The separation established with solutions S.03 and S.04 may be compromised if an
attacker can connect a machine to a switch port. To avoid this, you should apply the
following solutions (all if possible):
- Deactivate or place in an unused VLAN the ports that are unused
- A ACL should be set to authorise only known MAC addresses (per port if
possible)
- 802.1x authentication should be used if the switch and the IP phones support it
Read More:http://www.vadese.org/files/upload/Best_practices_VoIP_en_v20.pdf
Secure the switch’s ports Best Practices VoIP-SIP Security
Subscribe to:
Post Comments (Atom)
0 comments:
Post a Comment