding a local user account, you must log in to the Services Portal as an admin or super admin. Adding local users: 1 Select User Management. The Users screen displays. 66

75 Creating and Managing User Accounts 2 Click + User. The Add a user screen displays, shown next. 67

76 3 Enter the following in the Add a user screen: First Name Enter the user s first name. Last Name Enter the user s last name. User Name Enter a username for the user. Address Enter the user s address. Contact Number Enter the user s phone number with area code. Title Enter the user s job title. 68

77 Creating and Managing User Accounts Department Enter the user s department. City Enter the user s city. User Role Click the User Role drop-down and choose one of the following options:» ROLE_SUPER_ADMIN This option is only available to super admin users. When assigned, the user has super admin capabilities, which includes creating and managing user, admin, and super admin accounts and configuring and managing the core settings, social policy, DMA configuration, and certificate uploads.» ROLE_ADMIN This option is available to admin and super admin users. When assigned, the user has admin privileges, which includes creating and managing user and admin accounts and creating and participating in video conference meetings.» ROLE_USER This option is available to both admin and super admin users. When assigned, the user has standard user privileges and can only create and participate in meetings. 4 Click Add. An is sent to the newly created user containing their username, password, and URL. The Services Portal enables you to edit or delete the accounts you create. For more information, see Editing Accounts and Deleting Accounts. Editing Accounts The Services Portal enables admin and super admin users to edit accounts created locally and from the Active Directory. You can access all fields in a locally created account but you can only access two fields in an account imported from the Active Directory: the role type and the enable/lock option. This section shows you how to edit both local and Active Directory accounts. Editing Accounts Created from the Active Directory This section shows you how to edit an account created from the Active Directory. Note that you can only edit the role type and enable/lock options in accounts imported from the Active Directory. Also note that the only super admin users can change a role type to super admin. Note: Before You Begin Before you edit an account, you must log in to the Services Portal as an admin or super admin. To edit a user account created from the Active Directory: 1 Select User Management. The Users screen displays, shown next. 69

78 2 Enter the user s name in the search box and tap Enter or search using the scroll bar. 3 Click the account s icon. The Edit User screen displays, shown next. 4 To edit the User Role, click the drop-down arrow and select one of the following options: ROLE_SUPER_ADMIN This option is only available to super admin users. When assigned, the user has super admin capabilities, which includes creating and managing user, admin, and super admin accounts and configuring and managing the core settings, social policy, DMA system configuration, and certificate uploads. ROLE_ADMIN This option is available to admin and super admin users. When assigned, the user has admin privileges, which includes creating and managing user and admin accounts and creating and participating in video conference meetings. ROLE_USER This option is available to both admin and super admin users. When assigned, the user has standard user privileges and can only create and participate in meetings. 5 Enable Click to enter a check mark in the Enable checkbox and activate the user s account or remove the check mark and disable the user s account. 6 Click Save. 70

79 Creating and Managing User Accounts Editing Locally Created User Accounts Super admin users can change all fields in a locally created account. Admin users can change all fields in a locally created account except for the roll in a super admin account. To determine your account type, see Understanding Account Roles. This section shows you how to edit a locally created user account. Note: Before You Begin Before you edit an account, you must log in to the Services Portal as an admin or super admin. To edit a local user account: 1 Select User Management. The Users screen displays, shown next. 2 Locate the account by entering the user s name in the search box and tapping Enter. 71

80 3 Click the account s icon; the Edit User screen displays, shown next. 4 Edit any of the following fields in the Edit User screen: First Name Edit the user s first name. Last Name Edit the user s last name. User Name Edit a username for the user. Address Edit the user s address. Contact Number Edit the user s phone number with area code. Title Edit the user s job title. Department Edit the user s department. 72

81 Creating and Managing User Accounts City Edit the user s city. User Role Edit the User Role by selecting one of the following options:» ROLE_SUPER_ADMIN This option is only available to super admin users. When assigned, the user has super admin capabilities, which includes creating and managing user, admin, and super admin accounts and configuring and managing the core settings, social policy, DMA system configuration, and certificate uploads.» ROLE_ADMIN This option is available to admin and super admin users. When assigned, the user has admin privileges, which includes creating and managing user and admin accounts and creating and participating in video conference meetings.» ROLE_USER This option is available to both admin and super admin users. When assigned, the user has standard user privileges and can only create and participate in meetings. Enable Click to enter a check mark in the Enable checkbox and activate the user s account or remove the check mark and disable the user s account. 5 Click Save. An is sent to the owner of the edited user account containing the username, password, and URL Deleting Accounts Users with super admin accounts can delete other super admin, admin, and user accounts. Users with admin accounts can only delete other admin and user accounts. To determine your account type, see Understanding Account Roles. This section shows you how to delete a user account. Caution: Default Accounts The following default accounts are requried and cannot be deleted: admin Used for accessing the services portal. meaconf Used for conference communication with the Experience Portal. meaauth Used for authentication communication with the Experience Portal. Note: Before You Begin Before you delete an account, you must log in to the Services Portal as an admin or super admin. 73

82 To delete a user account: 1 Select the User Management tab; the Users screen displays, shown next. 2 Locate the account by entering the user s name in the search box and tapping Enter. The user s name displays with the username, address, type, role, and status, shown next. 3 Click the account s icon; the Delete this User? screen displays. 4 Click Delete. Changing Your Password This section explains how to change your password. To change your password: 1 Log into your Services Portal account. Your name appears in the top right corner of the screen. 2 Click on the logo on the left side of your name, shown next. 74

83 Creating and Managing User Accounts The Change Password screen appears, shown next. 3 Enter the following in the Change Password screen: Current Password Enter your current password. New Password Enter your new password. Confirm new password Reenter your new password. 4 Click Change to change your password. Resetting a Password This section shows you how to reset a user s password. Caution: Before Resetting a Password Passwords should only be reset for accounts with valid addresses. Resetting a password for an account with an inactive address will lock out the user. 75

84 Note: Before You Begin Before you reset a password, you must log in to the Services Portal as an admin or super admin. To reset a password: 1 Click User Management. The Users screen displays, shown next. 2 Locate the account by entering the user s name in the search box and tapping Enter. 3 Click the account s icon. The Reset this user s password? dialog box displays. 4 Click Reset. The Services Portal sends the user an containing the new password. 76

85 77

86 Chapter 4: Providing Secure Guest Access This chapter shows you how to provide invited guests with controlled access to your organization s Unified Communications infrastructure while preventing unwelcome intrusion. Securing SIP Guest Access Enabling SIP guest access is the most convenient way to enable video and audio access from organizations and individuals that are not federated with your organization. For this reason, the CloudAXIS web client always functions in a guest mode; it neither registers nor authenticates itself with your organization s SIP gatekeeper (typically a Polycom DMA device). This is true even if and when it is used by individuals who belong to your organization and/or connect from within your organizational firewall. Similarly, the RealPresence Mobile software endpoint for mobile devices, which has SIP registration and authentication capabilities, does not register or authenticate with the target SIP gatekeeper when it joins a conference in response to the user clicking on the Join Now button from the CloudAXIS Experience Portal. Because the CloudAXIS web client functions in guest mode, the CloudAXIS Solution requires SIP guest access for users wanting to join meetings via the Web Client and Experience Portal. H.323 guest access may also be provided at your discretion to facilitate access from other types of endpoints. Enabling Guest Access on Your Edge Proxy To enable guest access via your organization s edge proxy device, please refer to one of the following Polycom publications. Note: Enabing Endpoint Authentication It is important to follow the recommendation for enabling endpoint authentication on the applicable DMA device as described in the following guides. See Chapter 2: Deploying the Basic RealPresence Access Director System Solution to Support Remote and Guest Users of the Deploying Polycom Unified Communications in RealPresence AccessDirector System Environments Guide. See Chapter 2: Deploying the Polycom Acme Packet Solution to Support Remote and Guest User of the Deploying Polycom Unified Communications in an Acme Packet Environment Guide 78

