Quest Policy for Unified Communications 8.1

This document provides the latest information about enhancements, supported hardware and software, and outstanding issues for Policy Authority for Unified Communications. All customers are urged to install the latest version (Version 8.1) to take advantage of the latest improvements and to ensure optimal system performance.

New in This Release

Resolved Issues and Enhancements

The following is a list of issues addressed and enhancements implemented in this release of Quest® Policy Authority for Unified Communications.

Feature	Resolved Issue	Defect ID
AIM	AIM v6.x clients were remaining in Real Time Monitor Sessions list after the client logs out.	CR 20486
BlackBerry Log Import	Errors were occurring when parsing some BlackBerry logs.	CR 20618
Data Service	Local Data Service log archives were being purged on the same schedule as the database and stored in static location.	CR 20884
Directory Synchronization	Users with an ' (apostrophe) in their SIP username were not properly identified and not able to send/receive messages. Users that were synchronized from an LDAP Query Group were remaining in the User list after they no longer met the LDAP search criteria.	CR 20585 CR 20833
Enforcer	Added support for blocking MSN Client when connecting of port 80. Added support for blocking “PC-Home” Skype client. Some HTTPS network traffic was falsely identified as FastTrack protocol by the Enforcer. Enforcer: Added support for the latest update to Meebo.com. Removed scenario where HTTPS traffic was intermittently being misidentified as FastTrack protocol. Bloomberg messenger (SSL) was falsely identified as FastTrack protocol by the Enforcer. Removed scenario where Outlook Web Access (HTTPS) traffic was intermittently being misidentified as FastTrack protocol.	CR 20338 CR 20648 CR 20704 CR 20750 CR 20765 CR 20766 CR 20817
IBM Sametime	Multiple policy infractions resulting in blocking offending message and policy notification was causing a Sametime plug-in exception. Policy notifications were not being delivered to Sametime users.	CR 20424 CR 20464
Load Balancer	The load balancer health monitoring was allowing only two connections.	CR 20357
Logging	Customer internal disclaimer is delivered properly but logged and reported as the default internal disclaimer.	CR 20357
Microsoft OCS	When OCS file transfers are disabled by OCS, the failed file transfer attempt was not logged by Policy Authority. When multiple Gateway services connect to a single OCS plug-in, duplicate internal namespace records were entered into the internal namespace list.	CR 20348 CR 20836
Pivot 360 Log Import	Log import was only occurring once instead of reoccurring as configured by the log import schedule.	CR 20321
Policy Engine	Policy to prevent a group from communicating with anyone outside of that group was not properly enforced. Policy criteria did not allow policy to be assigned to a single IP Address (was only able to be assigned to a range of IP addresses). Keyword filtering was not properly applying the * wildcard for pattern matching to Korean Characters. Policies using "with a screenname" criteria and over 1000 screennames were causing an error on the Gateway service Policy assignment for Allow Policies were not properly being applied when set to apply to "All Users".	CR 20322 CR 20674 CR 20723 CR 20764 CR 20848
Reporter	Scheduled reports were not occurring at scheduled time when Database is under heavy load.	CR 20834
SNMP	SNMP trap 'snmpTrapOID' value was set to '1.3' instead of the correct '1.3.6.1.4.1.8072'.	CR 20768
Self Registration	Self Registration page was being presented to users who had already self registered.	CR 20544
Web UI	Web UI was displaying an error when clicking on the Screen Name node. Disabling a policy that contains the 'With a screenname' criteria and over 1000 screennames was causing a Gateway exception.	CR 20767 CR 20831
Yahoo!	Yahoo! group messages were not delivered to the sender of the message. Yahoo! v8.1 file transfers were failing to complete. Custom external disclaimers were not being sent to yahoo users when external users initiate the conversation.	CR20339 CR 20474 CR 20816

Known Issues

The following is a list of issues known to exist at the time of Quest® Policy Authority for Unified Communications 8.1 release.

