Firewall Configuration; Inter-Tel Private Networking; Remote Administration - Mitel Inter-Tel 5000 Installation And Maintenance Manual

Appendix B: Network IP Topology

Firewall Configuration

Firewall Configuration

In computer networks, a totally secure network is practically impossible. In general, the more
types of communications allowed from the Internet, the less secure the network. Therefore, a
network should be configured so as to allow only the minimum level of communication unless
other capabilities are required. An example is shown in the following illustration.
In some environments, it will be necessary to allow additional types of communications through
the firewall. As stated above, these communications should be allowed only when necessary.
Although strong passwords are always a good idea, this is especially important when
applications are opened to the Internet.

Inter-Tel Private Networking

This is the protocol used to allow Inter-Tel CS-5200/5400/5600 systems to communicate with
each other (or to communicate with an Inter-Tel Axxess system). To allow Inter-Tel Private
Networking to the Internet, allow TCP port 5570.

Remote Administration

These are the protocols that provide the capability to perform certain administration activities
from outside the firewall. To enable remote administration including DB Programming over the
Internet, enable TCP port 4000. To further tighten security, this communication can be filtered by
source address
1.
Page B-18
1
.
Source address filtering accepts communication from specific IP addresses. While source address
filtering provides some additional level of security, IP source addresses are easily spoofed. In addition,
source addresses are often DHCP-assigned making it impractical to know the source addresses in
advance.
®
Inter-Tel 5000 Installation Manual – Issue 2.4, May 2008