Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
867
Views
5
Helpful
3
Replies

Expressway Security Question

tyler-durden
Level 1
Level 1

‎12-28-2019 12:44 PM

How does Expressway validate that it's Cisco Jabber which is trying to register to CUCM and not a hacker pretending to be Jabber? 

Labels:
0 Helpful
3 Replies 3

nanosynth
Level 1
Level 1

‎12-28-2019 09:29 PM

I believe it has to do with all the extensive, meticulous and painful certificate work you have to do before even starting up the jabber.

0 Helpful

tyler-durden
Level 1
Level 1
In response to nanosynth

‎12-30-2019 07:12 AM

My understanding is all the cert work is to make sure that Jabber is connecting to the server it's expected to connect to i.e. client security. I couldn't figure out any mechanism for server security
0 Helpful

nanosynth
Level 1
Level 1
In response to tyler-durden

‎12-30-2019 08:11 AM

Server security regarding what type of suspected breach? I will tell you one thing that is my number 1 biggest problem with this entire Expressway setup regarding someone thinking they can crack into it one way or another. It is with port SIP 5060, if you have it open, and I do because of inbound regular URI calls from the internet that are not registered secure users of the Expressway. It is all these people running SIP scanners like 'Sipvicious' or any other type nuisance scanner that wants to worm its way into port 5060 looking for free phone calls. They just hammer your system. Not one has gone through the Expressway E to the C yet on my system because of the CPL lists I built but it has certainly piqued my interest in IPS devices. Got me an ASA5510 with the SSM-10 module doing deep packet inspection at the SDP level to identify and drop these nuisance packets/people. 

Customers Also Viewed These Support Documents
Top