Feature	Known Issue
Installation	The Database name is limited to non-hyphenated names. For example, “yourcompany” is a valid name but “yourcompany-boston” is not a valid name. Logging directory unavailable for Parlano. If you attempt to add a Parlano Service during installation, and browse for the folder where logs should be stored, there is no folder tree and the button "Make New Folder" does not function. Earlier versions of Policy Authority for UC may install over more current versions. Since it is possible to install an earlier version of Policy Authority for UC on a computer that is running a later version, it is highly recommended to run the latest version possible. Installation and upgrades of the Gateway and Enforcer require restart. You may receive the following errors if you do not restart the Gateway and Enforcer services, “Fatal error initializing Sophos AV Engine. Error: -1” (Gateway) "Error 1 starting Enforcer" (Enforcer) Restart the Gateway and Enforcer services after upgrades to avoid these errors. *Workaround:* To restart these services, use Windows Control Panel or Appliance Manager > Installed Packages > Start. Upgrade installation fails if Policy Authority for UC server is shut down during installation. Be sure to allow the entire upgrade installation to complete before shutting down your server; if you shut down your server before the installation is complete, installation fails. Additionally, if the installer requests a reboot, this is required to complete the upgrade.
Antivirus Options	Updating a License to Change Antivirus Options Requires Restart If you import a new license that changes the antivirus option, you will need to manually restart the Gateway Service in order for the change to take effect. For example, if you have a license that does not include antivirus, and then you import a license that does include antivirus; the antivirus functionality will not work until Gateway Service is restarted. Workaround: To restart the service, use Windows Control Panel or Appliance Manager > Installed Packages > Start. Sophos AV Datastore Fails when set to “Scan only the selected extension” Although the 'Scan all files' AV option is working correctly, logging does not occur in the datastore for the above option.
Detecting Tampered Messages in Database	Deleted messages are not detected in this release. This feature is restricted to Microsoft SQL Server databases and Oracle databases and is not supported on PostgreSQL databases.
Directory Field Mapping Attribute	You cannot use the same Directory Field Mapping attribute for two or more types of IM screen names. Only a single directory attribute can be mapped to a single IM Service ID.
Disclaimers and Policy Blocking Notifications	OCS 2007 R2 clients connected to OCS 2007 environments may not receive Administrative Disclaimers and Policy Blocking Notifications if sent in rapid succession.
File Transfer Archiving	Either Data Destination configured to archive file attachments or file attachment archiving to a web server may be used at any one time. Both methods may not be used simultaneously.
Log Import	The log import time can be incorrectly displayed for Pivot 360 and Blackberry Enterprise Server in the Gateway > Service Configuration > Log Import page if the time set by the administrator is between 12:01 am and 12:59 am. The time is incorrectly displayed as 1 hour later than it was configured, however, it will actually occur at the time specified by the administrator.
Message to Unidentified, Disallowed Users	If an unidentified user logs in to an IM client when the Identity Service is set to not allow unidentified users, the following message appears: "Cannot authenticate your client, there are no known users logged into the system you are using" This message occurs because the user is not part of the synchronized domain and is sent if Policy Authority for UC cannot detect any users logged in. It may also be sent if there is an error contacting the client machine for identification. This issue can be diagnosed by turning on tracing in the Identity server.
Microsoft Office Communications Server (OCS/LCS) Module	If the LCS 2005 service is restarted, the Policy Authority for UC - OCS Management Service will not automatically reconnect to LCS. *Workaround:* Restart the Policy Authority for UC - OCS Management Service.
Multi-Party Chat Room	In a public IM multi-party room with at least one external user, policy alerts are not delivered inline; they are delivered in a separate chat window.
OCS 2007 R1 & R2	Office Communications Server 2007 and Office Communications Server 2007 R2 external users (connected through a OCS Access Proxy / Edge Server) are unable to send/receive file transfers with users both inside the network and outside the network.
SPIM and Malware Policies	To modify a SPIM and Malware policy, you must modify the original policy. Caution: Do not delete the default SPIM and Malware policies in the Policy Authority for UC. If you delete them, they will be restored when the Product Updates are routinely installed. Instead of deleting one of those policies, edit or disable the policy as needed.
SPIM and Malware Policies	*To remove a word or file from the SPIM and Malware policies:* You must modify the original policy as follows: In the console tree, expand the Gateway Service. Expand the Communication Management folder. Select User Policies. In the details pane, locate the policy you wish to modify and click Edit. Click Next until the Policy filters and rules pane appears. Check the box for "That contain specific keywords, phrases or templates". Click the link for select keywords, phrases or templates, and enter in the text you want to allow. Check NEGATE RULE, and then click Add keyword. An example of a policy allowing the keywords "my personal home page" is shown below. Block all events sent or received by managed users if they do not contain my personal home page and contain SPIM or Malware Text Messages.
Third Party Archiving	When a Third Party Data destination is configured in the Data Service with message formatting enabled along with another Third Party Data destination with formatting disabled, file attachments will not be delivered to the destination with formatting enabled.
WinMX 3.54 Beta	The Enforcer cannot log or block this type of P2P packet, including Gnutella and FastTrack.