87 Providing Secure Guest Access Additional Recommendations for Greater Security See the following recommendations to secure the privacy of your conferences and prevent misuse of your videoconferencing infrastructure: Use ad-hoc rather than persistent (personal) VMRs when creating meetings that include untrusted guests. This is the default Services Portal behavior used whenever the Use Personal VMR has not been selected. Using ad-hoc VMRs helps ensure that guests will only be able to access the particular conference session you are inviting them to Use the passcode option when creating meetings to provide an additional level of access control. Restrict guest users to a subset of your dialing plan. By provisioning a dialing rule for unauthorized calls on your DMA device, you can limit guests to particular dial identifiers or ranges for which you prefer to provide access. For example, the following prelimary script restricts guest users to the dial ID range of 1000 to 99,999, which is the same default range as the DMA auto-generation range used by the Services Portal to create ad-hoc VMRs: if(((dial_string*1)<1000) (((DIAL_STRING*1)<99999))) DIAL_STRING="" Securing Web Access Conferences take place in the Experience Portal. Providing conference access to guest users joining from outside your organization s firewall requires allowing the Experience Portal to be accessed from the public internet. Access to the Services Portal, however, is only required for users who create and host conferences, which are typically members of your organization. Providing direct external access to the Services Portal component is left to the administrator s discretion. There are at least two different options for providing access from external networks: 1 Configure NAT functionality in your organizational firewall, or another edge device, to map HTTPS port 443 from the external IP address assigned for the Experience Portal to its internal IP address. Do the same for Services Portal, if desired. 2 Use a Reverse Proxy product to provide external HTTPS access to Experience Portal. Do the same for the Services Portal, if desired. The proxy selected should support the following features: Traffic routing based on HTTP host headers Forwarding of the Web Sockets protocol (RFC 6455). 79

88 Chapter 5: Troubleshooting the Services Portal This chapter shows you how to resolve issues experienced by end users and how to access your log files for troubleshooting miscellaneous issues. This section contains troubleshooting for the following: User Cannot Create Meetings User Cannot Launch the Welcome Screen Configured Components are Not Responding Super Admins and Admins Cannot Add an Active Directory User User Cannot Send Notifications User Receives Unable to Create a Conference with a Personal VMR Message User Receives External Server Not Set Message Obtaining Services Portal Log Files User Cannot Create Meetings Confirm the following if users are unable to create a meeting: At least one DMA system is made primary The DMA s owner username entered in the Services Portal also exists in the DMA system. For information on how to create a username for the DMA system, see the Polycom DMA 7000 System Operations Guide on the Polycom Support site. The DMA system status is up. There is an MCU Pool order named "Factory Pool Order" in the DMA system. User Cannot Launch the Welcome Screen When entering a meeting, the welcome screen launches with video options for entering the meeting. If users are able to create a meeting but unable to launch the welcome screen, confirm that the correct port numbers and DMA system FQDN were entered when configuring the Experience Portal. See Configuring the Connection to the DMA System and RPAD Servers. 80

89 Troubleshooting the Services Portal Configured Components are Not Responding If components are correctly configured but still not working, try rebooting the Services Portal server. Super Admins and Admins Cannot Add an Active Directory User If Services Portal Admins and Super Admins are unable to add an Active Directory user, confirm that the proper LDAP server is configured with the correct values listed in Configuring Connection to the LDAP Server. If the problem persists, contact your IT administrator to confirm the values are correct. User Cannot Send Notifications If users are unable to send notifications, confirm that the proper SMTP server is configured with the correct port numbers listed in Configuring the Connection to the SMTP Server. If the problem persists, contact your IT administrator to confirm the values are correct. User Receives Unable to Create a Conference with a Personal VMR Message See if the virtual meeting room exists on the configured DMA system. If it exists, contact Polycom Support. User Receives External Server Not Set Message If receiving the External Server Not Set message after selecting Meet Now, confirm that the correct FQDN is entered in the MEA Server textbox located in Services Portal s Server Settings screen. See Configuring Additional Server Settings. Obtaining Services Portal Log Files Obtain your Services Portal log files to troubleshoot any issues you experience. To configure your log level and download your logs, see Selecting and Downloading Log Level. 81

90

91 83

92 Appendix A: Creating a Google Talk App Enabling access to Google Talk contacts from the Experience Portal requires creating a Google Talk app, selecting the Google Talk checkbox in the Services Portal s Social Connector configuration screen, and entering the app s Client ID and Client Secret in the respective Social Connector configuration screen text boxes. To access the Services Portal social connector configuration screen, see Configuring Social Policies. To get the Client ID and Client Secret, see step 10 of the following instructions. Before you begin, set up a neutral account with credentials that can be shared among different persons in your team. Do not use your personal account to create the app. This helps to avoid dependencies on a single person. In case a person currently in charge of the application maintenance leaves the company, the common account credentials can be passed on to the team. Also, always maintain one-to-one mapping between the Services Portal server and the application being used. Note: IP Address Change A change in the server s IP doesn t require a new application to be created as long as the FQDN points to the changed IP. Note:Reference for Creating a Google App As you create your Google app, you can use the Google Developers Page as a reference. To create a Google Talk app: 1 Log into the shared Google account. 2 Open the Google APIs Console page and select Create Project. The Google APIs page opens with menu options displayed on the left, shown next. 84

93 Appendix A: Creating a Google Talk App 3 Click the API Project drop-down menu and select Create, shown next. The Create Project dialog box displays, shown next. 4 Enter a name in the Enter the name for your project text entry box and click Create Project. An example shown next 85

94 The Google APIs page drop-down menu name should change to the name of your project, shown next. If the name does not display automatically, click the drop-down arrow and select it from the Recent Projects list. 5 Select API Access from the menu options, shown next. 6 Click Create an OAuth 2.0 Client ID The Create Client ID screen displays, shown next. 86

95 Appendix A: Creating a Google Talk App 7 Enter the following: Product Name Enter your product name. Naming with the prefix CloudAXIS_ is recommended. Product Logo Enter the URL to your product logo. Home Page URL Enter the URL to your home page. 8 Click Next. The Client ID Settings options display, shown next. 87

96 9 Select the following Application Type Select Web-Application. Your Site or Hostname Enter the Services Portal s FQDN 10 Click Create Client ID. The Authorized API Access screen displays, shown next 88

97 Appendix A: Creating a Google Talk App Note the Client ID and Client secret; these are both needed for the policy configuration. It is important to note that your client secret is always kept secret. 11 In the Authorized API Access screen, click Edit settings, the Edit Client Settings screen displays, shown next. 89

98 12 In the Authorized Redirect URIs text box, enter and click Update. You are now ready to configure the Google Talk policy on the server. See Configuring Social Policies. 90

99 91

100 Appendix B: Creating a Facebook App Enabling access to Facebook contacts from the Experience Portal requires creating a Facebook app, selecting the Facebook checkbox in the Services Portal s Social Connector configuration screen, and entering the app ID and App Secret in the respective Social Connector configuration screen text boxes. To access the Services Portal social connector configuration screen, see Configuring Social Policies. To get the App ID and App Secret, see step 4 of the following instructions. Before you begin, set up a neutral Facebook developer account with credentials that can be shared among different persons in your team. Do not use your personal Facebook account to create the app. This helps to avoid dependencies on a single person. In case a person currently in charge of the application maintenance quits the job, the common account credentials can be passed on to the team. To verify if your account is a developer account, see the Facebook help page. Also, always maintain one-to-one mapping between the Services Portal server and the application being used. Note: IP Address Change A change in the server s IP does not require a new application to be created as long as the FQDN points to the changed IP. Note:Reference for Creating a Facebook App As you create your app, you can use the Facebook Developers page as reference. To create a Facebook app: 1 Log into the shared Facebook account. 2 Open the Facebook Developers page. The Facebook Developers screen displays. From the menu at the top of the page, click Apps, shown next. 92

101 Appendix B: Creating a Facebook App If your Facebook account is not already registered as a developer, you will see an option for Register as a Developer. Select Register as a Developer, complete the registration process, and continue. 3 Select Create New App, the Create New App screen displays, shown next. 4 Enter a suitable name in the App Name text box (naming with the prefix CloudAXIS_ is recommended) and click Continue. The Sample App screen displays with the App ID and App Secret, shown next. Make a note of these for configuring the Services Portal policy. 5 Select Website with Facebook, shown next 93

102 The Site URL text box appears, shown next 6 In the Site URL text box, enter 7 Select App on Facebook, shown next. The Basic Info screen appears, shown next. 8 Enter the following: Canvas URL Enter Secure Canvas Width Enter 9 In the Basic Info options, shown next, enter the <ServicsPortalFQDN>. 94

103 Appendix B: Creating a Facebook App You are now ready to configure the Facebook policy on the server. See Configuring Social Policies. 95

104

105 Appendix C: Impact of DMA Factory Conference Settings on the Operation of the CloudAXIS Web Client The Polycom DMA system uses conference templates and global conference settings to manage conference behavior. This table describes the impact of the DMA system s factory conference template settings on the CloudAXIS web client operations. For information on setting up a DMA system conference template, see the Polycom DMA 7000 System Operations Guide on the Polycom Support site. Table 19: Conference Template Settings Impact Feature Subfeature Subfeature Description Web Client Behavior General Settings Profile Settings Use existing profile RMX profile name N/A N/A Conference Mode Only AVC is supported. This can be set to 'AVC only' or 'Mixed AVC and SVC'. For both options, the web client will use AVC. Cascade for bandwidth Works as documented Video Switching Works as documented Conference Settings H.264 High Profile Works as documented Resolution Works as documented Line Rate Audio Only Advanced Settings Encryption LRP Fixed rate in web client Not tested Tied to the url scheme OFF for http / ON for https Works as documented Video Quality People Video Definition Video Quality Works as documented 93

