System and Network Management

Can we disable HTTP/port 80 on the IP Office, specifically for the User Portal?  Or just disable the User Portal all together? 

------------------------------
Anthony Martinac
IT Manager
Advanced Medical Imaging Consultants
Fort Collins CO
------------------------------

Yep, in Manager -> Security -> System you can set the HTTP & HTTPS ports, and then in Security -> Services you can disable HTTP.

Not sure if you can disable the User Portal.

------------------------------
Chris Holman
Avysionayry
Teletronics
------------------------------

Original Message:
Sent: 03-25-2024 11:21 AM
From: Anthony Martinac
Subject: IP Office User Portal - HTTPS only

Can we disable HTTP/port 80 on the IP Office, specifically for the User Portal?  Or just disable the User Portal all together? 

------------------------------
Anthony Martinac
IT Manager
Advanced Medical Imaging Consultants
Fort Collins CO
------------------------------

Thank you for that.  I am concerned with my J179 SIP phones because they are pulling their 46xxsettings file from a HTTP path

------------------------------
Anthony Martinac
IT Manager
Advanced Medical Imaging Consultants
Fort Collins CO
------------------------------

Original Message:
Sent: 03-26-2024 07:14 PM
From: Chris Holman
Subject: IP Office User Portal - HTTPS only

Yep, in Manager -> Security -> System you can set the HTTP & HTTPS ports, and then in Security -> Services you can disable HTTP.

Not sure if you can disable the User Portal.

------------------------------
Chris Holman
Avysionayry
Teletronics

Original Message:
Sent: 03-25-2024 11:21 AM
From: Anthony Martinac
Subject: IP Office User Portal - HTTPS only

Can we disable HTTP/port 80 on the IP Office, specifically for the User Portal?  Or just disable the User Portal all together? 

------------------------------
Anthony Martinac
IT Manager
Advanced Medical Imaging Consultants
Fort Collins CO
------------------------------

Ah OK yes, this one is a bit more nuanced...

Changing the HTTP port will deliver security through obscurity (i.e. not much, but better than literally nothing). Changing them to use HTTPS on a non-standard port will essentially deliver the same. I assume you're using certs if you have J's coming in over the public internet?

Are the J's at remote sites, and if so, do these sites have static public IP's? If so, we would restrict HTTP(S) traffic to the IPO via the network firewall. We've had clients mandate their remote workers get static IP's for their home offices for this reason (among others).

If the J's are remote and running on dynamic IP's, then (in my experience) it's risk mitigation via complex passwords and the IPO's IP blacklisting, as well as possibly geoblocking on the firewall to remove international DDoS and other attacks.

Hope this helps, happy to chat further as required.

------------------------------
Chris Holman
Avysionayry
Teletronics
------------------------------

Original Message:
Sent: 03-27-2024 11:14 AM
From: Anthony Martinac
Subject: IP Office User Portal - HTTPS only

Thank you for that.  I am concerned with my J179 SIP phones because they are pulling their 46xxsettings file from a HTTP path

------------------------------
Anthony Martinac
IT Manager
Advanced Medical Imaging Consultants
Fort Collins CO

Original Message:
Sent: 03-26-2024 07:14 PM
From: Chris Holman
Subject: IP Office User Portal - HTTPS only

Yep, in Manager -> Security -> System you can set the HTTP & HTTPS ports, and then in Security -> Services you can disable HTTP.

Not sure if you can disable the User Portal.

------------------------------
Chris Holman
Avysionayry
Teletronics

Original Message:
Sent: 03-25-2024 11:21 AM
From: Anthony Martinac
Subject: IP Office User Portal - HTTPS only

Can we disable HTTP/port 80 on the IP Office, specifically for the User Portal?  Or just disable the User Portal all together? 

------------------------------
Anthony Martinac
IT Manager
Advanced Medical Imaging Consultants
Fort Collins CO
------------------------------