Third Party Known Issues

The following is a list of third party issues known to exist at the time of Quest® Policy Authority for Unified Communications release.

Upgrade and Compatibility

The Policy Authority for UC Version 8.1 upgrade is highly recommended to ensure optimum performance. For instructions in installing Policy Authority for UC products, please refer to the online help or the Getting Started Guide.

Note: To upgrade existing databases, allow 3 minutes per gigabyte of data in the database.

Checking Your Upgrade Path

To ensure an easy upgrade, select the upgrade path to best fit your Policy Authority for UC products from the “Upgrade Sequence” (page 4) section of these release notes.

Upgrading on Windows Servers

If you are upgrading Policy Authority for UC components on Windows servers, be sure to upgrade according to Table 1 on page 4. In several cases, multiple installation files with incremental versions are required to ensure a smooth upgrade and to maintain database integrity.

Caution: You must upgrade ALL components to the same software version # (i.e. 8.xx.xx).

Components include all Enterprise IM plug-ins (Jabber, Microsoft Office Communications Server, and IBM Sametime), as well as all installed appliance components and components installed on Windows servers and database servers. If you upgrade only some components and not others, the Policy Authority for UC system will not work correctly.

Upgrading on Policy Authority for UC A-Series IM Appliances

Caution: You must upgrade to version 7.0 prior to upgrading to version 8.0. Use the Appliance Manager on the Management Console to perform the upgrade with ease.

You must upgrade ALL components to the same software version # (i.e. 8.xx.xx). Components include all Enterprise IM plug-ins (Jabber XMPP, Microsoft Office Communications Server, and IBM Sametime), as well as all installed appliance components and components installed on Windows servers and database servers. If you upgrade only some components and not others, the Policy Authority for UC system will not work correctly.

System Requirements

Before installing Quest® Policy Authority for Unified Communications, ensure your system meets the following minimum hardware and software requirements:

Global Operations

This section contains information about installing and operating this product in non-English configurations, such as those needed by customers outside of North America. This section does not replace the materials about supported platforms and configurations found elsewhere in the product documentation.

This release supports any single-byte or multi-byte character set. It supports simultaneous operation with multilingual data. This release is targeted to support operations in the following regions: North America, Western Europe and Latin America, Central and Eastern Europe, Far-East Asia, Japan.

This release has the following known capabilities or limitations:
19739 - Double-Byte characters in IM conversations fail to be logged to an Oracle Database (problem does not exist with SQL databases).

Getting Started

Contents of the Release Package

Installation Instructions

Refer to the Policy Authority for UC help or the Getting Started Guide for installation instructions.

Locating Documentation

To Access Help

To obtain the latest documentation

For More Information

This document contains proprietary information protected by copyright. The software described in this document is furnished under a software license or nondisclosure agreement. This software may be used or copied only in accordance with the terms of the applicable agreement. No part of this guide may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying and recording for any purpose other than the purchaser’s personal use without the written permission of Quest Software, Inc.

If you have any questions regarding your potential use of this material, contact:

Trademarks

Quest, Quest Software, the Quest Software logo, Aelita, Akonix, Akonix L7 Enterprise, Akonix L7 Enforcer, AppAssure, Benchmark Factory, Big Brother, DataFactory, DeployDirector, ERDisk, Foglight, Funnel Web, I/Watch, Imceda, InLook, IntelliProfile, InTrust, IT Dad, I/Watch, JClass, Jint, JProbe, LeccoTech, LiteSpeed, LiveReorg, NBSpool, NetBase, Npulse, PerformaSure, PL/Vision, Quest Central, RAPS, SharePlex, Sitraka, SmartAlarm, Spotlight, SQL LiteSpeed, SQL Navigator, SQL Watch, SQLab, Stat, Stat!, StealthCollect, Tag and Follow, Toad, T.O.A.D., Toad World, Vintela, Virtual DBA, Xaffire, and XRT are trademarks and registered trademarks of Quest Software, Inc in the United States of America and other countries. Other trademarks and registered trademarks used in this guide are property of their respective owners.

