Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
311
Views
0
Helpful
1
Replies

Unity 4.0(5) Audit items

joeharb
Level 5
Level 5

‎01-28-2010 07:01 AM - edited ‎03-19-2019 12:22 AM

We have a customer that has been audited and the following items were found on the Unity Server:

Affected Hosts:
Unity Server IP
Explanation: These hosts are running a MSSQL database server which is accessible from the network.
Depending on the sensitivity of data in the database, it is generally best practice to block traffic to database ports that does not come from required hosts.
Risk Consequence: Not Best Practice
Recommendation: If possible, only allow required hosts to connect to sensitive databases. This includes not allowing machines to connect from the network at all if the database is only used locally.


Vulnerability: LDAP NULL BASE/NULL BIND
Affected Hosts:
Unity Server IP
Explanation: These hosts are running an LDAP server which allows queries with the BASE directory set to NULL. Additionally, anonymous queries are allowed using a NULL BIND. These settings could allow anyone to connect to the LDAP server and easily extract diretory information without any prior knowledge.
Risk Consequence: Information Leakage
Recommendation: Unless they are required, NULL BASE queries and NULL BIND should be disabled on these servers.

The Unity Server is the Domain Controller and it is the only server in the domain.  Is it possible from the server to correct these findings?

Thanks,

Joe

Labels:
0 Helpful
1 Reply 1

Ginger Dillon
VIP Alumni
VIP Alumni

‎02-03-2010 12:21 PM

Hi -

Here is a link to the Unity security guide for your review - http://www.cisco.com/en/US/docs/voice_ip_comm/unity/42/security/guide/ex/usgex4x.pdf

Also, this specific link refers to the TCP/UDP ports required by Unity to function - http://www.cisco.com/en/US/docs/voice_ip_comm/unity/42/security/guide/ex/usg001.html#wp1080978

As you are running a voicemail only configuration, you may not have much user access to the server except for administration, unless you have the Unity Inbox enabled for your users to check voice messages from the web in addition to their phones.  As the guide mentions, if you are running antivirus software and a compatible version of the headless intrusion detection client CSA, you should be OK.  Please review any caveat mentioned in the guide, as blocking ports or altering access to Unity can affect your voicemail operation.

Regards, Ginger

0 Helpful
Customers Also Viewed These Support Documents