Version 6.6 303 October 2014
Installation & Operation Manual 33. Configuring Security Settings
33 Configuring Security Settings
The Mediant 8000 requires IP network connectivity for its normal operation and
therefore is subject to security attacks that may be launched by malicious users. To
ensure secure operation of the Mediant 8000 take the following steps:
Implement security features in the IP network to which the Mediant 8000 is
connected (e.g. by limiting physical access to the network and using firewalls).
Configure and maintain security features on the Mediant 8000 as described in
this chapter.
The Mediant 8000 provides the following security-related features:
Security for OAM (management) interfaces:
• Secure Operation Mode
• Secure access to the SNMP interface (via SNMPv3 and/or SNMPv2+IPSEC)
• Secure access to the CLI interface (via SSH and SFTP/SCP)
• Disabled Remote Root Login
• OS Hardening
• OS Security Patches (on SC boards)
• OS Auditing (on SC boards)
• File Integrity Check
• Firewall (on Media Gateway boards)
Security for Call Control interfaces:
• MGCP/MEGACO over IPSEC/IKE
• SIPS (TLS) with X.509 Certificates
• Firewall (on Media Gateway boards)
Security for Media interfaces:
• SRTP (with either ARIA or AES crypto suites)
• Firewall (on Media Gateway boards)
In addition to the above list, subnet separation (as described in 'Configuring Network
Topology' on page 182) may be used to separate between different types of traffic and
to implement additional security at the network level (by preventing access of
malicious users to specific network segments).
To Next Page
Loading...
Need help?
General