Disclaimer

The information in this document is provided in connection with Quest products. No license, express or implied, by estoppel or otherwise, to any intellectual property right is granted by this document or in connection with the sale of Quest products. EXCEPT AS SET FORTH IN QUEST'S TERMS AND CONDITIONS AS SPECIFIED IN THE LICENSE AGREEMENT FOR THIS PRODUCT, QUEST ASSUMES NO LIABILITY WHATSOEVER AND DISCLAIMS ANY EXPRESS, IMPLIED OR STATUTORY WARRANTY RELATING TO ITS PRODUCTS INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT. IN NO EVENT SHALL QUEST BE LIABLE FOR ANY DIRECT, INDIRECT, CONSEQUENTIAL, PUNITIVE, SPECIAL OR INCIDENTAL DAMAGES (INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF PROFITS, BUSINESS INTERRUPTION OR LOSS OF INFORMATION) ARISING OUT OF THE USE OR INABILITY TO USE THIS DOCUMENT, EVEN IF QUEST HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. Quest makes no representations or warranties with respect to the accuracy or completeness of the contents of this document and reserves the right to make changes to specifications and product descriptions at any time without notice. Quest does not make any commitment to update the information contained in this document.

Feature	Known Issue
AOL	Apple iChat is supported in DNS-mode only.
BlackBerry Enterprise Server v4.x Log Import Warnings/Errors	The following known issues may be present in some situations: Invalid phone call log entry (warning) This warning occurs when a BlackBerry Enterprise Server call record is encountered that is invalid for the following reasons: Phone Number field is null (empty) Start date field is 1970/01/01 00:00:00 Elapsed time field is 0 There was an error processing the log file dated (error) This message indicates that an error was detected when processing a BlackBerry Enterprise Server log file. This message will include the number of total records in the log file and the number of invalid log entries. One common cause of this issue is referred to in the above Invalid phone call log entry warning and is a known issue with the BlackBerry Enterprise Server v4.x.
Bloomberg	If you need to restart the service, first Stop the Bloomberg Logging Service, wait 10 seconds, and then Start the service. Do not use Restart (in Windows Control Panel) to restart the Bloomberg Logging Service.
IBM Lotus Sametime	The following are known limitations when integrating with IBM Lotus Sametime: IM Account Logout Delay does not function properly for IBM Lotus Sametime clients. Users that have been blocked are able to log in to the Sametime client; however, all communications / messages will be blocked from sending. Policy Authority for UC — IBM Sametime Service installation error messages. The following messages, "error open Sametime configuration file" (STConfig.nsf) and "Sametime installation failed" ...indicate an installation problem: the Sametime service is locking the stconfig.nsf file while the installer tries to modify it. This problem is likely to occur when the Domino/Sametime server is configured to auto start when Windows is restarted, and a restart is required during the installation. If you receive the aforementioned errors, perform the following steps to enable the Policy Authority for UC — IBM Sametime Service installation to work correctly: Click on OK to dismiss the error message dialogs. If needed, click until you exit the installation program. Stop the Domino/Sametime server. Run the LogForSTConfig.exe file (located on \Lotus\Domino subdirectory). Enter the password for the Domino administrator. Restart the Domino/Sametime server. Policy Authority for UC — IBM Sametime Service blocks all IM if Policy Authority for UC logging service fails. The Sametime plug-in has a value set of "Strict" which causes Sametime to block all IM if the Policy Authority for UC logging service is not running. The "Strict" value is implemented to meet a compliance requirement in many companies to have active IM logging at all times. Policy Authority for UC — IBM Sametime Service File Transfer Management. Sametime clients do not support virus scanning engines used by Policy Authority for UC (Sophos or Symantec). If a file is sent by a Sametime client that is routed through the Policy Authority for UC Gateway Service, that file is not scanned for viruses. Therefore, if a user with the Sametime client sends a file containing a virus, that file is not scanned by the Policy Authority for UC Gateway Service and will be delivered. To avoid the possibility of a virus infection, we recommend that you create a policy that does not allow file transfers for Sametime clients. Policy Authority for UC — IBM Sametime Service Multiparty Chat Support. The Sametime Instant Messaging Server terminates multiparty chat if a message is blocked, and the conversation window will be disabled. Policy Authority for UC — IBM Sametime Service Login Management. The IM Account Logout Delay does not work for Sametime clients. Users who have been blocked are able to immediately log in to the Sametime client. For Upgrades Only: Sametime Live Voice or Sametime Live Video Conferences are not blocked by the Policy Authority for UC Default IM Application policy. These applications can be managed through the Policy Authority for UC by either modifying the Default IM Application policy or by creating a new policy that applies an action to either of these IM features / applications." Multiparty Chat Sessions in IBM Lotus Sametime End When A User Violates an Individual User Policy. When a policy is set to block all events for individual users in IBM Lotus Sametime, and a user in a multiparty chat session violates that policy, the session is abruptly destroyed and a dialog box presents the following message: "Chat services not available."
