I have an Avaya IP phone connected to a Cisco 3560 PoE and the phone will be located in a public location. I believe there is a way to disable the PC port on a Cisco IP phone, but I have been told that Avaya does not support this and it must be achieved on the switch. So I've enable port-security and specified the MAC address of the IP phone - problem is the MAC address can be clearly read by looking at the back of the phone. What other techniques are recommended to protect internal networks from rogue devices being connected to IP phone ports in public locations?
Following is a selection of Cisco secure infrastructure technologies that are especially useful for protecting voice systems:
Voice and Video-Enabled VPN
Access Control Lists
Cisco Secure Access Control Server
Cisco Firewall Solutions
Voice Security Primer: Protecting the Voice Infrastructure: