Yaystar P-Series PBX Security Settings

Oct 9, 2024

Security Settings on Yaystar P-Series PBX Webinar

Introduction

  • Overview of the session focusing on security settings for PBX.
  • This is part one of the series.

Topics Covered

  1. Initial Configuration

    • Default IP address: 192.168.5.150
    • Connect via Ethernet cable to LAN port.
    • No default username/password; follow the installation wizard.
    • Configure your own username, password, and email address.
      • Recommendation: Use a complex password (mix of letters, numbers, and cases).

  2. Web Server Settings

    • Accessing system via default IP will show a security alert (HTTP to HTTPS redirection).
    • Default HTTPS port: 8088.
    • Auto log-out after 15 minutes of inactivity (customizable).

  3. Network Configuration

    • Static Routes:
      • Create rules for data transmission.
      • Important when operating in dual mode; helps in handling two different networks.
    • VLAN Support:
      • Enhances security and performance by segmenting network traffic.
      • Configuration should primarily be done on the network switch, but PBX can be part of a VLAN.

  4. Extension Security Settings

    • Enable remote registration only if necessary.
    • SIP User Agent Identification:
      • Restrict registration based on user agent string prefix.
    • IP Restrictions:
      • Specific IP addresses can be allowed for registration.
    • Call Restrictions:
      • Options to disable outbound calls, restrict calls outside business hours, and disallow international calls.
    • Save Configuration:
      • Always click "Save" and "Apply" after changes.

  5. Firewall Rules

    • Static defense rules (firewall) are pre-configured; various default rules exist.
    • Action Types:
      • Accept, drop, or reject access requests.
    • Auto provisioning devices: Ensures devices can register without issues.
    • Custom rules can be added for specific IPs or MAC addresses.

  6. Advanced Defense Mechanisms

    • Rate limiting to prevent Denial of Service attacks (e.g., limiting packets sent to SSH port).
    • Blocked IP management for unwanted access attempts.

Conclusion

  • Recap of discussed topics and features for enhancing security in PBX.
  • Notification for next session to cover remaining topics.