Strong passwords with a combination of numbers, uppercase letters, lowercase letters, and special characters are always recommended for security. Must contain at least one uppercase letter, lower case letter, OR special character.
Microcosm manual password#
If PBX Settings🡪General Settings🡪Enable Strong Password is toggled on, the minimum password requirements are as follows: The password length must be between 4-30 characters. To change the password for default user “admin”, navigate to System Settings🡪Change Information🡪Change Password/Email. It is highly recommended to change the password after logging in for the first time. (UCM63xx support only HTTPs protocol by default)ĭisable option Redirect from Port 80 and,Īvoid using well known port numbers such as 80 and 443. To secure transactions and prevent unauthorized access, it is highly recommended to: The selected protocol type will also be the one used for Zero Config when configs are pushed to endpoint devices.
Microcosm manual series#
The UCM63xx/A series only support HTTPS protocol for web access, while the UCM62xx and the UCM6510 series support both HTTP and HTTPS to access the UCM web UI and can be configured under web UI 🡪Settings🡪HTTP Server. It is critical to understand the security risks involved when placing the UCM on public networks. With this, administrators can access and configure all available UCM information and settings. Embedded HTML pages allow users to configure the device through a web browser such as Microsoft IE, Mozilla Firefox, Google Chrome, etc. The UCM embedded web server responds to HTTP/HTTPS GET/POST requests. Reproduction or transmittal of the entire or any part, in any form or by any means, electronic or print, for any purpose without the express written permission of Grandstream Networks, Inc.
Microcosm manual download#
The latest electronic version of this document is available for download here: This document is subject to change without notice. Security Vulnerability Associated With Returned Cookie from WebUI Login Session Grandstream Security Bulletin GS17-UCM003 Potential Vulnerability Associated With Misuse of Dial Trunk Option in IVR Grandstream Security Bulletin GS13-UCM002 Potential Vulnerability Associated With Use of Allow Guest Calls Option Grandstream Security Bulletin GS13-UCM001 Three different security measures can be configured to protect the UCM against malicious attacks: Static Defense, Dynamic Defense and Fail2ban.ĪMI feature is used to let the user connect to Asterisk instance to read and track the state of telephony client, it may come with security concerns for UCM administrators that needs to be considered. TLS is utilized to encrypt SIP signaling. Trunk security utilizes privilege levels and source caller ID filters to prevent outbound calls from unintended sources. Admin with limited access can be created by the default super administrator.Įxtension security utilizes SIP/IAX passwords for authentication, IP address whitelisting, and SRTP encryption. Two-level user management is configurable.
Web UI access is protected by username/password and login timeout.
The following sections are covered in this document: We recommend to always use the latest official firmware for improved security.
0 kommentar(er)
