Hello,
I'm trying to find secure way how to allow customers to login to MTE PBX manager and use for example conference manager. To allow this I have to allow external IP addresses for asterisk manager... I can't see this as safe thing.
How do you deal with this problem?
Thanks for any suggestion.
Peter
Secure the website
The way I approach it is 'what would I do if the server running Thirdlane got hacked, or failed'.
To keep it from getting hacked, you need a security policy. That policy could only allow certain IP addresses; you force your policy on your customers by requiring a static IP address for their router. Then you force their remotes VPN into their site, using their routers static IP to NAT their access. This is good because now you can manage and remote into their router.
Of course you get the portal to use https.
If you have to open it up to the world, you could front end the portal site with a content filter and/or force authentication with .htaccess. Or you could just have two identical servers running with constant backup and if one of them gets hacked, hopefully its not a theft of service attack and you can figure it out before your customers do.
Use isymphony instead for a conference manager