Security And Changing The Default Password - Codec Tieline ViA User Manual

4. Type the IP address of your codec into your browser with a full colon and then the new
Important Note: Any new port specified must be within the range 2000 to 65535
inclusive.
32.2

Security and Changing the Default Password

Codecs connected to the internet can be accessed by anyone with knowledge of the codec's public
IP address. In addition, search engines are widely available which can discover and expose
unsecured 'internet connected devices'. Tieline recommends the following IP codec security
precautions are followed as a bare minimum, to ensure your codec connections remain secure.
Maintaining Codec Network Security
Adequate security is a major factor in ensuring your codecs and your broadcast network remain
secure. There are several layers of security available in Tieline codecs to maintain secure
connections. These include:
1. Immediately change the default password when you commission and install your codecs
(see instructions which follow). Create a strong password which includes both capital and
lower case letters, symbols and numbers (up to 15 characters can be entered). Password
managers can be useful when managing multiple passwords within organizations.
2. Ensure your codec is behind a firewall and only open the TCP and UDP ports required to
transmit session and audio data between your codecs. Using non-standard ports instead of
Tieline default ports can also ensure the codec is more difficult to discover by external
parties.
3. Ports 80 and 8080 are commonly used to access the Tieline codec web server. You can add
an additional layer of security by translating these ports on the WAN side of your network
into non-standard port numbers. Adjust ports using the Options panel in the Toolbox
HTML5 Web-GUI, or see
4. By default SIP interfaces are disabled to avoid unwanted traffic. The SIP Filter Lists panel
in the Toolbox HTML5 Web-GUI allows filtering of SIP URIs and User Agents to provide
greater security when using SIP. See
information.
5. An SSL security certificate can be installed on each codec in your network to ensure it is a
trusted device within your network. See
6. Firewall settings to enable or disable a range of firewall-related network services, or limit ping
to only work in a local subnet. Adjust settings using the Options panel in the Toolbox
HTML5 Web-GUI, or see
7. Implementation of CSRF protection (Cross-Site Request Forgery). Enable and disable this
setting using the Options panel in the Toolbox HTML5 Web-GU, or see
Security
Be sure to document any port changes because this information will be required if you need to
contact Tieline or other online support services.
Changing the Default Password
The default User Name for the HTML5 Toolbox Web-GUI is admin and the default Password is
password. Tieline highly recommends changing the default password after initially connecting to
increase network security and protect your codec from being tampered with during live broadcasts.
© Tieline Research Pty. Ltd. 2020
port number.
Configuring TCP/UDP
Firewall
for more info.
Ports.
Configure SIP White and Blacklists
Installing a Security Certificate
Configuration.
ViA User Manual v3
for more
for more information.
Enabling CSRF
227