Mitel supports both trunk-side and station-side SIP, which is currently an open protocol with no protection features. If you use the Mitel protocols for voice, you get overlapping layers of protection. First, all the MiNET protocol is not a published and open standard, as SIP is.
All management traffic into the Mitel controllers from any authorized workstation user is encrypted using SSL and Secure Shell.
Internet connections from Tele- (remote) workers use the Secured Real-Time Protocol (SRTP), with built-in AES encryption, instead of a regular VPN, or basic network extension. This is a lot more secure than a VPN, as well as easier to manage, since it’s built into the basic Mitel system. AES encryption is also used over the using organization’s private networks, to help keep phone conversations private from even internal hackers and eavesdroppers. And, once again, this is automatically applied to all conversations at the phone-and-controller ends, so it’s not something that has to be set up by the phone administrators.
Phone downloads are also encrypted and use Secure FTP (many Mitel alternatives use unsecured FTP to do their downloads).
The controllers collect an extraordinary amount of Station Master Detail Recording (SMDR) information. This information allows managers to track and record all calls from all extensions, letting them bring up a record of all calls for a particular period if needed, and alerting them to unauthorized access and use of the phone system.
MXN also can install an inexpensive IPS on the connection(s) from the internal networks to the Internet, and/or on major internal network connections. This appliance serves as a second level of protection, sniffing out and stopping man-in-the-middle and pfishing attempts, and stopping repetitive call request (VoIP equivalent of DOS) attacks on controllers. This IPS is wire-speed, so it never interferes with the traffic, and one it is installed it requires little to no ongoing management or configuration.
For more information, contact us.
