I agree voice vlans should never allow to talk to Internet but the newer phones have options to go to weather.com etc. Someday we'll have to allow limited Internet access.
How do you restrict that nothing can talk to Voice vlans but the voice appliances? I see this can happen via ACL , do you use anything else other than ACLs? I wish Cisco NAC would do that but that's not the case. I'm looking the option to buy Palo Altos to restrict user traffc from data center which will also take care of voice vlans etc. But I want to see what other people are doing before I put this on the table for my mgmt.
Apply an ACL to any SVIs to prevent traffic from routing from an outside VLAN into the voice vlan. It's simple yet elegant.
I'm fairly sure you don't have to have the phones going to the internet to get the weather.com data. Usually you can stream all this over the xml features from the call manager and voice gateways, and not have to actually provide real internet access. We had stock tickers, weather, sports scores, etc streaming to our phones and none of the phones had internet access.
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...