- Release & Upgrade
- NeeHau Client V2.0.0.23 (with OM20/20G/50/50G)
- OM20G V177 P2
- OM50G V177 P2
- OM80E V177 P3
- OM200G V177 P3
- MX8G V367
- HX4G V367
- OM20 V134.P4
- OM50 V134.P4
- OM500 V121.P3
- FAQ
- Analog VoIP adapter
- Can voip phones be used at home?
- Are VoIP calls secure and can the call be encrypted?
- How SIP works in the VoIP Gateway
- General
- Network and Improper Operation
- Configurations
- Voice Quality
- Firmware Upgrade
- Application Notes
- How to Integrate MX Gateway with OM IP-PBX
- Interconnect Two PBXs with FXO Gateways
- Interconnect Two or More Extension Lines with FXS Gateways
- Connecting MX100G-S SIP-ISDN Gateway to Elastix
- Connecting MX100G-S SIP-ISDN Gateway to Asterisk
- Expanding PBX Extensions to Remote Sites through IP Network
- Multi-site Configuration for Gateways with Analog PBX
- How to Troubleshoot Caller ID Detection Issues on FXO Port
- Security Configuration Guide for New Rock OM Series IP-PBX
- Connecting FXO Gateway to Asterisk
- Connecting FXO Gateway to Elastix
- Tie Trunk Configuration for OM with Elastix
- Training Materials
- What is VoIP gateway?
- What’s the Difference between VoIP Gateway and SIP Trunk?
- Smart Switchboard Introduces Exclusive Premium Customer Services
- What's the Difference Between VoIP Gateway and ATA?
- What's the Difference Between VoIP gateway and SBC?
- New Rock’s New Gateway Security measures
- Global VoIP Gateway Service Provider
- How to Setup VoIP Gateway - A Complete Installation Guide
- What is HX&MX VoIP Gateway Default Password?
- Auto Provisioning
- Six Practices for Audio Security
- “PSTN failover” - Strong Support for High-availability IP Audio Communications
- New Rock IP-PBX: Your All-In-One IP Office Telephony System
- Connecting E1/T1-Based PBX to IP Telephony Networks
- Popular IP-PBX Features Favored by Highly Efficient Officers
- Five-star Customer Services
- Top Three Advantages of Gateways with Imbedded VPN Clients
- Low-Cost, High-Quality Gateway
- Smart FoIP
- Two Typical Applications for Telephone Networks
- IPv6’s Top Three Advantages in VoIP Applications
- MX100G-S SIP-ISDN Trunking Gateway Training
- MX Series VoIP Gateway Training
- Installation & Maintenance
- IP-PBX Installation (Video)
- OM20G&OM50G Quick Installation Guide
- OM80E Quick Start Guide
- OM200G Quick Start Guide
- OM500 Quick Installation Guide
- HX4G&MX8G Quick Reference Guide
- MX60E Quick Installation Guide
- MX120G Quick Installation Guide
- MX100G-S Quick Start Guide
- SX3000 Quick Installation Guide
- PT2400 Quick Installation Guide
- PT4800 Quick Installation Guide
Security Configuration Guide for New Rock OM Series IP-PBX
Update Time:2017-06-19 15:23:28 Browse Times:5692 Amount Downloads:1
Safety and security are the primary concerns, when the OM device is deployed in a public network. Malicious users are extremely dangerous for they are trying to steal your account information or even remotely gain access to your device and control it.
This document describes how to configure the OM device to protect against malicious users.
You are strongly recommended to follow the procedures below to protect your device.
Modify the default web GUI password for both administrator and operator, and improve the password strength to reduce guessing or brute-force attacks.
Modify the default SIP port number (5060). You can set any number within the port range (1-9999).
Modify the password for each IP extension. Set a combination of letters, numbers and special characters (6 to 16 characters) to strength the password, such as 447669newrock%^&.
Enable the white list function and specify the source IP addresses that are allowed to access the device through Web GUI (HTTP/HTTPS).
Note that once this function is enabled, only addresses specified here are allowed to access the device through Web GUI, so make sure the IP address you are used now to configure the device is contained in the list.
Modify the default web server port number for HTTPS/HTTP (443/80). You can set any number within the port range (1-9999).
Disable the Telnet and SSH services on the device. By default, the Telnet service is enabled.
Block the inbound Ping request on the device. By default, the inbound Ping request is unblocked.
Set properly the voice security level and other functions accordingly. It is recommended to set to Middle level.
Prohibit the outgoing dialing by IP extension on public network: the IP extension on public network is only allowed to call extensions, when you enable this feature.
User-Agent header fields: Please enter the User-Agent headers of the terminals allowed to register with the device, separated with a comma”,” for multiple terminals.
Limit the number of authentication failures: When the number of authentication failures of the IP extension exceeds the specified threshold, the device will reject the registration request by the IP extension. The IP extension is allowed to register with the device only after the IP address of the extension is changed or the device is restarted.
This document describes how to configure the OM device to protect against malicious users.
You are strongly recommended to follow the procedures below to protect your device.
Configuration Procedures
1.Make sure to change the default web GUI password after the first loginModify the default web GUI password for both administrator and operator, and improve the password strength to reduce guessing or brute-force attacks.
OM configuration page: go to System tool > Change password
To improve the password strength, you should use a complex password combination. For example: you can use the device MAC address which can be found on its printed label at the back of the device as the new password (shown below is 000EA92D01B2).
Modify the default SIP port number (5060). You can set any number within the port range (1-9999).
OM configuration page: go to Trunk > IP trunk
Modify the password for each IP extension. Set a combination of letters, numbers and special characters (6 to 16 characters) to strength the password, such as 447669newrock%^&.
OM configuration page: go to Extension > IP
Enable the white list function and specify the source IP addresses that are allowed to access the device through Web GUI (HTTP/HTTPS).
Note that once this function is enabled, only addresses specified here are allowed to access the device through Web GUI, so make sure the IP address you are used now to configure the device is contained in the list.
OM configuration page: go to Advanced > Access list
Modify the default web server port number for HTTPS/HTTP (443/80). You can set any number within the port range (1-9999).
OM configuration page: go to Advanced > Security
Disable the Telnet and SSH services on the device. By default, the Telnet service is enabled.
OM configuration page: go to Advanced > Security
Block the inbound Ping request on the device. By default, the inbound Ping request is unblocked.
OM configuration page: go to Advanced > Security
Set properly the voice security level and other functions accordingly. It is recommended to set to Middle level.
OM configuration page: go to Advanced > Security
Prohibit the outgoing dialing by IP extension on public network: the IP extension on public network is only allowed to call extensions, when you enable this feature.
User-Agent header fields: Please enter the User-Agent headers of the terminals allowed to register with the device, separated with a comma”,” for multiple terminals.
Limit the number of authentication failures: When the number of authentication failures of the IP extension exceeds the specified threshold, the device will reject the registration request by the IP extension. The IP extension is allowed to register with the device only after the IP address of the extension is changed or the device is restarted.
- Support
- Release & Upgrade
- FAQ
- Application Notes
- Training Materials
- Demo
- Installation & Maintenance
- Others
- Videos
- Contact Us
+86 21-61202700
global@newrocktech.com
5/F Block B, Building 1,No.188 Pingfu Road,
Xuhui District, Shanghai
200231, China
Copyright © New Rock Technologies, Inc. All Rights Reserved.