Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
501
Views
0
Helpful
0
Replies

Security vs E1 vs ISR4331 vs SIP vs CUCM

JulienCAROFF87492
Level 1
Level 1

‎03-27-2020 10:51 AM

HI Cisco community,

 

How u doing ?

Hope u all good health.

 

I take advantage of this extra time to anticipate on-site possible issues/questions, and to ask you a few questions I have from myself or from customer:

 

  • Indeed I have concerns about security and protection of telephony access of my project, and especially risks of intrusion in IP network itself, and even in VoIP from SIP point of view

Let me remind you my whole setup(see basic picture attached):

 

 

 

        So I have 3 main “external networks” kinds of interface:

 

  • SIP/trunk SIP: there could be an issue, a risk of intrusion, but I can connect it to ASA firewall which, after opening correct ports(for signaling 5060=5070 + RTP 16k=32k), would solve the problem             YES/NO?

 

 

  • FXO trunk: I do not see any risk of attack here                                  YES/NO?

 

 

  • E1. And here is my main problem. I remind you my CUCM is SIP-connected(with SIP trunk) to ISR4331, which has itself E1 sub-interfaces. SO I feel the risk is likely to happen here, with the interface SIP/E1               YES/NO?

I’ve heard about SBC function embedded in this ISR4331 that could fulfill this feature. Or enable some kind of SIP filtering, that looks like  some IP firewalling.                                                                                                                             YES/NO?

 

    • By the way, on my ISR4331, below are the licensing bits. What does all following wording mean?
      • the SBC 30 canaux (channels) mean?                                                                                                                
      • CUBE10 mean?                                                                                                                                                                                    
      • FL-CUBEE-25     Licence 25 connections = 25 SIP trunks to private network/PBX or PSTN???           YES/NO? + ANSWER?

 

Routeur 100MB CISCO ISR4331 16E1 - VoIP 512 canaux - SBC 30 canaux

Besoin:

                                                                              Routeur 1RU 3 ports

                                                                              Téléphonie: CME, 512 canaux, SBC 30 canaux    

                                                                               16 ports E1/T1

                                                                               IOS FIPS: IOS-XE 16.6

 

Références fabricant:

                                                                                ISR4331-V/K9                   Routeur Cisco ISR 4331 UC Bundle, PVDM4-32, UC License, CUBEE10       

CON-PSRT-ISR4331V     Fees de 12 mois associée a l'ESR4331 pour support logiciel

MEM-4300-4GU8G            Upgrade de la DRAM pour avoir 8Go

                                                                              MEM-FLSH-4U8G               Upgrade de la flash pour avoir 8Go

                                                                             PWR-4330-AC               Alimentation standard non PoE, inclus dans le coût

                                                                             CAB-ACE                         Cordon alimenation Europe C13 CEE7, inclus dans le coût

                                                                             SM-S-BLANK                 Cache, inclus dans le coût

                                                                             SISR4300UK9-166         IOS XE 16.6, inclus dans le coût

                                                                             SL-4330-IPB-K9             Licence IP base, inclus dans le coût

                                                                             SL-4330-UC-K9              Licence UC, inclus dans le coût+A37

                                                                              FL-CUBEE-25                      Licence 25 connexions opérateur ou PABX (SBC)

                                                                              NIM-8MFT-T1/E1            1ére  Carte 8 ports E1

                                                                              NIM-8MFT-T1/E1            2sd Carte 8 ports E1

                                                                             PVDM4-32                     DSP tel, 32 canaux voix, inclus dans le coût

                                                                              PVDM4-256                       DSP tel,  256 canaux voix pour carte 1

                                                                              PVDM4-256                       DSP tel,  256 canaux voix pour carte 2

 

 

Thank you for your reply

 

Regards

 

Julien

0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents