Avaya Aura Quality Monitoring Release 11.0 Security Administration Guide

Transcription

1 Avaya Aura Quality Monitoring Release 11.0 Security Administration Guide March 2012

2 Verint Systems Inc. All Rights Reserved. THIS AVAYA PRODUCT ('Product') CONTAINS CONFIDENTIAL AND PROPRIETARY INFORMATION OF VERINT SYSTEMS INC. OR ITS SUBSIDIARIES. USE OF THE PRODUCT INDICATES THE END USER'S ACCEPTANCE OF THE TERMS SET FORTH HEREIN AND THE GENERAL LICENSE TERMS AVAILABLE ON THE AVAYA WEBSITE AT ('GENERAL LICENSE TERMS'). IN THE EVENT OF ANY CONFLICT OR INCONSISTENCY BETWEEN THE TERMS SET FORTH HEREIN AND ANY WRITTEN AGREEMENT WITH AVAYA AND/OR AVAYA EULA, THE TERMS OF SUCH EITHER WRITTEN AGREEMENT WITH AVAYA AND/OR AVAYA EULA SHALL GOVERN. IF YOU DO NOT WISH TO BE BOUND BY THESE TERMS, YOU MUST RETURN THE PRODUCT(S) TO THE POINT OF PURCHASE WITHIN TEN (10) DAYS OF DELIVERY FOR A REFUND OR CREDIT. Avaya grants End User a license within the scope of the license types described below. The applicable number of licenses and units of capacity for which the license is granted will be one (1), unless a different number of licenses or units of capacity is specified in the Documentation or other materials available to End User. 'Software' means the computer programs in object code, originally licensed by Avaya and ultimately utilized by End User, whether as stand-alone Products or pre-installed on Hardware. 'Hardware' means the standard hardware Products, originally sold by Avaya and ultimately utilized by End User. License Type(s): "Channel" means a physical connection between or logical address associated with a recording device and an audio source. "Enterprise" means a license to use, without limitation on the number of copies or users applicable to that End User, that Software within that End User's technical environment in conjunction with other Software licensed. "Seat" means the number of uniquely identified work-stations (i) on which the Software is licensed to be installed, (ii) from or to which the Software will send or receive data, or (iii) about which the Software generates data. Any one or more of the foregoing, in the aggregate, applicable to a work-station shall qualify that work-station as a licensed Seat. Seat licenses are not concurrent, except that licenses relating to a work-station may be transferred to another work-station so long as such transfer is on a permanent basis. "Server" means a license to install the Software on a single central computer server. "Site" means a license to use the Software at a physical End User location, without limitation on the number of copies or users applicable to that physical End User location. Copyright: Except where expressly stated otherwise, the Product is protected by copyright and other laws respecting proprietary rights. Unauthorized reproduction, transfer, and or use can be a criminal, as well as a civil, offense under the applicable law. Third-party Components: This computer program is protected by U.S. and international copyright laws, patent laws, and other intellectual property laws and treaties. Unauthorized use, duplication, publication and distribution of all or any portion of this computer program are expressly prohibited and will be prosecuted to the maximum extent provided by law. Your rights in this computer program are limited to the license rights granted under the license agreement executed by you in hardcopy form (or if none, by acceptance of the clickwrap terms included with this computer program). If needed, please contact your vendor for an additional copy of those terms. All other rights, title and interest are expressly restricted and retained by Verint Systems, Inc. and its licensors. Certain open source applications ("Open Source") may be included with this computer program. For specific ownership information and license rights relating to those open source applications, please see the "Free and Open Source Licensing Information" guide ("Guide") provided with your computer program, or contact your vendor for a copy of that Guide. A license in each Open Source software application is provided to you in accordance with the specific license terms specified in the Guide. EXCEPT WITH REGARD TO ANY WARRANTIES OR OTHER RIGHTS AND OBLIGATIONS EXPRESSLY PROVIDED DIRECTLY TO YOU FROM VERINT, ALL OPEN SOURCE SOFTWARE IS PROVIDED "AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OWNERS OF THE OPEN SOURCE SOFTWARE OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THE OPEN SOURCE SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. Certain other software programs or portions thereof included in the Product may contain software distributed under third party agreements ('Third Party Components'), which may contain terms that expand or limit rights to use certain portions of the Product ('Third Party Terms'). Information identifying Third Party Components and the Third Party Terms that apply to them is available on Avaya's web site at: In addition, this product may contain the ReportNet application from Cognos Corporation. If so, you are granted a limited for use: (i) by an unlimited number of "Anonymous Users" to set personal preferences, view, run, schedule and output reports, subscribe to scheduled reports, create and manage personal folders, and personalize standard reports, and (ii) by one "Named User" (unless otherwise specified on this Order) to, in addition to the rights of an Anonymous User, use the Query Studio module. Avaya fraud intervention: If you suspect that you are being victimized by toll fraud and you need technical assistance or support, call Technical Service Center Toll Fraud Intervention Hotline at for the United States and Canada. Suspected security vulnerabilities with Avaya Products should be reported to Avaya by sending mail to: securityalerts@avaya.com Trademarks: Avaya and the Avaya Logo are trademarks of Avaya Inc. and are registered in the United States and/or other countries. Avaya may also have trademark rights in other terms used herein. References to Avaya include the Nortel Enterprise business, which was acquired as of December 18, All trademarks identified by, TM or SM are registered marks, trademarks, and service marks, respectively, of Avaya Inc. or the property of their respective owners. Patents: The Verint Systems Inc. products are protected by one or more of the following U.S., European or International Patents: USPN 5,790,798; USPN 6,278,978; USPN 6,370,574; USPN 6,404,857; USPN 6,510,220; USPN 6,724,887; USPN 6,751,297; USPN 6,757,361; USPN 6,782,093; USPN 6,952,732; USPN 6,959,078; USPN 6,959,405; USPN 7,047,296; USPN 7,149,788; USPN 7,155,399; USPN 7,203,285; USPN 7,216,162; USPN 7,219,138; USPN 7,254,546; USPN 7,281,173; USPN 7,284,049; USPN 7,325,190; USPN 7,376,735; USPN 7,424,715; USPN 7,424,718; USPN 7,466,816; USPN 7,478,051; USPN 7,558,322; USPN 7,570,755; USPN 7,574,000; USPN 7,587,041; USPN 7,613,290; USPN 7,633,930; USPN 7,634,422; USPN 7,650,293; USPN 7,660,307; USPN 7,660,406; USPN 7,660,407; USPN 7,672,746; USPN 7,680,264; USPN 7,701,972; USPN 7,734,783; USPN 7,752,043; USPN 7,752,508; USPN 7,769,176; USPN 7,774,854; USPN 7,787,974; USPN 7,788,286; USPN 7,792,278; USPN 7,792,671; USPN 7,801,055; USPN 7,817,795; USPN 7,822,018; USPN 7,826,608; USPN 7,836,171; USPN 7,848,524; USPN 7,853,006; USPN 7,852,994; USPN 7,853,800; USPN 7,853,753; USPN 7,864,946; USPN 7,873,156; USPN 7,881,216; USPN 7,881,471; USPN 7,882,212; USPN 7,882,217; USPN 7,885,813; USPN 7,899,178; USPN 7,899,180; USPN 7,899,176; USPN 7,904,481; USPN 7,903,568; USPN 7,904,325; USPN 7,907,142; USPN 7,913,063; USPN D606,983; USPN RE40,634; USPN RE41,534; USPN RE41,608; AU ; CA 2,474,735; CA 2,563,960; CA 2,564,127; CA 2,564,760; CA 2,567,232; CA 2,623,178; CA 2,627,060; CA 2,627,064; CA 2,628,553; EP ; EP ; EP ; DE ; FR ; DE ; FR ; GB 833,489; GB ; IE 84821; IE 85519; IL ; NZ ; ZL ; ZL ; ZL ; and other provisional rights from one or more of the following Published U.S. Patent Applications: US 10/061,491; US 10/467,899; US 10/525,260; US 10/633,357; US 11/166,630; US 11/345,587; US 11/359,195; US 11/359,319; US 11/359,356; US 11/359,357; US 11/359,358; US 11/359,532; US 11/361,208; US 11/388,944; US 11/394,408; US 11/394,410; US 11/394,794; US 11/395,759; US 11/396,062; US 11/428,239; US 11/475,683; US 11/477,124; US 11/478,714; US 11/479,056; US 11/479,267; US 11/479,506; US 11/479,899; US 11/509,549; US 11/509,550; US 11/528,267; US 11/529,132; US 11/529,946; US 11/529,947; US 11/540,107; US 11/540,171; US 11/540,185; US 11/540,281; US 11/540,320; US 11/540,785; US 11/540,900; US 11/540,902; US 11/540,904; US 11/567,808; US 11/567,852; US 11/583,381; US 11/608,340; US 11/608,350; US 11/608,358; US 11/608,438; US 11/608,440; US 11/608,894; US 11/616,490; US 11/621,134; US 11/676,818; US 11/691,530; US 11/692,983; US 11/693,828; US 11/693,899; US 11/693,923; US 11/693,933; US 11/712,933; US 11/723,010; US 11/742,733; US 11/752,458; US 11/771,499; US 11/776,659; US 11/824,980; US 11/831,250; US 11/831,257; US 11/831,260; US 11/831,634; US 11/844,759; US 11/872,575; US 11/924,201; US 11/937,553; US 11/959,650; US 11/968,428; US 12/015,375; US 12/015,621; US 12/053,788; US 12/055,102; US 12/057,442; US 12/057,476; US 12/107,976; US 12/118,781; US 12/118,789; US 12/118,792; US 12/164,480; US 12/245,781; US 12/326,205; US 12/351,370; US 12/416,906; US 12/464,694; US 12/466,673; US 12/483,075; US 12/497,793; US 12/497,799; US 12/504,492; US 12/539,640; US 12/608,474; US 12/628,089; US 12/630,030; US 12/684,027; US 12/686,213; US 12/708,558; US 12/725,127; US 12/753,137; US 12/762,402; US 12/768,194; US 12/792,796; US 12/840,227; US 12/840,233; US 12/852,144; US 12/879,868; US 12/887,059; US 12/887,089; US 12/888,445; US 12/888,448; US 12/891,620; US 12/915,868; US 12/915,941; US 12/916,006; US 12/940,508; US 12/942,111; US 12/964,891; US 13/005,996; US 13/008,283; US 13/011,870; US 13/011,871; US 13/016,998; and other U.S. and International Patents and Patents Pending.

