So I'm planning on a new PIAF install in a VMware based VPS with a provider in a DC.
I am thinking 512MB ram, 20GB space, 1 CPU core - Is this enough? There next plan up is 1GB ram, 40GB space, 2 cores, but a little pricer... This is an AU location so bandwidth and costs are high, provider also offers Xen Server however I think that wouldn't be as good as VMware?
I'm planning for 8-10 inbound calls at G711, queued up remotely until the Polycom / Cisco users answer (2-3 on a call rest queued remotely).
I understand VMware is very good for PIAF and latest versions of Asterisk, with no chopping on hold music so this is important. I am doing it this way so calls can be queued remotely and we can answer everybody, rather than having choppy / broken calls queueing locally
I will then have aprox 5 extensions hanging off that
3 x Polycom 560 Static IP behind NAT (Will try https provisioning, will they accept self signed SSL?)
2 x Cisco 7960 - Static IP behind NAT (looking at static provisioning using local t*f*t*p server, should still boot OK with saved configs once tested and working)
Gigaset C470IP - Dynamic IP behind NAT, manual provision in web interface
Mobile device SIP client (e.g 3CX) - Dynamic IP behind possibly double NAT over 3G (assume good data speeds).
Is their an up to date guide on securing PIAF in a public IP / VPS environment? I've read things such as only create dialling plans to destinations you'll call etc and set times you can call them (e.g business hours), but aside from that sort of thing what other ways can I secure my install?
I can't quite use IP tables to block the world except SIP trunk and end points, because of dynamic IPs. I'd like to avoid VPN unless I really need to.
Trunks are prepaid so if I get hacked i'll only lose $20-30 per trunk provider (about 4 trunks so $100 max).
Very keen to hear peoples thoughts. Once deployed i'd look at providing a step by step guide for others
I am thinking 512MB ram, 20GB space, 1 CPU core - Is this enough? There next plan up is 1GB ram, 40GB space, 2 cores, but a little pricer... This is an AU location so bandwidth and costs are high, provider also offers Xen Server however I think that wouldn't be as good as VMware?
I'm planning for 8-10 inbound calls at G711, queued up remotely until the Polycom / Cisco users answer (2-3 on a call rest queued remotely).
I understand VMware is very good for PIAF and latest versions of Asterisk, with no chopping on hold music so this is important. I am doing it this way so calls can be queued remotely and we can answer everybody, rather than having choppy / broken calls queueing locally
I will then have aprox 5 extensions hanging off that
3 x Polycom 560 Static IP behind NAT (Will try https provisioning, will they accept self signed SSL?)
2 x Cisco 7960 - Static IP behind NAT (looking at static provisioning using local t*f*t*p server, should still boot OK with saved configs once tested and working)
Gigaset C470IP - Dynamic IP behind NAT, manual provision in web interface
Mobile device SIP client (e.g 3CX) - Dynamic IP behind possibly double NAT over 3G (assume good data speeds).
Is their an up to date guide on securing PIAF in a public IP / VPS environment? I've read things such as only create dialling plans to destinations you'll call etc and set times you can call them (e.g business hours), but aside from that sort of thing what other ways can I secure my install?
I can't quite use IP tables to block the world except SIP trunk and end points, because of dynamic IPs. I'd like to avoid VPN unless I really need to.
Trunks are prepaid so if I get hacked i'll only lose $20-30 per trunk provider (about 4 trunks so $100 max).
Very keen to hear peoples thoughts. Once deployed i'd look at providing a step by step guide for others
Phone System 