ICQ	The following known issues may present in some situations: Management and blocking of special IM applications in ICQ (such as Web-based games or greeting cards) are not supported. Normal instant messaging communications are supported. Multiparty chat is not supported for ICQ v6.0.
Jabber	Jabber XCP server versions 4.2, 5.0, and 5.1 are supported on the A-series appliances only (not on Policy Authority for UC Windows servers). Sometimes empty screen names are created if a Jabber user sends a message in a chat room after restarting the Jabber plug-in.
Microsoft Office Communications Server (OCS/LCS) Integration	The following are known issues when integrating with Microsoft Office Communications Servers (OCS) and/or Live Communications Servers (LCS): When requiring authenticated user identity for access to instant messaging, you must synchronize the Gateway with the domain on which the Office Communications Server users reside to block unidentified users. If you do not synchronize the domain, users will be able to send messages, even if they are not allowed to do so. To synchronize a domain, in Policy Authority for UC, expand Gateway Service > User Management > Directory Synchronization. If you make any changes to the Remote Server or Remote Client configurations of the Microsoft Office Communications Service in Policy Authority for UC, you will need to restart the OCS Service on the Office Communications Server before the changes will take effect. In block mode when a user is blocked, they are able to see users in their contact lists. Blocked users cannot send instant messages to any users. If a blocked user attempts to send an IM to one of the users in the buddy list, he or she will receive the "your communications have been blocked" message. Office Communications Server allows clients to log in from more than one machine simultaneously. Although Policy Authority for UC handles this simultaneous login, notification and disclaimer messages are always sent to the most recently logged in client. Files sent by an LCS 2005 client integrated with the Gateway are blocked by default. LCS 2005 file transfers are encrypted, which prevents the Gateway from file scanning. To allow file transfer please contact Customer Support for instructions. Multiparty chat sessions between LCS 2005 and Windows Messenger clients can cause the Windows Messenger session to be terminated by the LCS. The Windows Messenger user is disconnected when they attempt to send a message to the multiparty chat session. Real-Time monitoring in the Gateway does not display all users’ sessions. If users are logged into OCS before the Policy Authority for UC-OCS Management Service has started, those users will not appear in the Real-Time monitor - sessions interface until they perform an action such as send/receive a message, file transfer, VoIP, Video or Live Meeting. Office Communications Server 2007 and Office Communications Server 2007 R2 will refresh the clients sessions approximately every two hours which will cause a new internal disclaimer to occur when the client has not logged out. Office Communications Server Client Version may not show up for some users. Signing a user out and then back in will refresh the Client Version in the reports. Office Communications Server external User IP addresses may display a default of 255.255.255.255 within User Conversations reports and 3rd party archive emails for an external OCS user.
Microsoft Office Communications Server 2007 R2 Group Chat	The following known issues may present in some situations: If a user's logs of the OCS Group Chat client during an interval where there were no messages posted to channel during the entire log interval (configured in the Group Chat Compliance Server > Compliance Adapter settings), the user's logout event will not be provided by the Group Chat Compliance Server. This may result in users appearing to receive channel messages in Policy Authority for UC reports that they may not have actually received. This behavior is a Microsoft Known Issue and is scheduled for a future patch release. Stories posted to a Group Chat Channel that are greater than 8000 characters are not logged to the Policy Authority Database when using MSDE or SQL 2000. This issue does not occur when using SQL 2005.
MSN Messenger V7.0, V8.x and Windows Live Messenger 2009	MSN Messenger versions 7.0 and later "Nudge" tool is not blocked by the Policy Authority for UC. Since there is no communication (text, pictures or voice) that can accompany the "Nudge", Policy Authority for UC cannot block it.