3 Contents 1 Introduction System Overview Security Features RSA Key Management Server Authentication and Content Data Encryption Components Without Security Preserve Security Settings During Upgrades Preparing the System for Upgrade Discovering Quality Monitoring Security Configuration Checking the Quality Monitoring Application Configuration Locating Certificates, Encryption Keys, and Configuration Files Backup Certificates, Encryption Key, and Configuration Files Upgrade Quality Monitoring Reconfiguring Quality Monitoring Passwords Windows Domain Account Password Database Services Password Quality Monitoring Services Password Quality Monitoring with Full-time Recording Password System Administration Database Data-in-Transit Password Quality Monitoring/Enterprise Reporting Secret Key Quality Monitoring Services Services Services By Server Services Account Prerequisite Creating a Non-Admin Account Configuring the BDR/Web Server Box Configuring erecorder Boxes Troubleshooting Command Scripts

4 Contents BDR Server Command Script erecorder Server Command Script erecorder Audio Service erecorder Server Without Dialogic Voice Cards erecorder Server With Dialogic Voice Cards Server Hardening Third Party Software Required Third Party Software Java Runtime Environment 6.0 Update Microsoft Data Access Components 2.8 SP Intel Dialogic System Release Other Third Party Software Dialogic DSE DL-3009 (VTG) Card Installation + Hot Fixes Interactive Intelligence COM Client Mitel TAI API Installation Alcatel TSAPI Client Avaya TSAPI Client Databases Microsoft SQL Server 2005 Standard/Enterprise Edition Oracle 10g Server Standard/Enterprise Edition Microsoft Windows Security Features Internet Explorer Enhanced Security Configuration Data Execution Prevention Services Windows Server Windows Server 2008 R Security Preparation Before You Begin Software Prerequisites Secure Data In Transit Cipher List Prepare Quality Monitoring Server Certificates Install Quality Monitoring Server Certificates Configure the Tomcat Server Command Server Configuration Search Service Configuration Supervisor/Search and Replay Client Workstation Configuration Quality Monitoring with Full-time Recording Configuration Secure Communication with WorkForce Optimization (WFO) Secure Content Data Transmission Configuration Enable Secure Communications Certificate Management Required Certificates Public Certificate Authority Quality Monitoring Configuration Guide 4

5 Contents Private Certificate Authority Generate and Sign Server Certificate Install Server Certificates Verify RSAProvider.cfg Contains the Certificate and Password Import to JRE Import to the Windows Certificate Store Import into Microsoft Internet Explorer Revoke Certificates Compromised Certificate Authority Certificate Compromised Server Certificate Update Expired Certificates Update Certificate Authority Certificate Update Server Certificates Secure Data At Rest Prepare Server Certificates Install and Configure KMS KMS SSL Connection Configuration KMS Properties in IIS Configuration KMS Security Policies for erecorder Machines Enable Content Encryption Pause and Resume Recording Introduction Pausing and Resuming Contact Recording Pause/Resume Requestors PauseRecord and ResumeRecord Events Multiple Contacts Recording the same Workspace Transferred Calls Pause and Resume Recording using AIM Pause and Resume Recording from an External Application Full-time Recording Playing Back Paused Contacts Quality Monitoring Configuration Guide 5

6 Chapter 1 Introduction This chapter introduces security for Quality Monitoring. This guide contains key information for setting up a secure Quality Monitoring environment that complies with the requirements of the PCI data security standard. This guide does not describe the installation and administration of the RSA Key Manager server. For RSA Key Manager instructions, see the documentation that accompanies the RSA Key Manager installation DVD. This chapter describes the following topics: System Overview, page 7 Security Features, page 8 RSA Key Management, page 10 Server Authentication and Content Data Encryption, page 12 Components Without Security, page 13

7 Chapter 1 - Introduction System Overview System Overview The primary functions of the Quality Monitoring system include recording, archiving, replaying and evaluating interactions between contact center agents and customers. These interactions can be recorded as telephone audio data, telephony and contact metadata, screen images of agents' desktop PCs, and data captured from an interactive voice response (IVR) system, such as customer account information. The recorded interactions may contain personal payment card information. Therefore, as an integrated part of a company's call center operations, Quality Monitoring provides security options to help our customers meet their security requirements, such as Payment Card Industry (PCI) security compliance. Quality Monitoring can record telephone calls by analyzing computer telephony integration (CTI) events received from telephony switches and/or by processing call control messages, as well as audio data received either on the network adapter cards or voice cards of a PC. Quality Monitoring can also record screen images of agents' desktop PCs by deploying Screen Capture modules on agents' desktop PCs to capture the screen images and to transfer them to recorder servers. In addition, Quality Monitoring can archive the recorded data on various storage devices and retrieve recorded data. Quality Monitoring can also monitor agent interactions in real-time, known as Live Monitoring. Quality Monitoring Configuration Guide 7

