On 13/07/16 16:20, Zilk, David wrote:
I would be hesitant to extend an Ethernet connection for a SIP phone > outside of the secured building perimeter without mitigating the > potential security risks to the network. Much better to use one of > any number of existing products which use an analog phone line; and > connect it back to an ATA located within the perimeter.
It is maybe an issue. So somebody opens the door phone, get's the ethernet out and then connects to your network. It is no more an issue of telling your staff the wifi access password and they tell their friend. I've seen a product where the anti tamper on the device connects back to relay in the ethernet wire further back. With a latch on failure. Or you could just put that cable into it's own vlan. If you chat to installers of many of these devices, they will describe them as `access control` rather than `security`. Meaning, ok to stop a random wandering off the street. Not going to stop a determined person. In my office, we use a 2N on the front door. But at night it (and it's cat5) is covered by a locked security shutter. Tim