Due to the variety of firewall models and topologies available, giving specific advice is difficult. Here are some practical tips for almost any configuration. For starters, it’s always advisable to keep high importance on security. This means being technically familiar with the equipment and its configuration. It is a responsibility that should be taken with the utmost seriousness. When shopping for firewalls, favor those that offer simple configuration and are designed for the SMB.
A good general rule of thumb is to block all unknown traffic into the network and only allow traffic from trusted sources. This strategy doesn’t usually work well for a Web server, but a UC server should absolutely be sequestered behind a firewall. Surprisingly enough, many SMBs do not deploy a firewall. Or they deploy a firewall but open ports to all networks to allow remote users. This is almost the same as having no firewall at all. Although some UC servers have built-in attack mitigation mechanisms, these should not be solely relied upon. A firewall is designed to sort traffic; a UC server is not. Using each device for its intended purpose will keep the network the most secure. With SMBs, managing remote users is better done through a virtualized private network (VPN).
Unified communications (UC) presents unique security challenges because it brings together disparate technologies. A UC business phone system combines VoIP, video, chat, email and presence together into one unified messaging system. As the technology has become more complex and more accessible from the public Internet, the security threat has increased. In many ways it is easier than ever to attack business communications. Companies must be diligent to protect their communications as they are vital to business operations.
While large businesses can often dedicate substantial resources toward securing their communications, those in the SMB space need solutions that are both effective and simple to manage security. Despite being in a niche field, securing UC as an SMB follows many of the same security best practices that are effective in the enterprise for a variety of technologies. In this slideshow, Digium shares seven best practices that can help SMBs keep communications flowing.