OVERVIEW
This document presents a summary of security measures, factors, and configurations that users are
recommended to consider when configuring and deploying the GXV3370.
Note: We recommend using the latest firmware for latest security patches.
The following sections are covered in this document:
• Web UI/SSH Access
Web UI access is protected by username/password and login timeout. Two-level user management is
configurable. SSH access is supported for mainly troubleshooting purpose and it’s recommended to disable
it in normal usage.
• Device Control Security
The GXV3370 has multiple ways to limit the use for network settings, apps, and other settings if not
necessary for the end user.
• Security for SIP Accounts and Calls
The SIP accounts use specific port for signaling and media stream transmission. It also offers configurable
options to block anonymous calls and unsolicited calls.
• Network Security
The GXV3370 supports OpenVPN, 802.1X, Bluetooth and PC port for network access. OpenVPN secures
remote connection and 802.1X provides network access control. For Bluetooth and PC port, it’s
recommended to turn them off if not used.
• Security for GXV3370 Services
GXV3370 supports service such as HTTP/HTTPS/TFTP provisioning, TR-069, LDAP, as well as allows
ADB and FTP access. For provisioning, we recommend using HTTPS with username/password and using
password-protected XML file. For services such as ADB and FTP, we recommend disabling them if not
used to avoid potential port exposure.
• Deployment Guidelines for GXV3370
This section introduces protocols and ports used on GXV3370 and recommendations for routers/firewall
settings.
This document is subject to change without notice.
Reproduction or transmittal of the entire or any part, in any form or by any means, electronic or print, for
any purpose without the express written permission of Grandstream Networks, Inc. is not permitted.
To Next Page
Loading...
Need help?
General
