Encrypted Media Path And Signaling Path; Phone And User Authentication; Worm And Virus Protection; Prevention Of Toll Abuse - Mitel 3300 General Information Manual

Integrated communications platform

Hide thumbs Also See for 3300:

Technician's handbook (431 pages)

Hardware technical reference manual (161 pages)

General information manual (93 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

page of 184

/ 184
Contents
Table of Contents
Bookmarks

Table of Contents

•

"Encrypted Media Path and Signaling Path" on page 57

•

"Phone and User Authentication" on page 57

•

"Worm and Virus Protection" on page 57

•

"Prevention of Toll Abuse" on page 57

•

"Secure Management Interfaces" on page 58

•

"Secure Applications" on page 58

•

"SIP Security" on page 58

Encrypted Media Path and Signaling Path

Encrypted media and signaling path is supported for all Mitel's IP phones on the 3300 ICP

(Release 6.0 and later). The media path encryption is accomplished with Secure RTP using

128-bit Advanced Encryption Standard (AES). Encryption is backwards compatible to support

both currently shipping desktops as well as previously deployed Mitel IP desktops. Mitel

provides encryption of the media path between multiple 3300 ICPs using Secure Sockets Layer

(SSL) protocol. This allows scalability of applications by configuring 3300 ICPs into clusters or

deploying them as part of a centrally managed but distributed architecture.

Phone and User Authentication

Mitel implements phone authentication that requires a unique association of MAC addresses

and IP and user-entered PIN registration numbers. Additionally, desktop software downloads

are encrypted. Mitel also provides 802.1x authentication for desktops (Release 6.0 and later)

which offers support for the Extensible Authentication Protocol (EAP) using EAP-MD5 challenge

authentication to a RADIUS Server. Users authenticate through the phone interface by entering

a surname and password. This support is provided on the 5212, 5224, and 5235 IP Phones.

Worm and Virus Protection

The 3300 ICP uses an embedded real time operating system. This system is less susceptible

to virus or worm attacks that target traditional applications and their OS services because it

provides a very small base of common functionality with general purpose operating systems

such as Microsoft Windows, Lynx and UNIX. This lack of common functionality means that

VxWorks is not affected by the viruses and worms typically found on networks and the Internet.

This also makes it difficult for an attacker to write a virus targeted at generic VxWorks

implementations.

Application servers based on Windows NT/2000 must be properly maintained with regard to

current operating system security updates. Mitel products based on Windows NT/2000 include

the Contact Center Solutions, Speech Server and Messaging Server systems and Enterprise

Manager. These key application servers must be maintained with the latest in Microsoft security

updates and worm protection.

Prevention of Toll Abuse

Any communication system that has a combination of Direct Inward System Access (DISA)

Management and Maintenance

Table of Contents

Encrypted Media Path And Signaling Path; Phone And User Authentication; Worm And Virus Protection; Prevention Of Toll Abuse - Mitel 3300 General Information Manual

Encrypted Media Path and Signaling Path

Phone and User Authentication

Worm and Virus Protection

Prevention of Toll Abuse

Related Manuals for Mitel 3300

Related Content for Mitel 3300

Table of Contents