Connection protocols that send data (especially logins and passwords) in plain text, that is, unencrypted or "in the clear," can pose a serious security risk to a VoIP enterprise. Using protocols that send data encrypted, such as SSH and SFTP, avoids exposing critical data on the wire. Partly due to new legislation and stricter auditing requirements, Avaya has implemented more secure protocols in its secure connection design.
By default, Avaya disables TELNET and FTP since they are inherently insecure network services.
Avaya products ensure that authentication credentials and file transfers are protected when sent across the network by using:
* Secure Shell (SSH)
* Secure Copy (SCP) or SFTP
* SNMP with these stipulations:
- SNMPv3 is the preferred version due to its built-in security mechanism.
- SNMPv1 or v2c, while supported, provide only a limited security capability based on community names:
- The community name for SNMPv1 and SNMPv2c is protected when accessing writable MIBs.
- For read-only MIBs SNMPv1 and SNMPv2c community names are unprotected.
SNMP security secrets (for example, community strings) are customer-administrable.
* Other protocols protected using a TLS or IPSEC connection
Need more info? Get it at www.packetbase.com/freeresearch.
Thursday, September 10, 2009
Subscribe to:
Posts (Atom)