8 Chapter 1 - Introduction Security Features Quality Monitoring components consist of a set of logical servers, which can be deployed on a single machine or can be deployed on multiple machines in a large enterprise environment. These servers include: BDR Server - Its primary functions include interfacing with customer's telephony infrastructure, translating CTI events, consolidating metadata to databases, and instructing recorders to record calls based on configured business rules. The BDR Server machine contains the Web Server, Search Server and Command Server as well. erecorder Server - Its primary functions include capturing media data and storing them on local hard drives, compressing the media data, and archiving recorded media as well as serving recorded content to replay and live monitor applications. Database Server - Its primary functions include storing recorded metadata and Quality Monitoring configurations. Quality Monitoring supports both SQL Server and Oracle databases. Key Management Server - Its primary functions include generating, supplying, and managing symmetric encryption keys for components of the Quality Monitoring. This is a third party software application provided by RSA, the Security Division of EMC. Security Features A set of security features has been implemented in the Quality Monitoring system. These features are mostly optional and configurable. The objective is to secure recorded customer sensitive information such as payment card information, as well as application authentication parameters. Security requirements often vary from customer to customer. Even for standard compliance, such as PCI, requirements on security technology and configuration depend on the security policies, procedures, and network configurations of each customer's environment. Instead of providing a checklist of security configurations for a specific security compliance requirement, the rest of this document focuses on the security features included in the Quality Monitoring system, and how to configure them. Security administrators of call centers must decide, based on their particular security policies, what security features need to be enabled. Quality Monitoring Configuration Guide 8

9 Chapter 1 - Introduction Security Features Quality Monitoring security features include: Optional encryption of recorded data persisted on any storage device of the Quality Monitoring Recording Systems using the standard AES256 algorithm and RSA Security Enterprise Key Manager (Encryption of Data at Rest). Optional encryption using standard AES256 technology of captured screen images of agent desktop PCs before transmitting these images to screen recorders (Encryption of Data in Transit). Optional encryption using standard AES256 technology of call screen and audio data sent to supervisor desktops during call replaying and live monitoring (Encryption of Data in Transit). Optional encryption of communication between client applications and server components, including the ability to encrypt all application administration commands and data (Encryption of Data in Transit). Quality Monitoring uses standard security technologies such as SSL/TLS to secure these communication lines. Ability to pause and resume recording of sensitive content from an external source, such as an application running on the agent desktop. Comprehensive auditing of Quality Monitoring user activities, including changes to system configuration parameters, reviewing interactions, evaluating agents, and deleting recorded interactions and evaluations. User account and password policies, which include role-based administrative accounts, account lockout, password length, and password complexity, set within the System Administrator module. Changeable application account logon credentials. This includes Windows accounts, Database accounts, and Application Administration accounts. All logon credentials stored on hard drives are encrypted. Successful operation in locked-down servers and networks based on the benchmarks provided by the Center for Internet Security. This includes: a. the documentation of a minimum list of services and protocols necessary for recording systems b. identification of the Windows Services/Privileges, protocols, and ports required to install or run the Quality Monitoring System c. thorough testing in locked-down environments, based on benchmarks published by the Center for Internet Security Quality Monitoring Configuration Guide 9

10 Chapter 1 - Introduction RSA Key Management RSA Key Management The encryption of data at rest uses the RSA Key Management software for the generation, update, and management of symmetric encryption keys. RSA Key Management software consists of key management server(s) (KMS) and key management clients (KMC). An RSA key management server, or servers for scalability and/or redundancy, serves as a centralized key management module for configuring key policies and managing the generation, update, and archiving of encryption keys. An RSA KMS is typically deployed on a standalone PC. RSA key management clients are API libraries, deployed on application servers, which provide functions for encryption key-aware applications, such as Recorder components, to communicate via SSL with KMS, and to get and cache encryption keys. RSA KMC libraries are installed on the erecorder servers by the Quality Monitoring installation program. Quality Monitoring Configuration Guide 10

