Add_workflow_for_techpubs | ||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Section | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
This document provides a checklist to help with hardening
Spacevars | ||
---|---|---|
|
The following table provides a checklist for security hardening.
Step | Component(s) | More Information | ||||||||
---|---|---|---|---|---|---|---|---|---|---|
| Firewall and DMZ | |||||||||
2. Address port, protocol, and service needs of all call flows when using the SBC Edge with Microsoft Teams on-premises. Note: This step does not apply to SfB deployments. | Teams | |||||||||
3. Address port, protocol, and service needs of all call flows when running Microsoft Teams and SBC SWe Lite hosted in Azure. | Teams | |||||||||
4. Use the latest versions of
| software updates | |||||||||
5. Configure Access Control Lists to prevent excessive unwanted traffic, such as Denial of Service (DoS) attacks on the
| SBC ACLs | |||||||||
6. Use TLS/SRTP for SIP/Media.
| Protocols | |||||||||
7. Only use Certificates from a trusted Certificate Authority (CA).
| Certificates | |||||||||
8. Enable enhanced password security for SBC operator accounts.
| Accounts and Passwords | |||||||||
9. When configuring Active Directory services on
| Active Directory | |||||||||
10. Check whether RADIUS is used for user authentication and/or for Call Detail Records (CDRs). The RADIUS use applies to select employments where the customers send CDRs for protection, billing, and such.
| RADIUS | |||||||||
11. Check whether RADIUS CDR confidentiality is required.
| CDRs | |||||||||
12. For CCE deployments, configure firewall settings as recommended. | CCE |
| ||||||||
13. If the ASM module is present, configure the ASM Firewall. | ASM | |||||||||
14. If the ASM module is present, configure the ASM security template. | ASM |
Once the system is fully configured,the operator should periodically monitor the system. Many alarms supported by the system are triggered upon security events.
Pagebreak |
---|