[VOIPSA Best Practices] bestpractices Digest, Vol 3, Issue 3

Fri Jan 19 06:25:51 CST 2007

Dan,

Does 6. Securing IP Endpoints (ex. sets, softphones, etc.) include mobile / pda
(type) phone sets or 7. Securing the TCP/IP network (ex. VLANs, 802.1X,
wireless, etc. (under the wireless subheader) or not? If not do we want to
include it in any one of these, or not? I believe it should be included, and the
different aspects of it could be covered appropriately in each heading / chapter
/  section.

Regards
Sarb Sembhi

-----Original Message-----
From: bestpractices-bounces at voipsa.org [mailto:bestpractices-bounces at voipsa.org]
On Behalf Of bestpractices-request at voipsa.org
Sent: 19 January 2007 12:00
To: bestpractices at voipsa.org
Subject: bestpractices Digest, Vol 3, Issue 3

Send bestpractices mailing list submissions to
	bestpractices at voipsa.org

To subscribe or unsubscribe via the World Wide Web, visit
	http://voipsa.org/mailman/listinfo/bestpractices_voipsa.org
or, via email, send a message with subject or body 'help' to
	bestpractices-request at voipsa.org

You can reach the person managing the list at
	bestpractices-owner at voipsa.org

When replying, please edit your Subject line so it is more specific than "Re:
Contents of bestpractices digest..."

Today's Topics:

   1. Best Practices document structure set - next question: are
      these the appropriate areas? (dan_york at Mitel.com)

----------------------------------------------------------------------

Message: 1
Date: Fri, 19 Jan 2007 05:58:00 -0500
From: dan_york at Mitel.com
Subject: [VOIPSA Best Practices] Best Practices document structure set
	- next question: are these the appropriate areas?
To: bestpractices at voipsa.org
Message-ID:
	<OFD9A0AD22.233EEC85-ON85257268.003B6C2F-85257268.003C3EE9 at mitel.com>
Content-Type: text/plain; charset="us-ascii"

Best Practices team,

Thank you to those of you who sent in comments either on the list or directly to
me.  A special thanks to Eugene Nechamkin who took the time to write up a
counter-proposal. Outside of his contribution, basically all the feedback was
for proposal #2, structuring the document around functional areas, and so I'm
going to say we're going with that.

Now, the next question - is this list below from the wiki the appropriate list
of areas for VoIP-related best practices?

1.      Securing Voice and Media stream 
2.      Securing Call Control 
3.      Securing Management Interfaces and APIs 
4.      Securing PSTN Interfaces and Traditional Telephony Issues (i.e. 
don't forget toll fraud) 
5.      Securing Servers and Operating Systems 
6.      Securing IP Endpoints (ex. sets, softphones, etc.) 
7.      Securing the TCP/IP network (ex. VLANs, 802.1X, wireless, etc.) 
8.      Physical Security, including backups, power, etc. 

Are we missing any major areas?  Should these be modified or tweaked?

It seems to me to be a complete list, but then again, I wrote it, so of course
it would.  Any feedback is welcome.

Regards,
Dan

--
Dan York, CISSP
Dir of IP Technology, Office of the CTO
Mitel Corp.     http://www.mitel.com
dan_york at mitel.com +1-613-592-2122
PGP key (F7E3C3B4) available for
secure communication

-------------- next part --------------
An HTML attachment was scrubbed...
URL:
/pipermail/bestpractices_voipsa.org/attachments/20070119/de5a9eaf/attachment-000
1.html 

------------------------------

_______________________________________________
bestpractices mailing list
bestpractices at voipsa.org
http://voipsa.org/mailman/listinfo/bestpractices_voipsa.org

End of bestpractices Digest, Vol 3, Issue 3
*******************************************