MSN Messenger V8.x and Windows Live Messenger 2009	When the Policy Authority for UC IM sentry is enabled, it does not appear in the buddy list of Policy Authority for UC-managed MSN. v8.x clients. The new “Call Computer” feature in MSN 8.0 and Windows Live Messenger 2009 is not currently supported; when activated on the client, users will be prompted to upgrade to a higher version. Workaround: deactivate this feature in the client. Third Party Archive Email Feature for Live Messenger 2009for Policy Authority for UC - managed MSN Messenger v8.x & Live Messenger 2009 clients. Live Messenger 2009 conversations emails display wrong text color when archived to third-party email archiving systems. Live Messenger 2009 conversations where several files are transferred the email contain only one attachment (not all attachments sent) when archived to third-party email archiving systems. Third-party archive emails in some conditions display Live Messenger clients as 'Yahoo' when sending messages to Offline user. Handwritten messages display as 'Inks' instead of ‘Handwriting’ in Reports and Compliance Manager. Third-party archive emails display 'Inks' as 'Handwriting'. User is able to login as internal and external user simultaneously from different machines with same MSN messenger account. MSN Messenger client v8.x File Transfers and P2P applications are not blocked by policy or logged. The MSN Messenger client v8.x is known to establish peer-to-peer connections and perform file transfers, VoIP, Video, etc. over the peer-to-peer connection thereby bypassing blocking and logging policies of the Policy Authority for UC - Gateway Service. This scenario can be addressed by blocking all peer-to-peer connections for the MSN Live Messenger. To block these connections, follow the steps below: Open a web browser and connect to http://Akonix_WebGUI_Hostname:8080/QueryAnalyzer/ Set Database Host = Akonix Gateway Server IP address or hostname Set Database Username = Akonix Gateway Admin user (default = admin) Set Database Password = Akonix Gateway Admin user password Set Service Type = Akonix L7 Gateway Click CONNECT button Click CLEAR TEXT button Enter the following text in the Query window: delete from systemsetting where name = 'Block MSN 8.1 P2P' insert into systemsetting (name, value) values ('Block MSN 8.1 P2P', 1); delete from systemsetting where name = 'Block 8.1 P2P Admin Message'; insert into systemsetting (name, value) values ('Block 8.1 P2P Admin Message', 'MSN Live Messenger File Transfers and P2P applications are blocked'); Click RUN QUERY Restart the Gateway Service
MSN Messenger V8.x and Windows Live Messenger 2009
Windows Live Messenger 2009	File transfers are not managed by Gateway. Windows Live Messenger 2009 is known to establish peer-to-peer connections and perform file transfers over the peer-to-peer connection thereby bypassing blocking and logging policies of the Policy Authority for UC - Gateway Service. File Transfer are blocked by Default IM Application policy if managed user associated with any group. P2P applications are not managed by Gateway. MSN Live Messenger 2009 client are known to establish peer-to-peer connections and perform VoIP, Video, etc. over the peer-to-peer connection thereby bypassing blocking and logging policies of the Policy Authority for UC - Gateway Service. With the workaround steps applied, see known issue titled "MSN Messenger client v8.x File Transfers and P2P applications are not blocked by policy or logged" for details, a few the P2P applications are not blocked between external and internal users. Group Chat Feature of MSN 2009 is not supported by Gateway. By Default the MSN Group chat feature is blocked by Default IM application policy, If policy has been disabled then Group chat feature works but might malfunction External user involved in Group chat does not receive the external disclaimer. Duplicate messages are observed in reporter module for Group chat, if Group chat feature is allowed by disabling Group feature option within Default IM application policy. Personal IM Archives application does not display messages sent and received by Windows Live Messenger 2009 clients. Users are able to login as internal and external Liven Messenger user simultaneously from different machines with same Live Messenger account.
Reuters	Policy Authority for UC logs all HTML and XML coding with message text in the database. However, Legato archiving xml style sheet strips the coding. Extended ASCII characters do not get logged/stored correctly in the database.
Yahoo!	The following known issues may present in some situations: Yahoo! 9.0 or later requires the use of port 80, running any application on the gateway binding to this port will prevent the Gateway from accepting Yahoo! 9.0 or later connections. Not applicable to appliance users. Yahoo! Messenger with Voice (PC-to-PC calls) is not supported at this time. Yahoo! Secondary Screen Names: Policy Authority for UC does not handle Yahoo! secondary screen names. Policy Authority for UC does not respond properly or monitor in real-time those Yahoo! users with secondary screen names. The system only recognizes the user ID with which the user logged into the IM client, and multiple aliases will be treated as unique IDs. A user’s secondary ID cannot be mapped to the primary ID listed on the directory. For example, if a Yahoo! user signs in with a primary screen name, and a buddy sends a message to that user's secondary screen name, the user with the secondary screen name will receive an external disclaimer. In addition, the real-time monitor does not display the user as being logged in using the primary screen name, only the secondary. Disclaimers and Policy Notifications: The Administrative Screen Name used to send internal disclaimers and notifications must be in English characters only. Yahoo! File Transfer: In some cases, files over 5MB may be corrupted during file transfer. Yahoo! 9 and Yahoo! 8 file transfers fail intermittently. Note: Personal IM Archives must use port 80 and conflicts with Yahoo! File Transfer usage and Yahoo! 9 clients. To use Personal IM Archives, install Personal IM Archives on a separate computer which hosts IIS.