106 Feature Subfeature Subfeature Description Web Client Behavior Content Video Definition Presentation Mode Send content to legacy endpoints Same layout Max resolution Video Clarity Auto Brightness Content Settings Content Protocol Works as documented Works as documented Works as documented Works as documented Works as documented Works as documented. No Impact Works as documented Video Settings Audio Settings Skins Conference IVR Lecture view switching Auto layout Layout Telepresence Mode Telepresence layout mode Echo suppression Keyboard noice suppression Audio Clarity Override default service Conference IVR Service Works as documented. Works as documented Works as documented Works as documented Works as documented Works as documented Works as documented Works as documented Works as documented Advanced see the DMA guide. May require use of DTMF pad in menu. 94

107 Appendix C: Impact of DMA Factory Conference Settings on the Operation of the Cloud Feature Subfeature Subfeature Description Web Client Behavior Recording Conference requires chairperson Record Conference Recording Link Audio only Indication of recording Enterprise users should be admitted to the conference; they will need to use DTMF to enter the chair pin again to start the video portion of the call. Anonymous users without the chair pin must wait in the web outer lobby. Must be set to 'Immediately or 'Upon Request' to enable recording. Must be configured to enable recording. Works as documented Works as documented Note If enabled, a recording indication will appear in both the video feed and in the web client GUI 95

108

109 97

110 Appendix D: Third-Party Software This chapter provides the copyright statements for third-party software products that have been incorporated into the Polycom RealPresence CloudAXIS Suite application distribution. Table 20: Third-Party Software Product CentOS Nginx Node js License Location CentOS Nginx Node js 98

111 Appendix D: Third-Party Software CentOS GNU GENERAL PUBLIC LICENSE Version 2, June 1991 Copyright (C) 1989, 1991 Free Software Foundation, Inc. 51 Franklin Street, Fifth Floor, Boston, MA , USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. This General Public License applies to most of the Free Software Foundation's software and to any other program whose authors commit to using it. (Some other Free Software Foundation software is covered by the GNU Lesser General Public License instead.) You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs; and that you know you can do these things. To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights. These restrictions translate to certain responsibilities for you if you distribute copies of the software, or if you modify it. For example, if you distribute copies of such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. We protect your rights with two steps: (1) copyright the software, and (2) offer you this license which gives you legal permission to copy, distribute and/or modify the software. Also, for each author's protection and ours, we want to make certain that everyone understands that there is no warranty for this free software. If the software is modified by someone else and passed on, we want its recipients to know that what they have is not the original, so that any problems introduced by others will not reflect on the original authors' reputations. Finally, any free program is threatened constantly by software patents. We wish to avoid the danger that redistributors of a free program will individually obtain patent licenses, in effect making the program proprietary. To prevent this, we have made it clear that any patent must be licensed for everyone's free use or not licensed at all. The precise terms and conditions for copying, distribution and modification follow. TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License. The "Program", below, refers to any such program or work, and a "work based on the Program" means either the Program or any derivative work under copyright law: that is to say, a work containing the Program or a portion of it, either verbatim or with modifications and/or translated into another language. (Hereinafter, translation is included without limitation in the term "modification".) Each licensee is addressed as "you". Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running the Program is not restricted, and the output from the Program is covered only if its contents constitute a work based on the Program (independent of having been made by running the Program). Whether that is true depends on what the Program does. 1. You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and give any other recipients of the Program a copy of this License along with the Program. You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. 2. You may modify your copy or copies of the Program or any portion of it, thus forming a work based on the Program, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a) You must cause the modified files to carry prominent notices stating that you changed the files and the date of any change. 99

112 b) You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License. c) If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the most ordinary way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this License. (Exception: if the Program itself is interactive but does not normally print such an announcement, your work based on the Program is not required to print an announcement.) These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Program, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Program, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it. Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Program. In addition, mere aggregation of another work not based on the Program with the Program (or with a work based on the Program) on a volume of a storage or distribution medium does not bring the other work under the scope of this License. 3. You may copy and distribute the Program (or a work based on it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you also do one of the following: a) Accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, b) Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, c) Accompany it with the information you received as to the offer to distribute corresponding source code. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form with such an offer, in accord with Subsection b above.) The source code for a work means the preferred form of the work for making modifications to it. For an executable work, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable. However, as a special exception, the source code distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. If distribution of executable or object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place counts as distribution of the source code, even though third parties are not compelled to copy the source along with the object code. 4. You may not copy, modify, sublicense, or distribute the Program except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense or distribute the Program is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 5. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Program or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Program (or any work based on the Program), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Program or works based on it. 6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties to this License. 7. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Program at all. For example, if a patent license would not permit royalty-free redistribution 100

113 Appendix D: Third-Party Software of the Program by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program. If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply and the section as a whole is intended to apply in other circumstances. It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system, which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice. This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. 8. If the distribution and/or use of the Program is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Program under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License. 9. The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of this License, you may choose any version ever published by the Free Software Foundation. 10. If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. one line to give the program's name and an idea of what it does. Copyright (C) yyyy name of author This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. 101

114 This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA , USA. Also add information on how to contact you by electronic and paper mail. If the program is interactive, make it output a short notice like this when it starts in an interactive mode: Gnomovision version 69, Copyright (C) year name of author Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, the commands you use may be called something other than `show w' and `show c'; they could even be mouse-clicks or menu items--whatever suits your program. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the program, if necessary. Here is a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the program `Gnomovision' (which makes passes at compilers) written by James Hacker. signature of Ty Coon, 1 April 1989 Ty Coon, President of Vice This General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. Nginx Copyright Joyent, Inc. and other Node contributors. All rights reserved. Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 102

115 Appendix D: Third-Party Software ==== This license applies to all parts of Node that are not externally maintained libraries. The externally maintained libraries used by Node are: - V8, located at deps/v8. V8's license follows: """ This license applies to all parts of V8 that are not externally maintained libraries. The externally maintained libraries used by V8 are: - PCRE test suite, located in test/mjsunit/third_party/regexp-pcre.js. This is based on the test suite from PCRE-7.3, which is copyrighted by the University of Cambridge and Google, Inc. The copyright notice and license are embedded in regexp-pcre.js. - Layout tests, located in test/mjsunit/third_party. These are based on layout tests from webkit.org which are copyrighted by Apple Computer, Inc. and released under a 3-clause BSD license. - Strongtalk assembler, the basis of the files assembler-arm-inl.h, assembler-arm.cc, assembler-arm.h, assembler-ia32-inl.h, assembler-ia32.cc, assembler-ia32.h, assembler-x64-inl.h, assembler-x64.cc, assembler-x64.h, assembler-mips-inl.h, assembler-mips.cc, assembler-mips.h, assembler.cc and assembler.h. This code is copyrighted by Sun Microsystems Inc. and released under a 3-clause BSD license. - Valgrind client API header, located at third_party/valgrind/valgrind.h This is release under the BSD license. These libraries have their own licenses; we recommend you read them, as their terms may differ from the terms below. Copyright , the V8 project authors. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: * Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. * Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. * Neither the name of Google Inc. nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 103

116 DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. """ - C-Ares, an asynchronous DNS client, located at deps/cares. C-Ares license follows: """ Copyright 1998 by the Massachusetts Institute of Technology. Permission to use, copy, modify, and distribute this software and its documentation for any purpose and without fee is hereby granted, provided that the above copyright notice appear in all copies and that both that copyright notice and this permission notice appear in supporting documentation, and that the name of M.I.T. not be used in advertising or publicity pertaining to distribution of the software without specific, written prior permission. M.I.T. makes no representations about the suitability of this software for any purpose. It is provided "as is" without express or implied warranty. """ - OpenSSL located at deps/openssl. OpenSSL is cryptographic software written by Eric Young ([email protected]) to provide SSL/TLS encryption. OpenSSL's license follows: """ ==================================================================== Copyright (c) The OpenSSL Project. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgment: This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit. ( 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to endorse or promote products derived from this software without prior written permission. For written permission, please contact [email protected]. 5. Products derived from this software may not be called "OpenSSL" nor may "OpenSSL" appear in their names without prior written permission of the OpenSSL Project. 6. Redistributions of any form whatsoever must retain the following 104

117 Appendix D: Third-Party Software acknowledgment: This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit ( THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. ==================================================================== This product includes cryptographic software written by Eric Young ([email protected]). This product includes software written by Tim Hudson ([email protected]). """ HTTP Parser, located at deps/http_parser. HTTP Parser's license follows: """ http_parser.c is based on src/http/ngx_http_parse.c from NGINX copyright Igor Sysoev. Additional changes are licensed under the same terms as NGINX and copyright Joyent, Inc. and other Node contributors. All rights reserved. Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. """ - Closure Linter is located at tools/closure_linter. Closure's license follows: """ Copyright (c) 2007, Google Inc. All rights reserved. Redistribution and use in source and binary forms, with or without 105

