Secure Remote Connectivity to Your Switch. What are the Options?

By: Charles Carter
With the threat of Phreakers (Phone Hackers) and Computer Hackers becoming even more present, and many Pbx systems migrating to Servers - many businesses are looking to secure the remote connectivity to their systems.




Analog modems:

Some modems now offer CLID authentication. If the business knows who will be dialing in on a regular bases and what number they will be dialing from - then CLID authentication is an almost foolproof security approach to remote connectivity.

In short, if the CLID doesn't match the 'stored information' in the modem - the call is refused.

Here is an example of a CLID authentication setting on 


1. If CLID authentication is required (Id Auth=Require in the Answer profile) or if called- number authentication is required (Id Auth=Called Require in the Answer profile), the MAX first looks for a matching phone number in a local Connection profile.



2. If one does not exist, it then looks for a matching phone number in a RADIUS user profile. If it cannot find the correct phone number, the MAX hangs up.

IPSec and SSL:

Recently IPSec (Internet Protocol Security) and SSL VPN (Secure Sockets Layer)(Virtual Private Networks) are making it in the news. Both IPSec and SSL are encryption technologies. IPSec secures exchange of packets at the IP layer, while SSL encrypts at the Socket Layer/Connection.

IPSec - is a solid authentication application for VPN's, but it does have a drawback with respect to dissemination of client software. Each client needing access to the VPN would have to have the correct client software installed. This can be a troublesome area as many PC's are different and the VPN manager can't guarantee that the client will install and work properly.

SSL - is the alternative the IPSec. SSL allows remote users to authenticate to the VPN and connect via Netscape or Internet Explorer. Once connected the user can access a host of applications (as authorized), including terminal servers and legacy host systems.

This is a good   on SSL.

Article by Charles Carter

Security
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 

» More on Security
 



Share this article :
Click to see more related articles