11 Chapter 1 - Introduction RSA Key Management The RSA Key Manager is built on a highly scalable and fault tolerant architecture that includes the following components: The Key Manager Server: Securely stores, generates, manages and brokers access to cryptographic keys. The Key Manager Client: This is a development library of encryption and key-retrieval functions. The KMC library is embedded in the Quality Monitoring installation. It provides configurable key caching features to store active encryption keys, in encrypted format, in memory or on local file system. This feature significantly reduces the network traffic between KMS and applications. The Key Manager Administration Console: This is an interface for administrators to manage the KMS. The Database Server: Provides database services for an RSA Key Manager deployment and hosts the Key Manager Server Datastore and Keystore. The Datastore : This is a persistent storage area for all administrative and operational information. The Keystore : This is a separate database for storage of cryptographic keys. All keys are stored in encrypted form-encrypted using a key encryption key (KEK). The Key Manager Server and Database can be deployed either on separate machines or on the same machine. To reduce server footprint, the Key Manager server and Key Manager database can also be deployed on one of the Quality Monitoring system machines. At this time only SQL is supported at the key management database. The following is the minimum hardware required for the KMS: Processor: 1.6 GHz CPU Hard Disk Drive: 20 GB Memory: 2GB of RAM Base Operating System: Windows 2003 Server R2 It is critical that the customer is made aware of the importance of maintaining the keys used for encryption. They must ensure that backup and maintenance strategies are in place with the key management system. If the keys are lost then ALL recordings will be put beyond reach. More information on RSA Key Management software can be found in the RSA Key Manager Server Administration Guide and in the RSA Key Manager Installation Guide included on the RSA Key Manager Server installation DVD. Quality Monitoring Configuration Guide 11

12 Chapter 1 - Introduction Server Authentication and Content Data Encryption Server Authentication and Content Data Encryption Server Authentication and Data Encryption features are added to authenticate and encrypt the data transmitted over the network between the erecorder, Search and Replay and Screen Capture Module. Server Authentication occurs between the erecorder and the Screen Capture module, after establishing a successful connection. The erecorder sends the authentication code, which is read from Server.wss file, in encrypted form to the Screen Capture module. The Screen Capture module validates this code with the code read from Agent.wss file. If the code matches, then the Screen Capture module authenticates the connection and begins the video capturing. If the authentication fails, it closes the socket connection. Data Encryption encrypts data transmitted over the network between the erecorder, Search and Replay, and Screen Capture Module using AES256 Encryption. When the server is configured for Secure Communications, Server Authentication and Data Encryption are enabled. The communication password is stored in encrypted form in Server.wss, Client.wss and Agent.wss security files. Initially these files are deployed with default password 'witness'. Server.wss file is installed as part of erecorder installation, and on each erecorder in multi-node case. Client.wss is installed as part of Web Server installation. Agent.wss is installed as part of Screen Capture Module installation. Quality Monitoring Configuration Guide 12

13 Chapter 1 - Introduction Components Without Security Components Without Security Quality Monitoring does not secure the following data and/or communications: Recording control and tag messages sent to Quality Monitoring from external sources via the Quality Monitoring Connect adapter Socket communications between the BDR and erecorder servers Communications between Quality Monitoring servers and external database servers (these communications are protected by authentication but not encryption) Quality Monitoring Configuration Guide 13

14 Chapter 2 Preserve Security Settings During Upgrades If you have implemented secure access to Quality Monitoring information in a previous release, you can keep the configuration intact during an upgrade to the current release. All of the security features of the previous release are included in the current release. Depending on the release being upgraded, the current release can be configured to the same level of security or higher. This chapter outlines the steps needed to preserve the security level when upgrading from Quality Monitoring 7.8 SP1 or Quality Monitoring to Quality Monitoring 11. For older releases of Quality Monitoring (7.7 SP1 or 7.7 SP2), sections of the chapter that point to securing Tomcat can be used. If the release is older than Quality Monitoring 7.7.1, you must configure security as documented elsewhere in this guide. This chapter describes the following topics: Preparing the System for Upgrade, page 15 Upgrade Quality Monitoring, page 17 Reconfiguring Quality Monitoring, page 17

15 Chapter 2 - Preserve Security Settings During Upgrades Preparing the System for Upgrade Preparing the System for Upgrade This section provides instructions on what needs to be done to prepare an existing Quality Monitoring system for upgrading to the current release. Discovering Quality Monitoring Security Configuration There are different types of security configurations, such as certificate deployment and public versus private certificates. It is important to understand the current configuration before upgrading. Checking the Quality Monitoring Application Configuration Use the following steps to discover the current security configuration: 1 Check if Secure Communication and\or Enable Recording Content Encryption on Disk (Data At Rest) are enabled. Login to Quality Monitoring and go to System Administration. Go to Root Settings > Security tab. If Secure Communication is enabled, you are using certificates to secure the communication between the Client to the Command Server and BDR Server. This also means that media data in transit is being encrypted during transfer from Screen Capture to the erecorder and from the erecorder to the Client for Playback and Live Monitor. If Enable Recording Content Encryption on Disk is checked, Data at Rest is configured. Locating Certificates, Encryption Keys, and Configuration Files After you confirm that Secure Communications and\or Data At Rest are enabled, you need to locate the certificates, encryption, and configuration files used to configure Quality Monitoring for security. Depending on the system configuration, there could be a mix of public or private certificates used at your site. It depends on how you deployed certificates to secure Quality Monitoring, so it is important to understand the system configuration. The following steps determine the location of the certificates used: 1 Check the Tomcat Server.xml file for the certificate used for HTTPS. Go to <drive>:\tomcat\conf. Open the server.xml file. Locate the Connector Port used for secure communication with Tomcat. This port is usually Within the Connector check for 'keystorefile' attribute. It will have the location of the certificate used to secure communications with Tomcat. Note the location of this file for later use. Quality Monitoring Configuration Guide 15