118 modification, are permitted provided that the following conditions are met: * Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. * Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. * Neither the name of Google Inc. nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. """ - tools/cpplint.py is a C++ linter. Its license follows: """ Copyright (c) 2009 Google Inc. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: * Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. * Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. * Neither the name of Google Inc. nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 106

119 Appendix D: Third-Party Software OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. """ - lib/punycode.js is copyright 2011 Mathias Bynens < and released under the MIT license. """ * Punycode.js < * Copyright 2011 Mathias Bynens < * Available under MIT license < """ - tools/gyp. GYP is a meta-build system. GYP's license follows: """ Copyright (c) 2009 Google Inc. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: * Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. * Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. * Neither the name of Google Inc. nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. """ - Zlib at deps/zlib. zlib's license follows: """ zlib.h -- interface of the 'zlib' general purpose compression library version 1.2.4, March 14th, 2010 Copyright (C) Jean-loup Gailly and Mark Adler This software is provided 'as-is', without any express or implied warranty. In no event will the authors be held liable for any damages arising from the use of this software. Permission is granted to anyone to use this software for any purpose, including commercial applications, and to alter it and redistribute it freely, subject to the following restrictions: 1. The origin of this software must not be misrepresented; you must not 107

120 claim that you wrote the original software. If you use this software in a product, an acknowledgment in the product documentation would be appreciated but is not required. 2. Altered source versions must be plainly marked as such, and must not be misrepresented as being the original software. 3. This notice may not be removed or altered from any source distribution. Jean-loup Gailly Mark Adler """ - npm is a package manager program located at deps/npm. npm's license follows: """ Copyright , Isaac Z. Schlueter (the "Original Author") All rights reserved. MIT +no-false-attribs License Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. Distributions of all or part of the Software intended to be used by the recipients as they would use the unmodified Software, containing modifications that substantially alter, remove, or disable functionality of the Software, outside of the documented configuration mechanisms provided by the Software, shall be modified such that the Original Author's bug reporting addresses and urls are either replaced with the contact information of the parties responsible for the changes, or removed entirely. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. Except where noted, this license applies to any and all software programs and associated documentation files created by the Original Author, when distributed with the Software. "Node.js" and "node" trademark Joyent, Inc. npm is not officially part of the Node.js project, and is neither owned by nor 108

121 Appendix D: Third-Party Software officially affiliated with Joyent, Inc. Packages published in the npm registry are not part of npm itself, are the sole property of their respective maintainers, and are not covered by this license. "npm Logo" created by Mathias Pettersson and Brian Hammond, used with permission. "Gubblebum Blocky" font Copyright (c) 2007 by Tjarda Koster, included for use in the npm website and documentation, used with permission. This program uses "node-uuid", Copyright (c) 2010 Robert Kieffer, according to the terms of the MIT license. This program uses "request", Copyright (c) 2011 Mikeal Rogers, according to the terms of the Apache license. This program uses "mkdirp", Copyright (c) 2010 James Halliday, according to the terms of the MIT/X11 license. """ - tools/doc/node_modules/marked. Marked is a Markdown parser. Marked's license follows: """ Copyright (c) , Christopher Jeffrey ( Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. """ - test/gc/node_modules/weak. Node-weak is a node.js addon that provides garbage collector notifications. Node-weak's license follows: """ Copyright (c) 2011, Ben Noordhuis <[email protected]> Permission to use, copy, modify, and/or distribute this software for any purpose with or without fee is hereby granted, provided that the above copyright notice and this permission notice appear in all copies. THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 109

122 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. """ - src/ngx-queue.h. ngx-queue.h is taken from the nginx source tree. nginx's license follows: """ Copyright (C) Igor Sysoev Copyright (C) 2011,2012 Nginx, Inc. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. """ - wrk is located at tools/wrk. wrk's license follows: """ Apache License Version 2.0, January TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 1. Definitions. "License" shall mean the terms and conditions for use, reproduction, and distribution as defined by Sections 1 through 9 of this document. "Licensor" shall mean the copyright owner or entity authorized by the copyright owner that is granting the License. "Legal Entity" shall mean the union of the acting entity and all other entities that control, are controlled by, or are under common control with that entity. For the purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity. "You" (or "Your") shall mean an individual or Legal Entity 110

123 Appendix D: Third-Party Software exercising permissions granted by this License. "Source" form shall mean the preferred form for making modifications, including but not limited to software source code, documentation source, and configuration files. "Object" form shall mean any form resulting from mechanical transformation or translation of a Source form, including but not limited to compiled object code, generated documentation, and conversions to other media types. "Work" shall mean the work of authorship, whether in Source or Object form, made available under the License, as indicated by a copyright notice that is included in or attached to the work (an example is provided in the Appendix below). "Derivative Works" shall mean any work, whether in Source or Object form, that is based on (or derived from) the Work and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. For the purposes of this License, Derivative Works shall not include works that remain separable from, or merely link (or bind by name) to the interfaces of, the Work and Derivative Works thereof. "Contribution" shall mean any work of authorship, including the original version of the Work and any modifications or additions to that Work or Derivative Works thereof, that is intentionally submitted to Licensor for inclusion in the Work by the copyright owner or by an individual or Legal Entity authorized to submit on behalf of the copyright owner. For the purposes of this definition, "submitted" means any form of electronic, verbal, or written communication sent to the Licensor or its representatives, including but not limited to communication on electronic mailing lists, source code control systems, and issue tracking systems that are managed by, or on behalf of, the Licensor for the purpose of discussing and improving the Work, but excluding communication that is conspicuously marked or otherwise designated in writing by the copyright owner as "Not a Contribution." "Contributor" shall mean Licensor and any individual or Legal Entity on behalf of whom a Contribution has been received by Licensor and subsequently incorporated within the Work. 2. Grant of Copyright License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, sublicense, and distribute the Work and such Derivative Works in Source or Object form. 3. Grant of Patent License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this section) patent license to make, have made, use, offer to sell, sell, import, and otherwise transfer the Work, where such license applies only to those patent claims licensable by such Contributor that are necessarily infringed by their 111

124 Contribution(s) alone or by combination of their Contribution(s) with the Work to which such Contribution(s) was submitted. If You institute patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Work or a Contribution incorporated within the Work constitutes direct or contributory patent infringement, then any patent licenses granted to You under this License for that Work shall terminate as of the date such litigation is filed. 4. Redistribution. You may reproduce and distribute copies of the Work or Derivative Works thereof in any medium, with or without modifications, and in Source or Object form, provided that You meet the following conditions: (a) You must give any other recipients of the Work or Derivative Works a copy of this License; and (b) You must cause any modified files to carry prominent notices stating that You changed the files; and (c) You must retain, in the Source form of any Derivative Works that You distribute, all copyright, patent, trademark, and attribution notices from the Source form of the Work, excluding those notices that do not pertain to any part of the Derivative Works; and (d) If the Work includes a "NOTICE" text file as part of its distribution, then any Derivative Works that You distribute must include a readable copy of the attribution notices contained within such NOTICE file, excluding those notices that do not pertain to any part of the Derivative Works, in at least one of the following places: within a NOTICE text file distributed as part of the Derivative Works; within the Source form or documentation, if provided along with the Derivative Works; or, within a display generated by the Derivative Works, if and wherever such third-party notices normally appear. The contents of the NOTICE file are for informational purposes only and do not modify the License. You may add Your own attribution notices within Derivative Works that You distribute, alongside or as an addendum to the NOTICE text from the Work, provided that such additional attribution notices cannot be construed as modifying the License. You may add Your own copyright statement to Your modifications and may provide additional or different license terms and conditions for use, reproduction, or distribution of Your modifications, or for any such Derivative Works as a whole, provided Your use, reproduction, and distribution of the Work otherwise complies with the conditions stated in this License. 5. Submission of Contributions. Unless You explicitly state otherwise, any Contribution intentionally submitted for inclusion in the Work by You to the Licensor shall be under the terms and conditions of this License, without any additional terms or conditions. Notwithstanding the above, nothing herein shall supersede or modify 112

