Avaya 4600 IP Phone User Manual


  Open as PDF
of 150
 
Suggestions for Installation and Configuration
Issue 2.2 April 2005 33
Security
In VoIP, physical wire is replaced with an IP connection. The connection is more mobile.
Unauthorized relocation of the IP telephone allows unauthorized users to send and receive calls
as the valid owner. For further details on toll fraud, see the DEFINITY
®
or Avaya
Communication Manager documents mentioned in Related Documents
on page 15.
Any equipment on a data network, including a 4600 Series IP Telephone, can be the target of a
Denial of Service attack. Usually, such an attack consists of flooding the network with so many
messages that the equipment either:
spends so much time processing the messages that legitimate tasks are not processed, or
the equipment overloads and fails.
The 4600 Series IP Telephones cannot guarantee resistance to all Denial of Service attacks.
However, each Release has increasing checks and protections to resist such attacks while
maintaining appropriate service to legitimate users.
All 4600 Series IP Telephones that have WML Web applications and run R2.2 software support
Transport Layer Security (TLS). This standard allows the phone to establish a secure
connection to a HTTPS server, in which the phone’s upgrade and settings file can reside. This
setup adds security over the TFTP alternative.
You also have a variety of optional capabilities to restrict or remove how crucial network
information is displayed or used. These capabilities are covered in more detail in
Chapter 4: Server Administration
, and include:
As of Release 2.0, restricting the 4600 Series IP Telephone’s response to SNMP queries
to only IP Addresses on a list you specify.
As of Release 2.0, specifying an SNMP community string for all SNMP messages sent by
the telephone.
As of Release 1.8, restricting dialpad access to Local Administration Procedures, such as
specifying IP Addresses, with a password.
Removing dialpad access to most Local Administration Procedures.
Restricting the end user’s ability to use a telephone Options application to view network
data.
 previous next