7.0 - 8.0	—>8.1
	PolicyAuthorityUC_v8.1.exe
6.0.2 - 6.2.1	—>7.x—>8.x
	1. AkonixL7_7.0.0.07.exe 2. PolicyAuthority8.x.x.xx.exe

5.2 - 5.3	—>6.0 —>6.1—>7.x—>8.x
	1. AkonixL7_6.0.0.51.exe 2. AkonixL7_6.1.44.exe 3. AkonixL7_7.0.0.07.exe 4. PolicyAuthority8.x.x.xx.exe
4.2, 4.3, 5.1.x	—>5.2 —> 6.0—>6.1 —>7.x—>8.x
	1. AkonixL7_5.2.0.21.exe 2. AkonixL7_6.0.0.51.exe 3. AkonixL7_6.1.44.exe 4. AkonixL7_7.0.0.07.exe 5. PolicyAuthority8.x.x.xx.exe

Hardware	Intel® Pentium® 4 processor (2.0 GHz minimum) 2 GB RAM or greater; 20 GB or more of free hard disk space.
Supported Operating Systems	Policy Authority for UC Core Components Windows 2003 Server - 32 bit Policy Authority for UC - OCS Management Service Windows 2003 Server - 32 bit Windows 2003 Server - 64 bit Windows 2008 Server - 64 bit Policy Authority for UC - Group Chat Compliance Service Windows 2003 Server - 64 bit Windows 2008 Server - 64 bit Policy Authority for UC - BlackBerry Management Service Windows 2003 Server - 32 bit Windows 2003 Server - 64 bit Windows 2008 Server - 64 bit
Supported User Directory Services	Microsoft Windows Active Directory Services (AD) 2000 and later Planet/Sun ONE Directory Server 4.2 and 5.1 Novell eDirectory 7.0, 8.7 IBM Lotus Domino Directory 3.0, 6.5, 7.0, 7.0.1, 7.0.3, 8.0.1 Open LDAP Directory
Web Services Required for Specific Components	The Personal IM Archives (PIMA) component requires Microsoft Internet Information Services (IIS) Manager 5.0 or later; it also requires Active Directory user authentication. To use Policy Authority for UC with IIS on a Windows Server 2003 system, you must change the setting to allow Active Server Pages.
Supported Database and Firewall Servers	Supported Database Servers Microsoft SQL Server 2000 SP 3a - SQL Latin 1 General CP1 CI AS Code Page Microsoft SQL Server 2005 SP1 - SQL Latin 1 General CP1 CI AS Code Page Oracle Database — Standard Edition, Standard Edition One, and Enterprise Edition: Oracle Database 10g Release 2 for Linux x86 Oracle Database 10g Release 2 for Microsoft Windows PostgreSQL 8.1.2 Database (on A-Series appliances) Supported Firewall Servers ISA Firewall Servers 2004
Supported Identity Methods	On A - Series appliances: Active Directory, Login Script, Novell Identification, NetBIOS, Self-Registration, Field Name Mapping with LDAP Attributes On Windows servers: Active Directory, Login Script, Novell Identification, NetBIOS, WMI, Self-Registration, Field Name Mapping with LDAP Attributes Note: Citrix platforms —If you use a Citrix platform and IM users log into IM networks using Citrix Thin-Clients, the only supported Identity method that will work is the user self-registration method (which can also use the self-registration LDAP attribute in the Field Mapping table).
Supported IM Systems and Clients	Policy Authority for UC provides support only for production-level networks and clients listed below. Supported Integrations with Enterprise IM Networks and Managed IM Clients AIM AOL Instant Messenger (SM) version 4.7 MAC AOL Instant Messenger (SM), version 4.8 AOL Instant Messenger, version 5.9, 6.5, 6.8, 6.9 Apple iChat (all versions, DNS mode only) IBM Lotus Sametime IBM Lotus Sametime Instant Messenger, versions 6.5, 7.0, 7.5.1, 8.0.1 IBM Lotus Instant Messaging (Sametime) Servers 3.0, 6.5, 7.0, 7.5, 7.5.1, 8.0.1 ICQ ICQ Instant Messenger 6.0, 6.5 Google Talk Google Talk client Jabber EIM Jabber Messenger versions 2.7, 3.1, and 3.2 Jabber XCP server 4.2, 4.2 SP1, 5.0, 5.1, 5.2 (appliance support only) MSN Microsoft Windows Live Messenger 2009 (DNS mode only) - Support Added August 2009 MSN Live Messenger, version 8.5 (DNS mode only) MSN Messenger, version 7.5 (DNS mode only) Windows Live Messenger versions 8.0 and 8.1 (DNS mode only) Windows Messenger, versions 4.7, 5.0, 5.1 Microsoft Office Communications Server (OCS/LCS) Office Communicator 2005 Office Communicator 2007 Office Communicator 2007 Release 2 Live Communications Server 2005 SP1 Office Communications Server 2007 Office Communications Server 2007 Release 2 Yahoo Yahoo! Messenger for Mac OS (Carbon), version 2.5.3 build 1062 Yahoo! Messenger, versions 7.5, 8.0, 8.1, 9.0, 9.1 Others (Supported IM Partners: Log and Report only) Blackberry (PIN-PIN and SMS) Bloomberg (latest version) Communicator Inc. (latest version) OCS - Group Chat Parlano (latest version) Pivot 360 Reuters 5.0 Enforcer: IM Protocols The following IM protocols are supported by the Enforcer. AIM v6.x Google Talk IBM Lotus Sametime ICQ IRC Jabber XMPP Protocols: Exodus, GAIM, Trillian Pro, Gush, Psi, Gabber, Gossip, Kopete, Tkabber Meebo MSN MySpace Yahoo! Enforcer: Peer-to-Peer Protocols The following P2P protocols are supported by the Enforcer. BitTorrent Network: BitTorrent, Shareaza, Personal Torrent Collector, BitTornado, Bee Tee Plus Plus, Azureus, Effusion FastTrack Network: Grokster, Kazaa & KazaaLite, iMesh Gnutella (G1) Network: BearShare, Gnucleus, LimeWire, Morpheous, NeoNapster, Phex, Shareaza, Swapper, XoloX Skype Open Napster (Neonetwork) Network: NeoNapster, WinMX eDonkey Network: eDonkey2000, eMule

