11-28-2012 11:42 AM - edited 03-16-2019 02:26 PM
My company employes teachers aound the world and there has bee talk about handing out IP Communicator to them. Currently we allow our users to VPN to our Cisco firewall for access to our fileshares and voice servers. We are using Cisco AnyConnect client and clientless depending on weather or not they have managed machines. We have setup an additional VPN profile for an non-managed machine that needs to IP Communicator. This profile only gives acess to the voice VLAN including the two CUCM and two Unity servers. We are running CUCM and Unity Connection 8.6 so all servers are Linux based. What are the risks of exposing these servers to unmanaged (potentially unpatched or virus infected) machines? Is there a best practice for this?
Solved! Go to Solution.
11-28-2012 03:21 PM
Karl,
Linux based CUCM/UCXN/etc are appliances with no access to underlying OS kernel, so catching viruses is impossible. The bigger risk is hacking of the appliance and taking over your voice system, occasionally Cisco announces security vulnerabilities against specific versions of applications via a particular protocol, most often SIP, so there is always that risk. Hence the best practice is to keep in the servers on an internal network which I take it you are doing.
HTH,
Chris
11-28-2012 03:21 PM
Karl,
Linux based CUCM/UCXN/etc are appliances with no access to underlying OS kernel, so catching viruses is impossible. The bigger risk is hacking of the appliance and taking over your voice system, occasionally Cisco announces security vulnerabilities against specific versions of applications via a particular protocol, most often SIP, so there is always that risk. Hence the best practice is to keep in the servers on an internal network which I take it you are doing.
HTH,
Chris
11-29-2012 10:24 AM
Thanks Chris,
Yes we run our VIOP servers behind our firewall. It sounds like there's nothing to worry about.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide