The rise of remote work has brought opportunities to hackers. VoIP Supply and 3CX co-host a monthly webinar to help our 3CXresellers stay on top of the latest updates/ This month, we focused on the measures you can take to secure your phone system! Let’s take a quick glance at the eight actions you can take immediately:
Download our 3CX webinar presentation slides to learn more!
Snom also joined us to talk about their D120 and D7XX Series IP Phones and more. Click here to see the slides.
Setting up your SIP authentication is the first step! The default setting requires a random 10 character alphanumeric SIP ID and password; however, you can secure further with more characters (up to 50)
Do you have PIN numbers for your voicemail? One you enable the default setting, you can set up a random 4-digits of numeric PIN and the system gives you 3 failed attempts. If you don’t need voicemail at all, it’s better to disable the function.
You can also make your voicemail more secure by increasing the PIN digit length (up to 10)
Check out more security settings you can change to protect your system here:
Set allowed country codes to specify to which countries your calls are allowed to be made. Follow these steps:
→ Settings → Security → Allowed Country Codes
→ Specifies to which countries calls are allowed to be made
→ Uses International Dialing Code from E164 settings
→ Match after Outbound Rule reformatting
→ Must match exactly to be effective
→ Settings → Security → Secure SIP
→ Certificates pre-configured for 3CX FQDNs
→ Provision telephones in sSIP mode (Manually)
→ Attention: Secure SIP uses TCP port 5061 (Default)
→ Extension → Phone Provisioning → SIP Transport = TLS
→ from and to an active extension
→ Using crypto keys
→ Must be activated on Extension & IP Phone (useless without sSIP)
→ Enable sRTP via the Web UI of Phones
→ RTP Mode = Only Secure
There are more anti-hacking actions you can take:
→ Specify the amount of failed Authentication Attempts
→ Once Exceeded → Blacklisted
○ Default → 25 attempts
You can also secure your system further by reducing the number of attempts allowed (min 3). Just be careful that reducing too much may cause legitimate extensions to be Blacklisted!
→ Specify the amount of Unchallenged 407 Authentication Requests
→ Once Exceeded → Blacklisted
The default gives you 1000 attempts but again, you can alter this number to reduce attempts allowed (min 100).
→ Below Amber = no action
→ Amber Barrier reached = 5 seconds (throttling)
→ Red Barrier reached = Blacklist interval
→ Once IP is Blacklisted by Anti-Hacking Options
→ Remains Blacklisted for the number of seconds specified
The default number is 86400 s (24 hrs). You can increase value upto a maximum of 1,000,000,000 s (~11,574 days or 31.7 years).
Block out unwanted guests by adding their IP address to a blacklist:
→ Dashboard → IP Blacklist
○ When Anti-Hacking criteria are met
→ IPs of ‘perpetrators’ are added
→ Default Global Blacklist Time Interval
You may also manually set up the Blacklist / Whitelist IPs to deny and/or allow certain IPs.
Ready to learn more? Download our Presentation Slides to Learn More Do’s and Don’ts! Visit our 3CX product pages or visit VoIPSupply’s 3CX Page to get more information.
Don’t forget to register for our next 3CX reseller webinar! Click here to register today.
https://youtu.be/N-lzdnATPgk?si=DSbuMOrj16Vm4B1v Your February VoIP News Update is here! up first this month is the brand-new…
https://youtu.be/n5ixmNJo62A?si=iJZ9FBON2586xgpG It's time to unleash mobility with LINKVIL by Fanvil's new multi-cell solution! This webinar…
Before I was in digital marketing, I was a teacher. For 7/12 years I taught…
https://youtu.be/kHJZnDYyQQ8?si=2ZLrtFUrnnidxWoq See the Snom D815 SIP Phone like never before in this exclusive Product Feature…
AudioCodes Session Border Controllers (SBCs) have achieved a significant milestone by obtaining the FIPS 140-3…
https://youtu.be/i7c5v_wGpAY?si=wD9KrJ9gHXfUXjH2 Sit back, relax, and learn everything you need to know about the new Fanvil…