125 Appendix D: Third-Party Software the terms of any separate license agreement you may have executed with Licensor regarding such Contributions. 6. Trademarks. This License does not grant permission to use the trade names, trademarks, service marks, or product names of the Licensor, except as required for reasonable and customary use in describing the origin of the Work and reproducing the content of the NOTICE file. 7. Disclaimer of Warranty. Unless required by applicable law or agreed to in writing, Licensor provides the Work (and each Contributor provides its Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are solely responsible for determining the appropriateness of using or redistributing the Work and assume any risks associated with Your exercise of permissions under this License. 8. Limitation of Liability. In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall any Contributor be liable to You for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising as a result of this License or out of the use or inability to use the Work (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if such Contributor has been advised of the possibility of such damages. 9. Accepting Warranty or Additional Liability. While redistributing the Work or Derivative Works thereof, You may choose to offer, and charge a fee for, acceptance of support, warranty, indemnity, or other liability obligations and/or rights consistent with this License. However, in accepting such obligations, You may act only on Your own behalf and on Your sole responsibility, not on behalf of any other Contributor, and only if You agree to indemnify, defend, and hold each Contributor harmless for any liability incurred by, or claims asserted against, such Contributor by reason of your accepting any such warranty or additional liability. END OF TERMS AND CONDITIONS Node js Copyright Joyent, Inc. and other Node contributors. All rights reserved. Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 113

126 IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. ==== This license applies to all parts of Node that are not externally maintained libraries. The externally maintained libraries used by Node are: - V8, located at deps/v8. V8's license follows: """ This license applies to all parts of V8 that are not externally maintained libraries.the externally maintained libraries used by V8 are: - PCRE test suite, located in test/mjsunit/third_party/regexp-pcre.js.this is based on the test suite from PCRE-7.3, which is copyrighted by the University of Cambridge and Google, Inc.The copyright notice and license are embedded in regexp-pcre.js. - Layout tests, located in test/mjsunit/third_party.these are based on layout tests from webkit.org which are copyrighted by Apple Computer, Inc. and released under a 3-clause BSD license. - Strongtalk assembler, the basis of the files assembler-arm-inl.h, assembler-arm.cc, assembler-arm.h, assembler-ia32-inl.h, assembler-ia32.cc, assembler-ia32.h, assembler-x64-inl.h, assembler-x64.cc, assembler-x64.h, assembler-mips-inl.h, assembler-mips.cc, assembler-mips.h, assembler.cc and assembler.h. This code is copyrighted by Sun Microsystems Inc. and released under a 3-clause BSD license. - Valgrind client API header, located at third_party/valgrind/valgrind.h This is release under the BSD license. These libraries have their own licenses; we recommend you read them, as their terms may differ from the terms below. Copyright , the V8 project authors. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: * Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. * Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. * Neither the name of Google Inc. nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 114

127 Appendix D: Third-Party Software LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. """ - C-Ares, an asynchronous DNS client, located at deps/cares. C-Ares license follows: """ Copyright 1998 by the Massachusetts Institute of Technology. * Permission to use, copy, modify, and distribute this * software and its documentation for any purpose and without * fee is hereby granted, provided that the above copyright * notice appear in all copies and that both that copyright * notice and this permission notice appear in supporting * documentation, and that the name of M.I.T. not be used in * advertising or publicity pertaining to distribution of the * software without specific, written prior permission. * M.I.T. makes no representations about the suitability of * this software for any purpose.it is provided "as is" * without express or implied warranty. """ - OpenSSL located at deps/openssl. OpenSSL is cryptographic software written by Eric Young ([email protected]) to provide SSL/TLS encryption. OpenSSL's license follows: """ ==================================================================== Copyright (c) The OpenSSL Project.All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgment: "This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit. ( 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to endorse or promote products derived from this software without prior written permission. For written permission, please contact 115

128 5. Products derived from this software may not be called "OpenSSL" nor may "OpenSSL" appear in their names without prior written permission of the OpenSSL Project. 6. Redistributions of any form whatsoever must retain the following acknowledgment: "This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit ( THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.IN NO EVENT SHALL THE OpenSSL PROJECT OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. ==================================================================== This product includes cryptographic software written by Eric Young ([email protected]).this product includes software written by Tim Hudson ([email protected]). """ - HTTP Parser, located at deps/http_parser. HTTP Parser's license follows: """ http_parser.c is based on src/http/ngx_http_parse.c from NGINX copyright Igor Sysoev. Additional changes are licensed under the same terms as NGINX and copyright Joyent, Inc. and other Node contributors. All rights reserved. Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. """ - Closure Linter is located at tools/closure_linter. Closure's license 116

129 Appendix D: Third-Party Software follows: """ Copyright (c) 2007, Google Inc. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. Neither the name of Google Inc. nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. """ - tools/cpplint.py is a C++ linter. Its license follows: """ Copyright (c) 2009 Google Inc. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: * Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. * Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. * Neither the name of Google Inc. nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 117

130 SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. """ - lib/punycode.js is copyright 2011 Mathias Bynens < and released under the MIT license. """ Punycode.js < Copyright 2011 Mathias Bynens < Available under MIT license < """ - tools/gyp. GYP is a meta-build system. GYP's license follows: """ Copyright (c) 2009 Google Inc. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. Neither the name of Google Inc. nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. """ - Zlib at deps/zlib. zlib's license follows: """ zlib.h -- interface of the 'zlib' general purpose compression library version 1.2.4, March 14th, 2010 Copyright (C) Jean-loup Gailly and Mark Adler This software is provided 'as-is', without any express or implied warranty.in no event will the authors be held liable for any damages 118

131 Appendix D: Third-Party Software arising from the use of this software. Permission is granted to anyone to use this software for any purpose, including commercial applications, and to alter it and redistribute it freely, subject to the following restrictions: 1. The origin of this software must not be misrepresented; you must not laim that you wrote the original software. If you use this software in a product, an acknowledgment in the product documentation would be appreciated but is not required. 2. Altered source versions must be plainly marked as such, and must not be misrepresented as being the original software. 3. This notice may not be removed or altered from any source distribution. Jean-loup Gailly Mark Adler """ - npm is a package manager program located at deps/npm. npm's license follows: """ Copyright , Isaac Z. Schlueter (the "Original Author") All rights reserved. MIT +no-false-attribs License Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. Distributions of all or part of the Software intended to be used by the recipients as they would use the unmodified Software, containing modifications that substantially alter, remove, or disable functionality of the Software, outside of the documented configuration mechanisms provided by the Software, shall be modified such that the Original Author's bug reporting addresses and urls are either replaced with the contact information of the parties responsible for the changes, or removed entirely. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. Except where noted, this license applies to any and all software programs and associated documentation files created by the 119

132 Original Author, when distributed with the Software. "Node.js" and "node" trademark Joyent, Inc. npm is not officially part of the Node.js project, and is neither owned by nor officially affiliated with Joyent, Inc. Packages published in the npm registry are not part of npm itself, are the sole property of their respective maintainers, and are not covered by this license. "npm Logo" created by Mathias Pettersson and Brian Hammond, used with permission. "Gubblebum Blocky" font Copyright (c) 2007 by Tjarda Koster, included for use in the npm website and documentation, used with permission. This program uses "node-uuid", Copyright (c) 2010 Robert Kieffer, according to the terms of the MIT license. This program uses "request", Copyright (c) 2011 Mikeal Rogers, according to the terms of the Apache license. This program uses "mkdirp",copyright (c) 2010 James Halliday, according to the terms of the MIT/X11 license. """ - tools/doc/node_modules/marked. Marked is a Markdown parser. Marked's license follows: """ Copyright (c) , Christopher Jeffrey ( Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. """ - test/gc/node_modules/weak. Node-weak is a node.js addon that provides garbage collector notifications. Node-weak's license follows: """ Copyright (c) 2011, Ben Noordhuis <[email protected]> Permission to use, copy, modify, and/or distribute this software for any purpose with or without fee is hereby granted, provided that the above copyright notice and this permission notice appear in all copies. THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 120

133 Appendix D: Third-Party Software WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. """ - src/ngx-queue.h. ngx-queue.h is taken from the nginx source tree. nginx's license follows: """ Copyright (C) Igor Sysoev Copyright (C) 2011,2012 Nginx, Inc. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. """ - wrk is located at tools/wrk. wrk's license follows: """ Apache License Version 2.0, January TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 1. Definitions. "License" shall mean the terms and conditions for use, reproduction, and distribution as defined by Sections 1 through 9 of this document. "Licensor" shall mean the copyright owner or entity authorized by the copyright owner that is granting the License. "Legal Entity" shall mean the union of the acting entity and all other entities that control, are controlled by, or are under common control with that entity. For the purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or 121

134 otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity. "You" (or "Your") shall mean an individual or Legal Entity exercising permissions granted by this License. "Source" form shall mean the preferred form for making modifications, including but not limited to software source code, documentation source, and configuration files. "Object" form shall mean any form resulting from mechanical transformation or translation of a Source form, including but not limited to compiled object code, generated documentation, and conversions to other media types. "Work" shall mean the work of authorship, whether in Source or Object form, made available under the License, as indicated by a copyright notice that is included in or attached to the work (an example is provided in the Appendix below). "Derivative Works" shall mean any work, whether in Source or Object form, that is based on (or derived from) the Work and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. For the purposes of this License, Derivative Works shall not include works that remain separable from, or merely link (or bind by name) to the interfaces of, the Work and Derivative Works thereof. "Contribution" shall mean any work of authorship, including the original version of the Work and any modifications or additions to that Work or Derivative Works thereof, that is intentionally submitted to Licensor for inclusion in the Work by the copyright owner or by an individual or Legal Entity authorized to submit on behalf of the copyright owner. For the purposes of this definition, "submitted" means any form of electronic, verbal, or written communication sent to the Licensor or its representatives, including but not limited to communication on electronic mailing lists, source code control systems, and issue tracking systems that are managed by, or on behalf of, the Licensor for the purpose of discussing and improving the Work, but excluding communication that is conspicuously marked or otherwise designated in writing by the copyright owner as "Not a Contribution." "Contributor" shall mean Licensor and any individual or Legal Entity on behalf of whom a Contribution has been received by Licensor and subsequently incorporated within the Work. 2. Grant of Copyright License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, sublicense, and distribute the Work and such Derivative Works in Source or Object form. 3. Grant of Patent License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this section) patent license to make, have made, 122

135 Appendix D: Third-Party Software use, offer to sell, sell, import, and otherwise transfer the Work, where such license applies only to those patent claims licensable by such Contributor that are necessarily infringed by their Contribution(s) alone or by combination of their Contribution(s) with the Work to which such Contribution(s) was submitted. If You institute patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Work or a Contribution incorporated within the Work constitutes direct or contributory patent infringement, then any patent licenses granted to You under this License for that Work shall terminate as of the date such litigation is filed. 4. Redistribution. You may reproduce and distribute copies of the Work or Derivative Works thereof in any medium, with or without modifications, and in Source or Object form, provided that You meet the following conditions: (a) You must give any other recipients of the Work or Derivative Works a copy of this License; and (b) You must cause any modified files to carry prominent notices stating that You changed the files; and (c) You must retain, in the Source form of any Derivative Works that You distribute, all copyright, patent, trademark, and attribution notices from the Source form of the Work, excluding those notices that do not pertain to any part of the Derivative Works; and (d) If the Work includes a "NOTICE" text file as part of its distribution, then any Derivative Works that You distribute must include a readable copy of the attribution notices contained within such NOTICE file, excluding those notices that do not pertain to any part of the Derivative Works, in at least one of the following places: within a NOTICE text file distributed as part of the Derivative Works; within the Source form or documentation, if provided along with the Derivative Works; or, within a display generated by the Derivative Works, if and wherever such third-party notices normally appear. The contents of the NOTICE file are for informational purposes only and do not modify the License. You may add Your own attribution notices within Derivative Works that You distribute, alongside or as an addendum to the NOTICE text from the Work, provided that such additional attribution notices cannot be construed as modifying the License. You may add Your own copyright statement to Your modifications and may provide additional or different license terms and conditions for use, reproduction, or distribution of Your modifications, or for any such Derivative Works as a whole, provided Your use, reproduction, and distribution of the Work otherwise complies with the conditions stated in this License. 5. Submission of Contributions. Unless You explicitly state otherwise, any Contribution intentionally submitted for inclusion in the Work 123

136 by You to the Licensor shall be under the terms and conditions of this License, without any additional terms or conditions. Notwithstanding the above, nothing herein shall supersede or modify the terms of any separate license agreement you may have executed with Licensor regarding such Contributions. 6. Trademarks. This License does not grant permission to use the trade names, trademarks, service marks, or product names of the Licensor, except as required for reasonable and customary use in describing the origin of the Work and reproducing the content of the NOTICE file. 7. Disclaimer of Warranty. Unless required by applicable law or agreed to in writing, Licensor provides the Work (and each Contributor provides its Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are solely responsible for determining the appropriateness of using or redistributing the Work and assume any risks associated with Your exercise of permissions under this License. 8. Limitation of Liability. In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall any Contributor be liable to You for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising as a result of this License or out of the use or inability to use the Work (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if such Contributor has been advised of the possibility of such damages. 9. Accepting Warranty or Additional Liability. While redistributing the Work or Derivative Works thereof, You may choose to offer, and charge a fee for, acceptance of support, warranty, indemnity, or other liability obligations and/or rights consistent with this License. However, in accepting such obligations, You may act only on Your own behalf and on Your sole responsibility, not on behalf of any other Contributor, and only if You agree to indemnify, defend, and hold each Contributor harmless for any liability incurred by, or claims asserted against, such Contributor by reason of your accepting any such warranty or additional liability. END OF TERMS AND CONDITIONS 124

137 Appendix E: End User License Agreement END USER LICENSE AGREEMENT FOR POLYCOM REALPRESENCE CLOUDAXIS SUITE SOFTWARE PRODUCT IMPORTANT-READ CAREFULLY BEFORE USING THE SOFTWARE PRODUCT:This End-User License Agreement ("Agreement") is a legal agreement between you and/or any company you represent, you and either Polycom (Netherlands) B.V. (if you are located in Europe, Middle East, or Africa), Polycom Asia Pacific PTE Ltd. (if you are located in Asia Pacific), or Polycom, Inc. (if you are located in the rest of the world) (each referred to individually and collectively herein as POLYCOM ), for the SOFTWARE PRODUCT (including any software updates or upgrades thereto) licensed by POLYCOM or its suppliers. The SOFTWARE PRODUCT includes computer software and may include associated media, printed materials, and "online" or electronic documentation ("SOFTWARE PRODUCT"). Unless otherwise agreed in writing by POLYCOM, by accepting these terms or by installing, downloading, copying, or otherwise using the SOFTWARE PRODUCT, you agree to be and will be bound by the terms of this Agreement as a condition of your license. If you do not agree to the terms of this Agreement, your use is prohibited and you may not install or use the SOFTWARE PRODUCT. The SOFTWARE PRODUCT is protected by copyright laws and international copyright treaties, as well as other intellectual property laws and treaties. The SOFTWARE PRODUCT is licensed (not sold) to you, and its use is subject to the terms of this Agreement. This is NOT a sale contract. 1. Grant of License Subject to the terms of this Agreement, POLYCOM grants to you a non-exclusive, non-transferable (except as set forth herein), revocable license to install and use for personal or internal purposes the number and type of SOFTWARE PRODUCT licenses purchased by You, through a purchase order to either POLYCOM or to a Polycom Reseller authorized to resell Polycom products, and authorized by POLYCOM solely on the POLYCOM product with which this SOFTWARE PRODUCT is supplied or, if this SOFTWARE PRODUCT is delivered as software only, on a device (including but not limited to minimum hardware or software requirements) as outlined in the SOFTWARE PRODUCT supporting documentation ( DEVICE ). You may use the SOFTWARE PRODUCT pursuant to the license grant above and subject to the following terms and the proprietary notices in the SOFTWARE PRODUCT or on the media upon which the SOFTWARE PRODUCT is provided. You are not permitted to lease, rent, distribute, assign, sell or sublicense the SOFTWARE PRODUCT, in whole or in part, or to use the SOFTWARE PRODUCT in a timesharing, subscription service, hosting or outsourcing arrangement or in any other unauthorized manner. Further, no license is granted to you in the human readable code of the SOFTWARE PRODUCT (source code). Except as expressly provided below, this License Agreement does not grant you any rights to patents, copyrights, trade secrets, trademarks, or any other rights in the SOFTWARE PRODUCT. You are solely responsible for use of the SOFTWARE PRODUCT by your agents, contractors, outsourcers, customers and suppliers and their compliance with this Agreement. 2. Other Rights and Limitations 2.1 Limitations on Reverse Engineering, Decompilation, and Disassembly. You may not reverse engineer, decompile, modify or disassemble the SOFTWARE PRODUCT or otherwise reduce the SOFTWARE PRODUCT to human-perceivable form in whole or in part, except and only to the extent that such activity is expressly permitted by a third party license or applicable laws. The foregoing includes but is not limited to review of data structures or similar materials produced by SOFTWARE PRODUCT. The SOFTWARE PRODUCT is licensed as a single product. Its component parts may not be separated for use on more than one DEVICE. You may not use the SOFTWARE PRODUCT for any illegal purpose or conduct. 2.2 Back-up. Except as expressly provided for under this Agreement you may not copy the SOFTWARE PRODUCT; except, however, you may keep one copy of the SOFTWARE PRODUCT and, if applicable, one copy of any previous 125

