Inter-Tel AXXESS Manual page 1550

Appendix F – Network Topology
® ®
INTER-TEL AXXESS
14. PORT USAGE SUMMARY
14.1 A port is a form of addressing that is subordinate to IP addressing. As such, port num-
bers serve to distinguish one protocol or application from another at the same IP address. For
example, the primary protocol that browsers such as Internet Explorer use to access Web pages
is HTTP, and HTTP uses port TCP 80. A single device with a single IP address can support
many protocols simultaneously by using different port numbers.
14.2 Separate sets of ports exist for Transfer Control Protocol (TCP) and User Datagram
Protocol (UDP).
14.3 Firewalls are devices used to promote network integrity and security by filtering data
packets based on IP addresses and port numbers. For example, suppose a firewall is configured
to allow communication with a Web server, which uses HTTP, TCP port 80. This configuration
would prevent the server from being accessed as a mail server, which uses SMTP, TCP port 25.
14.4 For security reasons, all ports should be disabled except those that are specifically
required. The default state for many routers is to disallow everything, but this practice varies
from one manufacturer to another.
NOTE:
14.5 A firewall is designed to prevent access from an untrusted network such as the Internet
while allowing communication initiated from within a trusted network. This capability is
referred to as Stateful Packet Inspection (SPI) when the firewall is configured to keep track of
the state of each session.
14.6 When enabled, SPI makes the firewall remember that an outbound TCP connection was
initiated from behind the firewall and allows packets associated with this connection back
through the firewall. SPI to or from the DMZ is required for satisfactory performance of Inter-
Tel Private Networking
NOTE:
Inter-Tel Axxess platform in a non-NATed DMZ to provide port-filtering protection from Internet
threats. THEN: In addition to opening the ports specified in
between the Internet and the DMZ.
14.7 Inter-Tel uses the port assignments shown in
considerations in mind when opening ports:
•
•
•
•
Page F-20
MANUAL VERSION 11.0 – May 2008
This appendix assumes that everything is disallowed unless specifically allowed.
.
IF: You use Inter-Tel Private Networking over the Internet, and you have placed the
Many of these port associations are configurable through DB Programming.
Installing Windows components on Inter-Tel products may open other ports that are not
necessarily open.
Installing non-tested and non-supported software on Inter-Tel products may open ports
and cause security risk.
Inter-Tel products can interface with third-party products that may use different port
numbers.
Table F-1, you must also enable SPI
Table F-1 by default. Keep the following
Port Usage Summary