Filter
Top Products
Security
234 Avaya Application Solutions IP Telephony Deployment Guide
Figure 72: Avaya S8700-series Server with an Avaya MCC1 or an SCC1 Media Gateway
To provide the most secure environment that is possible for the system, network access should
be divided into separate zones of control. These zones are sometimes referred to as DMZs.
● One VLAN can be administered for administrative traffic, one for call signaling, another for
voice bearer traffic, and so on.
● Layer 3 boundary devices (routers, layer 3 switches, and firewalls) should be administered
to enforce the corporate security policy on traffic that is destined for the Avaya
S8700-series Server, its Avaya MCC1 or SCC1 Media Gateways, or adjuncts.
● Packet filters can permit administrative access only from an administrator's PC and to
deny access from the Avaya S8700-series Server or its gateways to the corporate LAN
while allowing call signaling and bearer traffic from all IP Telephones appropriate access.