Support	Hours of Operation Local Time	Languages Supported	Phone Number
North America	5:00am - 5:00pm PST Monday to Friday	English	+1 800 306 9329 or +1 949 754 8000
EMEA - Europe, Middle East, Africa	8:00am - 5:00pm GMT/BST Monday to Friday	English, French Italian, German, Spanish, Russian	UK: +44 (0) 1628 518007 UK: 0800 834 967 Austria: 0800 201 902 France: 0800 778 278 Germany: 0800 800 78378 Italy: 800 124 877 Spain: 900 80 23 01 Switzerland: 0800 800 258
Asia Pacific- Singapore	6:00am - 5:00pm Monday to Friday	English, Mandarin, Cantonese, Malay	+1 800 720 5555 or +65 6720 2566
Asia Pacific- Australia	8:00am - 7:00pm Australia EST Monday to Friday	English, Mandarin, Cantonese, Malay	+1 800 999 997
Asia Pacific- New Zealand	8:00am - 7:00pm Australia EST Monday to Friday	English, Mandarin, Cantonese, Malay	0800 931 916
Asia Pacific- Hong Kong	6:00am - 5:00pm GMT +8 Monday to Friday	English, Cantonese	+1 800 933 731
Asia Pacific- China - North	6:00am - 5:00pm GMT +8 Monday to Friday	English, Mandarin	10800 852 1465
Asia Pacific- China - South	6:00am - 5:00pm GMT +8 Monday to Friday	English, Mandarin	10800 152 1465
Asia Pacific- Taiwan	6:00am - 5:00pm GMT +8 Monday to Friday	English, Mandarin	0800 0165 1916
Asia Pacific- Thailand	6:00am - 5:00pm GMT +8 Monday to Friday	English	0018 0065 6850
Asia Pacific- South Korea	7:00am - 6:00pm GMT +8 Monday to Friday	English, Korean	0079 8651 7354
Asia Pacific- Japan	9:00am - 5:00pm GMT +9 Monday to Friday	English, Japanese	+81 3 5771 8646
Asia Pacific- India	6:00am - 5:00pm GMT +8 Monday to Friday	English	000 127 3117 when prompted to enter World Service Code

Contents

Welcome to Quest® Policy Authority for Unified Communications