Security and Bandwidth with PBXware

This week I had an interesting little puzzle to solve for the implementation of a PBXware MultiTenant PBX. Much of the scenario was familiar enough. The prospect had been using Elastix and Trixbox and was tired of being hacked. However two important distinctions were a low bandwidth provision in location and an absolute legal requirement to have the server located in the low bandwidth provision.

The prospect’s activity was to be only PRI for the purpose of the telephony and any IP was to be limited to the GUI interaction and the sending of messages by email. There was consideration of the possibility to separate PBXware MultiTenant PBX Interface from the Asterisk Engine and have the PBXware in a different location.

The following reply was made:

“1. Separating the interface from the Asterisk is going to be less security as it implies there needs to be a tunnel to join them. The Asterisk is still where it is.
This though is already reduced in issues by using SERVERware as it puts the Asterisk inside the CHROOT.

2. We simply do not get hacks, if :
a. SIPROT is used, although you have no SIP trunks
b. Firewall is used – we have no backdoor
c. When using a bastion : a page through which users need to pass before they arrive a the PBXware interface and the access to PBXware is limited to local IP only.
d. If we do set up and maintenance of the security – we not had problems ourselves.

3. Bandwidth required / to be used is minimal for the PBXware. From your description your presence is ‘not’ in a datacenter ? (guessing). 256kps is though enough to purpose.

4. Some bandwidth activity e.g. voice/fax2email would still come off the telephony server.”

… hopefully the prospect will take the advice … for sure though – should be interested to know of any issues of security you may have had …

This entry was posted in IP Telephony, PBX System, Support and tagged , , , , , , by Stephen Wingfield. Bookmark the permalink.

About Stephen Wingfield

My name's Stephen and for more years than can count I have been struggling to Liberate the World from Traditional Phone Systems and Traditional Phone System Vendors. That means working closely with partners around the world in English and French with the purpose of seeing how best we can approach local markets. Making sure that marketing and sales support are in place. Above all though giving tips and preparing quotes and proposals to make sure that customers get a 'best-fit solution' and often for the cost of 'off-the-shelf'. A lot of my purpose in contributing to this blog is to provide from these experiences and what made the difference that made the difference. Whether you are already working with Bicom Systems or not yet please feel free to add your own comments or ask your own questions. There should be much to learn for us all.

Leave a Reply