System and Network Management

 View Only
  • 1.  IP Office User Portal - HTTPS only

    Posted 30 days ago

    Can we disable HTTP/port 80 on the IP Office, specifically for the User Portal?  Or just disable the User Portal all together? 



    ------------------------------
    Anthony Martinac
    IT Manager
    Advanced Medical Imaging Consultants
    Fort Collins CO
    ------------------------------


  • 2.  RE: IP Office User Portal - HTTPS only

    Posted 29 days ago

    Yep, in Manager -> Security -> System you can set the HTTP & HTTPS ports, and then in Security -> Services you can disable HTTP.

    Not sure if you can disable the User Portal.



    ------------------------------
    Chris Holman
    Avysionayry
    Teletronics
    ------------------------------



  • 3.  RE: IP Office User Portal - HTTPS only

    Posted 28 days ago

    Thank you for that.  I am concerned with my J179 SIP phones because they are pulling their 46xxsettings file from a HTTP path



    ------------------------------
    Anthony Martinac
    IT Manager
    Advanced Medical Imaging Consultants
    Fort Collins CO
    ------------------------------



  • 4.  RE: IP Office User Portal - HTTPS only

    Posted 28 days ago

    Ah OK yes, this one is a bit more nuanced...

    Changing the HTTP port will deliver security through obscurity (i.e. not much, but better than literally nothing). Changing them to use HTTPS on a non-standard port will essentially deliver the same. I assume you're using certs if you have J's coming in over the public internet?

    Are the J's at remote sites, and if so, do these sites have static public IP's? If so, we would restrict HTTP(S) traffic to the IPO via the network firewall. We've had clients mandate their remote workers get static IP's for their home offices for this reason (among others).

    If the J's are remote and running on dynamic IP's, then (in my experience) it's risk mitigation via complex passwords and the IPO's IP blacklisting, as well as possibly geoblocking on the firewall to remove international DDoS and other attacks.

    Hope this helps, happy to chat further as required.



    ------------------------------
    Chris Holman
    Avysionayry
    Teletronics
    ------------------------------