Dual Interfaces and static NAT are certainly one of the items, for securing and hardening the VCS, but I'm looking beyond that and hoping the "old school" Tandberg folks have some additional best practices.
Locking out the front panel LCD
Using allow/deny lists
Using device Authentication
Also, does anybody have any practical experience using the Advanced Account Security option? Any white papers floating around on this?
Regarding the use of allow/deny lists for registrations (Which really is not a proper security measure but rather obfuscation, and could be used in combination with authentication) and the use of CPL for preventing unauthorised access to specific resources such as ISDN gateways, please refer to the VCS Admin guide for X7.1.
The admin guide as well as the VCS Control/Expressway Basic Configuration guide has a set of example CPL scripts which should be useful.
As far as Telnet and SNMP goes, these are disabled by default on an X7.1 VCS (Since they are considered "unsecure" protocols).
Advanced Account Security (AAS) mode is also described in the VCS admin guide.
The short answer is that you don't.... That isn't entirely true while at
the same time it kind of is, but for the most part you don't configure
the softkeys. You enable or disable them via TCL. Here is the long
answer. Be sure to read the whole thing or e...
Topology: IP Phone > Switches > Microsoft NPS setup to forward 802.1x
proxy to > ISE 2.1 patch 3 Authentication: EAP-TLS using Cisco MIC SANs
Phone Models 802.1X support? 802.1x flavor Addtl Comment EAP-MD5 EAP-TLS
Cisco 3905 Y Y N Cisco 6911 Y Y N Cisco ...
This document describe how DST changes and how time changes are
implemented in DST. Daylight Saving Time (DST) is the practice of
setting the clocks forward 1 hour from standard time during the summer
months, and back again in the fall, in order to make b...