138 version, for back-up purposes, only to be used in the event of failure of the original. All copies of the SOFTWARE PRODUCT must be marked with the proprietary notices provided on the original SOFTWARE PRODUCT. You may not reproduce the supporting documentation accompanying the SOFTWARE PRODUCT. 2.3 No Modifications. You may not modify, translate or create derivative works of the SOFTWARE PRODUCT. 2.4 Proprietary Notices. You may not remove or obscure any proprietary notices, identification, label or trademarks on or in the SOFTWARE PRODUCT or the supporting documentation. 2.5 Software Transfer. You may permanently transfer all of your rights under this Agreement solely in connection with transfer of the DEVICE, provided you retain no copies, you transfer all of the SOFTWARE PRODUCT (including the media and printed materials, any upgrades or updates, and this Agreement), and the recipient agrees to the terms of this Agreement. If the SOFTWARE PRODUCT is an upgrade or update, any transfer must include all prior versions of the SOFTWARE PRODUCT. However, if the SOFTWARE PRODUCT is marked "Not for Resale" or "NFR", you may not resell it or otherwise transfer it for value. 2.6 Copyright. All title and copyrights in and to the SOFTWARE PRODUCT (including but not limited to any images, photographs, animations, video, audio, music, text, programs and "applets" incorporated into the SOFTWARE PRODUCT), the accompanying printed materials, and any copies of the SOFTWARE PRODUCT are owned by POLYCOM or its suppliers. Title, ownership rights, and intellectual property rights in the SOFTWARE PRODUCT shall remain in POLYCOM or its suppliers. Title and related rights in the content accessed through the SOFTWARE PRODUCT is the property of such content owner and may be protected by applicable law. This Agreement gives you no rights in such content. 2.7 Confidentiality. The SOFTWARE PRODUCT contains valuable proprietary information and trade secrets of POLYCOM and its suppliers that remain the property of POLYCOM. You shall protect the confidentiality of, and avoid disclosure and unauthorized use of, the SOFTWARE PRODUCT. With respect to technical information you provide to POLYCOM as part of your use of SOFTWARE PRODUCT or SUPPORT SERVICES, POLYCOM may use such information for its business purposes, including for product support and development. POLYCOM will not utilize such technical information in a form that personally identifies you. 2.8 Dual-Media Software. You may receive the SOFTWARE PRODUCT in more than one medium. Regardless of the type or size of medium you receive, you may use only one medium that is appropriate for your DEVICE. You may not use or install the other medium on another DEVICE. 2.9 Reservation of Rights. POLYCOM and its suppliers reserve all rights in the SOFTWARE PRODUCT not expressly granted to you in this Agreement Additional Obligations. You are responsible for all equipment and any third party fees (such as carrier charges, internet fees, or provider or airtime charges) necessary to access the SOFTWARE PRODUCT Installation. You acknowledge that installation of the SOFTWARE PRODUCT and, as applicable, use of additional software features may involve a license key that may restrict installation of the SOFTWARE PRODUCT to the SOFTWARE PRODUCT licensed. POLYCOM may also embed algorithms in the SOFTWARE PRODUCT that periodically compare the SOFTWARE PRODUCT licenses enabled against the SOFTWARE PRODUCT licensed. You further acknowledge that the SOFTWARE PRODUCT requires activation on initial installation of the SOFTWARE PRODUCT and future events including, but not limited to, updates and changes to your hardware on which the SOFTWARE PRODUCT is installed. You acknowledge that the license key and internal controls in the SOFTWARE PRODUCT may not restrict usage to the licensed amounts and do not ensure compliance with this Agreement. 3. Support Services POLYCOM may provide you with support services related to the SOFTWARE PRODUCT ("SUPPORT SERVICES"). Unless otherwise agreed in writing by POLYCOM, Use of SUPPORT SERVICES and any supplemental software code provided to you as part of the SUPPORT SERVICES is governed by the terms and conditions of POLYCOM's Worldwide Service Program for End User Customers and the applicable Service Description. 4. Termination This Agreement will terminate automatically if you fail to comply with any of the terms and conditions of this Agreement. Polycom shall have the right to audit your use of the SOFTWARE PRODUCT in conjunction with this 126

139 Appendix E: End User License Agreement Agreement, and you will provide reasonable assistance for this purpose. In the event of any termination, you must cease use of the SOFTWARE PRODUCT, and destroy all copies of the SOFTWARE PRODUCT and all of its component parts. You may terminate this Agreement at any time by destroying the SOFTWARE PRODUCT and all of its component parts. Termination of this Agreement shall not prevent POLYCOM or its suppliers from claiming any further damages. If you do not comply with any of the above restrictions, this license will terminate and you will be liable to POLYCOM and its suppliers for damages or losses caused by your non-compliance. The waiver by POLYCOM of a specific breach or default shall not constitute the waiver of any subsequent breach or default. 5. Upgrades If the SOFTWARE PRODUCT is labeled as an upgrade or update, you must be properly licensed to use the software identified by POLYCOM as being eligible for the upgrade or update in order to use the SOFTWARE PRODUCT. A SOFTWARE PRODUCT labeled as an upgrade or update replaces and/or supplements the software that formed the basis for your eligibility for the upgrade or update. You may use the resulting upgraded/updated SOFTWARE PRODUCT only in accordance with the terms of this Agreement. If the SOFTWARE PRODUCT is an upgrade or update of a component of a package of software programs that you licensed as a single product, the SOFTWARE PRODUCT may be used and transferred only as part of that single SOFTWARE PRODUCT package and may not be separated for use on more than one DEVICE. You shall maintain the SOFTWARE PRODUCT replaced by the upgrade or update solely for use as an archival copy for recovery purposes. 6. Warranty and Warranty Exclusions 6.1 Limited Warranty. Except as otherwise set forth in a Third Party License or in third party license terms set forth below, POLYCOM warrants that (a) the SOFTWARE PRODUCT will perform substantially in accordance with the accompanying documentation for a period of ninety (90) days from the date of shipment by POLYCOM or the SOFTWARE PRODUCT is initially downloaded by You, as applicable, and (b) any SUPPORT SERVICES provided by POLYCOM shall be substantially as described in applicable written materials provided to you by POLYCOM. This warranty is valid only for the original purchaser. POLYCOM DOES NOT WARRANT THAT YOUR USE OF THE SOFTWARE PRODUCT WILL BE UNINTERRUPTED OR ERROR FREE, OR THAT ALL DEFECTS IN THE SOFTWARE PRODUCT WILL BE CORRECTED. YOU ASSUME FULL RESPONSIBILITY FOR THE SELECTION OF THE SOFTWARE PRODUCT TO ACHIEVE YOUR INTENDED RESULTS AND FOR THE INSTALLATION, USE AND RESULTS OBTAINED FROM THE SOFTWARE PRODUCT. IF THE SOFTWARE PRODUCT DOES NOT OPERATE AS WARRANTED ABOVE, POLYCOM'S SOLE OBLIGATION UNDER THIS EXPRESS WARRANTY SHALL BE, AT POLYCOM'S OPTION AND EXPENSE, TO REPAIR OR REPLACE THE DEFECTIVE SOFTWARE, OR IF NEITHER OF THE TWO FOREGOING OPTIONS IS REASONABLY AVAILABLE, POLYCOM MAY, IN ITS SOLE DISCRETION REFUND TO YOU THE PURCHASE PRICE PAID FOR THE DEFECTIVE PRODUCT. Any replacement SOFTWARE PRODUCT will substantially conform to the accompanying documentation and be warranted for the remainder of the original warranty period or thirty (30) days, whichever is longer. 6.2 Warranties Exclusive. TO THE FULL EXTENT ALLOWED BY LAW, THE FOREGOING WARRANTIES AND REMEDIES ARE EXCLUSIVE AND ARE IN LIEU OF ALL OTHER WARRANTIES, TERMS, OR CONDITIONS, EXPRESS OR IMPLIED, EITHER IN FACT OR BY OPERATION OF LAW, STATUTORY OR OTHERWISE, INCLUDING WARRANTIES, TERMS, OR CONDITIONS OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, SATISFACTORY QUALITY, CORRESPONDENCE WITH DESCRIPTION, AND NON-INFRINGEMENT, ALL OF WHICH ARE EXPRESSLY DISCLAIMED. POLYCOM NEITHER ASSUMES NOR AUTHORIZES ANY OTHER PERSON TO ASSUME FOR IT ANY OTHER LIABILITY IN CONNECTION WITH THE SALE, INSTALLATION, MAINTENANCE OR USE OF THE SOFTWARE PRODUCT. NO ADVICE OR INFORMATION, WHETHER ORAL OR WRITTEN, OBTAINED BY YOU FROM POLYCOM OR THROUGH OR FROM THE SOFTWARE PRODUCT SHALL CREATE ANY WARRANTY NOT EXPRESSLY STATED IN THIS AGREEMENT. NEITHER POLYCOM NOR ITS SUPPLIERS SHALL BE LIABLE UNDER THIS WARRANTY IF ITS TESTING AND EXAMINATION DISCLOSE THAT THE ALLEGED DEFECT OR MALFUNCTION IN THE SOFTWARE PRODUCT DOES NOT EXIST OR WAS CAUSED BY YOUR OR ANY THIRD PARTY'S MISUSE, NEGLECT, IMPROPER INSTALLATION OR TESTING, UNAUTHORIZED ATTEMPTS TO MODIFY THE SOFTWARE PRODUCT, OR ANY OTHER CAUSE BEYOND THE RANGE OF THE INTENDED USE, OR BY ACCIDENT, FIRE, LIGHTNING, POWER CUTS OR OUTAGES, OTHER HAZARDS, OR ACTS OF GOD. 7. Limitation of Liability YOUR USE OF THE SOFTWARE PRODUCT IS AT YOUR SOLE RISK. YOU WILL BE SOLELY RESPONSIBLE FOR ANY DAMAGE TO YOUR COMPUTER SYSTEM OR LOSS OF DATA THAT RESULTS FROM THE DOWNLOAD OR USE OF THE SOFTWARE PRODUCT. TO THE MAXIMUM EXTENT PERMITTED BY 127

