IP PBX Security Checklist:

Ensure that your CompletePBX 5 system is secure and safeguard it from cyber attacks by completing the Security Checklist below before connecting the system to the Internet.

Click on this link to access the Security section in Chapter1of the CompletePBX 5 User Manual for more detail on each of the bulleted items.

• Install CompletePBX 5 on a network that is protected by a Firewall/NAT router.
• Secure the password for user root
• Secure SSH access to your system:
  • Configure authentication keys for SSH
  • Configure tunneling for external GUI access
• Verify the status of Intrusion Detection and Firewall
  • CompletePBX 5 Firewall and Intrusion Detection are active by default. Make sure that
    these settings have not been changed
  • Configure and test Intrusion Detection notifications
  • Use the CompletePBX 5 Firewall to manage allowed ports and sources, and disable
    any ports not in use
• Configure non-standard external ports for SIP, IAX2, and SSH
• Password Security
  • Verify Password Policy settings
  • Use strong passwords for all SIP, IAX2 and Hot Desk devices, as well as Portal users
    and Asterisk Manager Users
• Create Classes of Service to meet the needs of users
  • Dial patterns
  • Disable access to features that are not required
• Creating extensions:
  • Use strong passwords
  • Control SIP and IAX2 access
  • Do not use extension number as device name when creating new extensions