Firewall for VoIP PBX  – The Importance of Securing Your Network

The term firewall refers to a security system for networks. It controls and filters traffic between two or more networks in order to protect private data and access. For safe IP telecommunication, it is not enough to secure the network, but you should also pay attention to the security measures of the IP PBX itself. While analog and ISDN phones were not in danger of cyber-attacks, simply because they were not connected to the Internet, VoIP systems are. Since all the parts of the IP telephone system and the network are interconnected, security threats can easily affect every device linked to the system.

Why use a Firewall?

For most people the term “cyber-attack” or “hacking” sounds very abstract. They can’t really picture how an attack would look like and often underestimate the consequences. However, attacks on your networks are neither carried out by some genius masterminds with access to high-end equipment, nor are they rare.

If someone knows how, it is quite easy to find weaknesses in networks, especially if they are not well protected. There are a variety of dangers, users of a network should be aware of.

One of them are Brute Force Attacks, where attackers (bots) find out passwords and take control over your server through automated trial-and-error. In DDoS attacks bot nets flood a system with requests, rendering it inoperative. The communication protocol SIP, which is used for telecommunication, is not itself encrypted, which means that everyone can possibly look in on your conversations as a “Man-in-the-middle”, up to a point of excerpting the audio itself. Of course, only if the network administrator was inattentive to network security.

Consequences of Cyber-Attacks against IP PBXs

  • High phone bills, because others use your system and let you pay for their calls
  • System gets “taken over”
  • Passwords get sold (for example for provider & e-mail accounts)

  • Call-through and fax devices are used for spam

  • System is used as a spam distributor

  • Trojans/Viruses are installed

  • Additional IT systems get infected (for example the internal network)

  • Negative impact on your customer relations

What You can do for Your Network Security

One of the most important conditions to prevent your systems from getting hacked is picking safe passwords. Of course, this does not substitute a firewall, but is just one of the basic steps you can take. Pick a password that contains letters, numbers and special characters. For example, AskoziaPBX automatically generates secure passwords for each account that is created. It is also advised to use a VPN (Virtual Private Network) as a way of connecting external devices to the network.

This avoids the need for port forwarding and hosting on home routers, both of which pose serious security threats. Firewalls are the first line of defense for your network, protecting it from incoming traffic of outside networks (usually the Internet). However, a firewall with a packet filter does not just restrict incoming, but also outgoing data traffic. That is important to prevent your network devices from becoming part of a bot network. Naturally, there are different varieties of firewalls, depending on individual requirements and likelihood of threats.