[cisco-voip] CCMuser pages or not? (CUCM v7)
Anthony Holloway
avholloway+cisco-voip at gmail.com
Fri Feb 25 10:01:23 EST 2011
One possible solution: You could implement a firewall solution which
filters traffic such that only your desired personnel can access the
ccmadmin page.
Check this posting by our community member go0se for a filtering by URL on
an ASA tutorial: http://atc.go0se.com/?p=904
<http://atc.go0se.com/?p=904>Anthony
On Fri, Feb 25, 2011 at 7:56 AM, Lelio Fulgenzi <lelio at uoguelph.ca> wrote:
> I'm just wondering what others are doing to deliver CCMuser pages and/or
> equivalent while protecting the CCMadmin pages.
>
> As far as I know, you can not change the port on which CCMadmin pages are
> served. This means someone who can reach the CCMuser pages can also reach
> the CCMadmin pages.
>
> In this world of people writing passwords on post-it notes, weak passwords,
> shared passwords, workstations without proper protection, etc., thus worries
> me. Our environment here can be considered a bit 'hostile' since we're not
> using NAC on our wired ports and all ports are pretty much open. I'm not
> sure even VPN would help, since the same passwords are used, so a stollen
> password would get them through that.
>
> In the past we have used a reverse proxy which has worked well, but I'm
> finding it difficult to find support to get that working again. I'm also not
> sure if that is directional.
>
> What have others done to protect CCMadmin pages? Or have they simply
> implemented things using AXL?
>
> Anybody seen any packaged AXL solutions that can deliver what CCMuser pages
> can deliver?
>
> Sent from my iPhone
>
> _______________________________________________
> cisco-voip mailing list
> cisco-voip at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-voip
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20110225/fc294405/attachment.html>
More information about the cisco-voip
mailing list