We have a customer that has been audited and the following items were found on the Unity Server:
Affected Hosts: Unity Server IP Explanation: These hosts are running a MSSQL database server which is accessible from the network. Depending on the sensitivity of data in the database, it is generally best practice to block traffic to database ports that does not come from required hosts. Risk Consequence: Not Best Practice Recommendation: If possible, only allow required hosts to connect to sensitive databases. This includes not allowing machines to connect from the network at all if the database is only used locally.
Vulnerability: LDAP NULL BASE/NULL BIND Affected Hosts: Unity Server IP Explanation: These hosts are running an LDAP server which allows queries with the BASE directory set to NULL. Additionally, anonymous queries are allowed using a NULL BIND. These settings could allow anyone to connect to the LDAP server and easily extract diretory information without any prior knowledge. Risk Consequence: Information Leakage Recommendation: Unless they are required, NULL BASE queries and NULL BIND should be disabled on these servers.
The Unity Server is the Domain Controller and it is the only server in the domain. Is it possible from the server to correct these findings?
As you are running a voicemail only configuration, you may not have much user access to the server except for administration, unless you have the Unity Inbox enabled for your users to check voice messages from the web in addition to their phones. As the guide mentions, if you are running antivirus software and a compatible version of the headless intrusion detection client CSA, you should be OK. Please review any caveat mentioned in the guide, as blocking ports or altering access to Unity can affect your voicemail operation.
The short answer is that you don't.... That isn't entirely true while at
the same time it kind of is, but for the most part you don't configure
the softkeys. You enable or disable them via TCL. Here is the long
answer. Be sure to read the whole thing or e...
Topology: IP Phone > Switches > Microsoft NPS setup to forward 802.1x
proxy to > ISE 2.1 patch 3 Authentication: EAP-TLS using Cisco MIC SANs
Phone Models 802.1X support? 802.1x flavor Addtl Comment EAP-MD5 EAP-TLS
Cisco 3905 Y Y N Cisco 6911 Y Y N Cisco ...
This document describe how DST changes and how time changes are
implemented in DST. Daylight Saving Time (DST) is the practice of
setting the clocks forward 1 hour from standard time during the summer
months, and back again in the fall, in order to make b...