16 Chapter 2 - Preserve Security Settings During Upgrades Preparing the System for Upgrade 2 Search for the certificate used to secure Search Server RMI communications. Open the Windows Registry. Locate the key: HKEY_LOCAL_MACHINE\SOFTWARE\Witness\eQuality\Quality Monitoring Search Service. Locate the Bitsize key and open. Locate the keyword '-Djavax.net.ssl.keyStore'. This value will contain the location of the certificate used to secure the Search Server. Note the location of this file for later use. 3 Check the Command and BDR Servers for the certificate used to secure Socket communications. Go to the directory <QM installation folder>\qm\ and open the file 'CertConfiguration.xml'. It has the location of the certificates being used by the Command and BDR Servers. This location is usually <QM installation folder>\qm\qmcerts. There should be two files in this directory. Both are the same certificate in different formats. The Command and BDR Servers used the certificate formatted with the.pem extension, but you need to keep the other certificate because it may be used by other components. Note the location of these files for later use. 4 Check the erecorder\kmc certificate used for Data at Rest Media encryption. Go to the directory <QM installation folder>\qm\conf\security. There should be two certificates in this directory. Note the location of these files for later use. 5 Locate the Encrypted password files used to encrypt Data in Transit (Media Data). To locate the file used by the erecorder to decrypt and encrypt media data, go to directory <drive>:\program files\witness\qm and locate the file name 'server.wss'. Note the location of this file for later use. To locate the file used by the Client for Playback and Live Monitor to decrypt media data, go to directory <drive>:\tomcat\webapps\qm\applets and locate the file name 'client.wss'. Note the location of this file for later use. To locate the file used by the Agent Capture to encrypt media data, go to directory '<drive>:\program Files\Witness Systems\Screen Capture Module' and locate the file name 'agent.wss'. Note the location of this file for later use. 6 Locate the configuration file that contains the password used to authenticate communications with Enterprise Reporting and a certificate location. Go to the directory <QM installation folder>\qm and open the file 'ERConfiguration.xml'. It has the password that is used to authenticate communication with ER and it has the location of the certificate used to communicate with ER. Note the location of this file for later use. Quality Monitoring Configuration Guide 16

17 Chapter 2 - Preserve Security Settings During Upgrades Upgrade Quality Monitoring Backup Certificates, Encryption Key, and Configuration Files Now that all certificate, encryption and configuration file locations have been discovered, you can backup the certificates, encryption key, and configuration files used by the installed version of Quality Monitoring. 1 Create a Certificate Backup directory. 2 Copy the following files to the backup directory: Tomcat server.xml CertConfiguration.xml ERConfiguration.xml server.wss client.wss agent.wss certificate files This is a preventative step in case some of the certificates, encryption key, or configuration files are overridden during the upgrade. Upgrade Quality Monitoring Upgrade to the latest release of Quality Monitoring. Install the new default JRE required for Quality Monitoring Services and use the Quality Monitoring installer to upgrade the Quality Monitoring software. Reconfiguring Quality Monitoring After the Quality Monitoring install is finished and the machine reboots, you need to do the following: 1 Stop all Quality Monitoring services. 2 Check to see if any certificates have been erased during the install. If a certificate is not present, copy the certificates to the proper directories: Command and BDR Server certificates need to be copied to the location indicated in the file CertConfiguration.xml. The location of the certificate is usually <drive>:\program files\witness\qm\qmcerts, but this can be different depending on the previous system configuration. Check the backup CertConfiguration.xml file and configure the new CertConfiguration.xml file accordingly and save. Copy the certificates for the Command and BDR Server to the directory as configured in the CertConfiguration.xml file. Quality Monitoring Configuration Guide 17

18 Chapter 2 - Preserve Security Settings During Upgrades Reconfiguring Quality Monitoring erecorder certificates need to copied to <QM installation folder>\qm\conf\security on each erecorder. The KMS certificate does not need changing if the certificate has not expired. To add a new certificate to KMS, see Install Server Certificates, page 66. Tomcat certificate needs to be copied to the directory specified in the Connector port used to secure HTTP (HTTPS) communications in the server.xml file. Search Server certificate needs to be copied to the previously noted location. 3 With the certificates copied to their previous locations, Tomcat needs to be reconfigured to support HTTPS. Open the server.xml file in the Backup directory. Search for 'Connector port="8443"' in this file. Copy the attributes and values of 'keystoretype', 'keystorefile', and 'keystorepass'. If keystorepass is not present, there is no worry; it's using the default certificate password. Got to <drive>:\tomcat\conf and open the server.xml file. Search for 'Connector port="8443"' in this file. Remove the symbols '<!--' and '-->' from above and below the connector. Paste the text copied from the old Server.xml exactly as it appears to the Connector in the current Server.xml file. Close both Server.xml files. You will be prompted to save the changes in the modified Server.xml file. 4 Search Server needs to be properly reconfigured for secure communications. Go to <QM installation folder>\qm\cautility and open the file ConfigSSLForSearch.reg. Make sure that it is pointing to the correct location for the certificate it will use. Also ensure that Search Server is pointing to the JRE being used by the QM Server Components. If either is incorrect, correct the locations. Also if the certificate is using a password other than the default, enter the correct password with the key -Djavax.net.ssl.keyStorePassword=[Password]. Save the changes to the file. Double click on the registry file and Windows will update the Registry with the proper change corrections. 5 The JRE used for the Quality Monitoring Server Components need to have the CA certificate imported into its certificate store. Go to the directory <QM installation folder>\qm\cautility. Unzip the zip file ImportCACertToJREandWindowsCertStores.zip into the current directory. Execute the command file 'ImportCACertToJRE.cmd' passing the parameters of the JRE location to insert the CA certificate and the location of the CA certificate. Quality Monitoring Configuration Guide 18