140 APPLICABLE LAW, IN NO EVENT SHALL POLYCOM OR ITS SUPPLIERS BE LIABLE FOR ANY SPECIAL, INCIDENTAL, INDIRECT, OR CONSEQUENTIAL DAMAGES WHATSOEVER (INCLUDING, WITHOUT LIMITATION DAMAGES FOR LOSS OF BUSINESS PROFITS OR REVENUE; BUSINESS INTERRUPTION OR WORK STOPPAGE; COMPUTER FAILURE OR MALFUNCTION; LOSS OF BUSINESS INFORMATION, DATA OR DATA USE; LOSS OF GOODWILL; OR ANY OTHER PECUNIARY LOSS) ARISING OUT OF THE USE OF OR INABILITY TO USE THE SOFTWARE PRODUCT OR THE PROVISION OF OR FAILURE TO PROVIDE SUPPORT SERVICES, EVEN IF POLYCOM OR ITS SUPPLIER HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT SHALL POLYCOM S SUPPLIERS BE LIABLE FOR ANY DIRECT DAMAGES WHATSOEVER ARISING OUT OF THE USE OR THE INABILITY TO USE THE SOFTWARE PRODUCT. IN ANY CASE, POLYCOM'S ENTIRE LIABILITY SHALL BE LIMITED TO THE GREATER OF THE AMOUNT ACTUALLY PAID BY YOU FOR THE SOFTWARE PRODUCT OR U.S. $1.00. NOTWITHSTANDING THE TERMS OF THIS SECTION 7, IF YOU HAVE ENTERED INTO A POLYCOM SUPPORT SERVICES AGREEMENT, POLYCOM'S ENTIRE LIABILITY REGARDING SUPPORT SERVICES SHALL BE GOVERNED BY THE TERMS OF THAT AGREEMENT. 8. Indemnity You agree to indemnify and hold harmless POLYCOM and its subsidiaries, affiliates, officers, agents, co-branders, customers, suppliers or other partners, and employees, from any loss, claim or demand, including reasonable attorneys' fees, made by any third party due to or arising out of your use of the SOFTWARE PRODUCT, your connection to the SOFTWARE PRODUCT, or your violation of the Terms. 9. Disclaimers 9.1 Local Laws. Some countries, states, or provinces do not allow the exclusion or limitation of implied warranties or the limitation of incidental or consequential damages for certain products supplied to consumers, or the limitation of liability for death or personal injury, so the above limitations and exclusions may be limited in their application to you. When the implied warranties are not allowed to be excluded in their entirety due to local law, they will be limited to the duration of the applicable warranty. 9.2 Quality. Polycom cannot guarantee that the SOFTWARE PRODUCT will always function without disruptions, delay or errors. A number of factors may impact the quality of your communications and use of the SOFTWARE PRODUCT, and may result in the failure of your communications including but not limited to: your local network, firewall, your internet service provider, the public internet, the public switched telephone network and your power supply. Polycom takes no responsibility for any disruption, interruption or delay caused by any failure of or inadequacy in any of these items or any other items over which we have no control. 10. Export Controls. You acknowledge that the SOFTWARE PRODUCT may be subject to export restrictions of various countries. You shall fully comply with all applicable export license restrictions and requirements as well as with all laws and regulations relating to the importation of the SOFTWARE PRODUCT, in the United States and in any foreign jurisdiction in which the SOFTWARE PRODUCT is used. Without limiting the foregoing, the SOFTWARE PRODUCT may not be downloaded or otherwise exported or re-exported (i) into (or to a national or resident of) any country to which the U.S. has embargoed goods; (ii) any end user known, or having reason to be known, will utilize them in the design, development or production of nuclear, chemical or biological weapons; or (iii) to anyone on the U.S. Treasury Department's list of Specially Designated Nationals or the U.S. Commerce Department's Table of Denial Orders. By downloading or using the SOFTWARE PRODUCT, you are agreeing to the foregoing and you are representing and warranting that you are not located in, under the control of, or a national or resident of any such country or on any such list. If you obtained this SOFTWARE PRODUCT outside of the United States, you are also agreeing that you will not export or re-export it in violation of the laws of the country in which it was obtained. You further acknowledge that the SOFTWARE PRODUCT may include technical data subject to export and re-export restrictions imposed by US law. 11. Miscellaneous 11.1 Governing Law. This Agreement shall be governed by the laws of the state of California as such laws are applied to agreements entered into and to be performed entirely within California between California residents, and by the laws of the United States, without reference to conflict of laws principles. The United Nations Convention on Contracts for the International Sale of Goods (1980) and the Uniform Computer Information Transactions Act (UCITA) are hereby excluded in their entirety from application to this Agreement. 128

141 Appendix E: End User License Agreement 11.2 Entire Agreement. This Agreement represents the complete agreement concerning the SOFTWARE PRODUCT and may be amended only by a writing executed by both parties. If any provision of this Agreement is held to be unenforceable, such provision shall be reformed only to the extent necessary to make it enforceable Contact. If you have any questions concerning this Agreement, or if you desire to contact POLYCOM for any reason, please contact the POLYCOM office serving your country U.S. Government Restricted Rights. The software and documentation provided by Polycom pursuant to this Agreement are Commercial Items, as the term is defined at 48 C.F.R , consisting of Commercial Computer Software and Commercial Computer Software Documentation, as such terms are used in 48 C.F.R or 48 C.F.R , as applicable. Consistent with 48 C.F.R or 48 C.F.R through , as applicable, the Commercial Computer Software and Commercial Computer Software Documentation are licensed to United States Government end users (1) only as Commercial Items and (2) with only those rights as are granted to all other users pursuant to the terms of this Agreement High Risk Use. The SOFTWARE PRODUCT is not fault-tolerant and is not designed or Intended for use in hazardous environments requiring fail-safe performance, including without limitation, in the operation of nuclear facilities, aircraft navigation or communication systems, air traffic control, weapons systems, direct life-support machines, or any other application in which the failure of the SOFTWARE PRODUCT could lead directly to death, personal injury, or severe physical or property damage (collectively, "High Risk Use"). You are not licensed to, and you agree not to, use, distribute or sublicense the use of the SOFTWARE PRODUCT in, or in conjunction with, High Risk Use. High Risk Use is STRICTLY PROHIBITED. POLYCOM AND ITS SUPPLIERS EXPRESSLY DISCLAIM ANY EXPRESS OR IMPLIED WARRANTY OF FITNESS FOR HIGH RISK USE Third Party Software. The SOFTWARE PRODUCT may be distributed with software governed by licenses from third parties ( Third Party Software and Third Party License ). Any Third Party Software is licensed to you subject to the terms and conditions of the corresponding Third Party License, notwithstanding anything to the contrary in this Agreement. More information on Third Party Licenses included in the SOFTWARE PRODUCT can be found in the documentation for each SOFTWARE PRODUCT. Polycom makes no representation or warranty concerning Third Party Software and shall have no obligation or liability with respect to Third Party Software. If the Third Party Licenses include licenses that provide for the availability of source code and the corresponding source code is not included with the SOFTWARE PRODUCT, then check the documentation supplied with each SOFTWARE PRODUCT to learn how to obtain such source code Translations. This Agreement may have been translated into various languages for the convenience of POLYCOM s customers. While the translation is correct to the best of POLYCOM s knowledge, POLYCOM is not responsible or liable in the event of an inaccuracy. English is the controlling language of this Agreement, and any translation has been prepared for you as a courtesy only. In the event of a conflict between the English-language version of this Agreement and a version that has been translated into another language, the English-language version of this Agreement shall control. BY INSTALLING, COPYING, OR OTHERWISE USING THIS SOFTWARE PRODUCT YOU ACKNOWLEDGE THAT YOU HAVE READ, UNDERSTAND AND AGREE TO BE BOUND BY THE TERMS AND CONDITIONS INDICATED ABOVE. Polycom, Inc ALL RIGHTS RESERVED America Center Drive San Jose, CA U.S.A. 129