TANDBERG Compliance Appliance Deployment Manual - page 23
7 Security
19
7 Security
7.1 Redundancy
If you only have one TCA and it becomes unavailable for whatever reason, then any calls made until it
becomes available again will fail. As with any network technology, it is a good idea to have a second
‘redundant’ TCA in case the main one fails.
Whether you have the second TCA sitting unused or run both of them in parallel to share the load is up
to you. The issues of optimal TCA placement will apply to each TCA you add to the network, so it’s
important to define clearly what role each TCA will play and the load requirements it will need to
meet.
Of course, you can have multiple TCAs in a single zone, or multiple zones each with one or more
TCAs. The best configuration depends on the compliance policy and the design of the network. When
installing the TCAs it’s also worth considering the points of failure in the network (such as whether you
are connecting multiple TCAs through the same router or both TCA power connections to the same
power supply).
7.2 What is secure and what isn’t
The TCA records whatever is being streamed from the endpoints. If the media stream is encrypted, the
TCA stores the encrypted stream plus the encryption key. When it transcodes the encrypted media, the
TCA de-crypts it using the key, so all transcoded video is transmitted and stored ‘in the clear’.
TCA transcodes all recordings (whether the original was encrypted or not) onto external
storage ‘in the clear’. If an organization needs a secure link between the TCA and external
storage, you’ll need to ask the network administrator to provide it.
Once the transcoded file is on the external storage, the security of the recording and access to it are the
responsibility of the storage administrator.