19 Chapter 2 - Preserve Security Settings During Upgrades Reconfiguring Quality Monitoring 6 Data in Transit needs to be configured for the upgraded system. If the customer is using the default password to encrypt data in transit, no action is needed as the files install will contain the default password. If a new password is needed, see Secure Data In Transit, page 54. Otherwise if you want to use the same files (i.e. use the same modified password), follow the steps below: Copy the file 'Server.wss' from the backup directory to <QM installation folder>\qm on every machine the erecorder is installed. Copy the file 'Client.wss' from the backup directory to <drive>:\tomcat\webapps\qm\applets for Tomat. Copy the file 'Agent.wss' from the backup directory to the directory '<drive>:\program Files\Verint Systems\Screen Capture Module' on every machine used for Screen Capture. 7 Configure Quality Monitoring to communicate with Enterprise Reporting, as it has changed in the current release. If the certificate for the Enterprise Reporting server was created by a CA other than the CA used for the Quality Monitoring server, import the certificate into the Windows Certificate Store using the command 'ImportCaCertToWindows.cmd' passing the location of the CA certificate. One change from previous release is that the EREncyptionKey itself is encrypted. Copy the password from the backup ERConfigutation.xml. Open the encryption tool 'PwdGenerator.exe' located in the directory <QM installation folder>\qm. Use the PwdGenerator tool to encrypt the Enterprise Reporting password and place the encrypted password in the ERConfiguration.xml file and save. 8 Configuring Supervisor's desktops if using a new JRE. If you are going to use a new JRE, import the CaCert from the CA used to secure Quality Monitoring into the new JRE. Use the script 'ImportCaCertToJRE.cmd' file to import the CaCert into the JRE. 9 Start all Quality Monitoring Services and test the system. Quality Monitoring Configuration Guide 19

20 Chapter 3 Passwords After installation, you should change the Quality Monitoring application password from the default to a new password you define. This chapter describes the following topics: Windows Domain Account Password, page 21 Database Services Password, page 21 Quality Monitoring Services Password, page 23 Quality Monitoring with Full-time Recording Password, page 25 Data-in-Transit Password, page 27 Quality Monitoring/Enterprise Reporting Secret Key, page 28

21 Chapter 3 - Passwords Windows Domain Account Password Windows Domain Account Password You can change the Windows domain account password for each Quality Monitoring server. When changing the login credentials for multiple servers, make all changes simultaneously. You do not need to reboot the servers after the password is updated. To change the Windows domain account password: 1 Log into the server and proceed as if you were going lock the workstation, but instead of choosing Lock Workstation choose Change Password. If you logging in remotely to the server, go to Start > Settings > Windows Security and click Change Password. 2 Enter in a new password and confirm it. The password must meet the domain minimum requirements. 3 Return to the desktop. 4 Select the Services icon in the Quick Launch Toolbar or select Start > Settings > Services. 5 Sort the services window by the "Log On As" column. 6 Change the passwords for the services that are logged on using the Windows domain user authentication: a. For each service you need to change, select Properties from the right-click menu. b. Update the Password and Confirm Password fields and click OK. 7 Stop and restart Quality Monitoring services. 8 Launch Quality Monitoring to verify access. Database Services Password To change the password used by the Quality Monitoring services: 1 On the Database server, reset the password for the user name that is used by the Quality Monitoring application. 2 On the Quality Monitoring server, launch the PwdGenerator.exe tool from the Quality Monitoring installation directory, typically <Program Files>\Witness\QM. Quality Monitoring Configuration Guide 21

22 Chapter 3 - Passwords Database Services Password 3 Type the new password. The password must be identical to the password you set on the Database server. 4 Click Generate. The encrypted password is printed in the Encrypted password field. 5 Click Copy to clipboard to place the encrypted password onto the Windows Clipboard. 6 Open the Windows Registry Editor Tool (Run > regedit) and navigate to the following registry key: For 32-bit Operating Systems: HKLM\Software\Witness\BDR\Database: Password. For 64-bit Operating Systems: HKLM\Software\Wow6432Node\Witness\BDR\Database: Password. Quality Monitoring Configuration Guide 22

