VoIP attack, although not an everyday occurrence does exist. When using VoIP, system security is undoubtedly one of the issues we care about most. With appropriate configuration, and some basic safety habits, we can improve the security of the telephone system. Moreover, the powerful built-in firewall function in MyPBX is adequate to enable the system to run safely and stably.
This guide will introduce the highest defense level in MyPBX, and we strongly recommend that you configure firewall and other security options according to this guide, to prevent the attack fraud and the system failure or calls loss.
Below is the priority order of configuring security settings in MyPBX.
- Guard the ports and password of web and extension first, this is the basic settings. More details please refer this link:https://support.yeastar.com/hc/en-us/articles/217562297
- Configure the firewall inside MyPBX, the logic of firewall is add all trusted IP range into accept list, then enable ‘Drop All’ to reject all other requests from un-trusted IP. More details please refer this link: https://support.yeastar.com/hc/en-us/articles/217562957
- Configure other security service based on your requests. More details please refer this link:https://support.yeastar.com/hc/en-us/articles/217107418
- Limit international calls as your wish. More details please refer this link:https://support.yeastar.com/hc/en-us/articles/217598617
- The optional method to register extension via TLS. More details please refer this link: https://support.yeastar.com/hc/en-us/articles/217081488
*The first two parts are necessary to be configured for security.
1. This guide applies to all MyPBX models except for MyPBX Standard V1/V2/V3/V4/V5, MyPBX SOHO V1/V2/V3 and MyPBX E1.
2. In this guide, the configuration options marked with “*” only exist in X.19.X.X and higher versions.
3. We recommend upgrading the firmware to the latest edition for security purpose.
4. Don’t map any port to MyPBX in router if not needed.
5. We recommend limiting the credit of VoIP trunks for international calls.
Path: System--System Settings--Security Center
You can click the button to configure those one by one. You can follow the steps in this manual to configure and get the resut in this page.
This page shows the SIP port, HTTP port and HTTPS port, we can click “Setting” to change that.It’s recommend that the default port should be changed.
This page shows the general service like AMI, SSH,TFTP, FTP, HTTP and HTTPS. we recommend disabling them if not used.
Note: TFTP is used for phone provisioning, it’s enabled by default, you can disable it after all phones are well configured.
In this page, the basic information of firewall rules are displayed. We recommend configuring it step by step following part 2 of this manual.