23 Chapter 3 - Passwords Quality Monitoring Services Password 7 Right-click on Password and select Modify. Paste the newly encrypted password and press OK. 8 Restart the Quality Monitoring services. Quality Monitoring Services Password It is recommended to use a Domain level account for Quality Monitoring Services if you are not using the Local System account. To change the password of the Quality Monitoring Service accounts: 1 On the BDR Sever, start the Services Manager. 2 Locate the Quality Monitoring services and right-click on the Quality Monitoring Apache Tomcat Service and select Properties. Quality Monitoring Configuration Guide 23

24 Chapter 3 - Passwords Quality Monitoring Services Password 3 Open the Log On tab. 4 Type the new password in the Password and Confirm Password fields. 5 Click OK. 6 Repeat the process for the other remaining Quality Monitoring services to update the service with the correct Log On account information. Quality Monitoring can be deployed on multiple servers; remember to change the Log On account information on all deployed servers. The other services that are apart of Quality Monitoring are: Quality Monitoring BDR Service Quality Monitoring Command Service Quality Monitoring erecorder Service Quality Monitoring erecorder Video Service Quality Monitoring erecorder Audio Service Quality Monitoring Search Service Quality Monitoring Configuration Guide 24

25 Chapter 3 - Passwords Quality Monitoring with Full-time Recording Password Quality Monitoring with Full-time Recording Password Changing the password that allows Quality Monitoring to connect with Viewer is usually handled in the database upgrade scripts and with System Administration. Usually, you can change the password using system administration. If that does not work for your deployment, you can also use the database. System Administration To change the password using System Administration: 1 Log into Quality Monitoring. 2 Select System Administration. 3 Select Root Settings > General tab. 4 Click Edit. 5 Scroll down the page to the QM with Full-Time Recording section. 6 Type the new password and click Submit. 7 Confirm the changes. Quality Monitoring Configuration Guide 25

26 Chapter 3 - Passwords Quality Monitoring with Full-time Recording Password Database When you cannot use System Administration to change the password, you can use the database. To change the password using Microsoft SQL: 1 On the Database server, open the Microsoft SQL Server Management Studio. 2 Click New Query. 3 Select witness from the database drop down. 4 Run the following query: select * from registry_value where registry_key_pk = 69 and name like 'Password'. 5 Check the value in the String_Value column. If the password is not encrypted, highlight and copy the password from the String_Value column and follow steps 2-5 of Database Services Password, page 21 with the following exception; instead of typing the password, paste the password copied from the database. 6 Run the following query to update the String_Value with the newly encrypted password: update registry_value set string_value = 'ENCRYPTED PASSWORD' where registry_key_pk = 69 and name like 'Password'. To change the password using Oracle: 1 On the Database server open SQLPlus. 2 Log into the qm database. 3 Run the following query: select * from registry_value where registry_key_pk = 69 and name like 'Password';. 4 Check the value in the String_Value column If it is not encrypted, highlight and copy the password from the String_Value column and steps 2-5 of Database Services Password, page 21 with the following exception; instead of typing the password, paste the password copied from the database. 5 Run the following query to update the String_Value with the newly encrypted password: update registry_value set string_value = 'ENCRYPTED PASSWORD' where registry_key_pk = 69 and name like 'Password';. Quality Monitoring Configuration Guide 26

27 Chapter 3 - Passwords Data-in-Transit Password Data-in-Transit Password The communication password can be changed using the wsschangepassword.exe utility, which is installed as a part of the erecorder installation. This utility generates a new set of the security files for a new password. To change the password: 1 Copy the wsschangepassword.exe and server.wss files to any temporary directory. 2 Run wsschangepassword.exe. 3 Type the current password and then type and re-type the new password in the appropriate text boxes. 4 Click OK. The system overwrites the old files and generates a new set of Server.wss, Agent.wss and Client.wss files. 5 Copy the Server.wss file to each erecorder node in the erecorder installed directory. 6 Copy the Agent.wss file to each Screen Capture module-installed machine in the Capture installed directory. This file can be copied in to different directories, as long as the following registry value is pointing to the correct directory: 32-bit Operating System: HKLM\Software\Witness Systems\eQuality Agent\Capture\Current Version\WSSPath 64-bit Operating System: HKLM\Software\Wow6432Node\Witness Systems\eQuality Agent\Capture\Current Version\WSSPath Quality Monitoring Configuration Guide 27

28 Chapter 3 - Passwords Quality Monitoring/Enterprise Reporting Secret Key 7 Copy the Client.wss file to Web Server in the.\tomcat\webapps\qm\applets directory. If the Quality Monitoring Supervisor client is installed onto a supervisor machine, then copy the Client.wss file to each Supervisor machine. Quality Monitoring/Enterprise Reporting Secret Key To use single sign on from Quality Monitoring to Enterprise Reporting, requires identity verification of the requestor. This verification involves a key that encrypts a token which is passed from Quality Monitoring to Enterprise Reporting. To change the key: 1 On the BDR Server, open the ERConfiguration.xml file located at <drive>:\program Files\Witness\QM in Notepad. Quality Monitoring Configuration Guide 28