Chapter 3: Network Requirements and Preparation SA-100 Planning, Installation and Administration Guide
ShoreTel 12.1 21
See the ShoreTel Planning and Installation Guide for detailed instructions on selecting an
NTP public server if you do not run an NTP server within your organization.
3.5 Network Security
This section discusses network security concerns that can come up when you deploy the
3.5.1 Security Considerations Internal Firewall
The SA-100 Appliance can be deployed in the DMZ, allowing external participants to
access Web conferences. Positioning in the DMZ places the Service Appliance 100 in a
privileged security position within the customer's network infrastructure. Therefore, the
SA-100 features an embedded, customer administered, firewall to control access between
unsecure external environments and internal networks. Proactive security policies and
strict management of evolving internet security risks are essential to maintain network
security. Security Considerations
As security threats evolve new vulnerabilities may be discovered that require immediate
resolution. ShoreTel provides upgrades to the appliance software and updates for critical
security patches. If required, these upgrades are distributed independently from the
standard release cycle for software upgrades.
Should critical security patches be required to the appliance operating or file systems, a
new mini-installer is used to implement immediate fixes to the platform images. This
allows the customer’s IT support to quickly protect their networks without having to
complete an entire release upgrade.
Hotfixes or patches to the appliance application images will continue to be addressed via
the traditional process of incorporating these into the next build or release.
Procedures to apply security patches to the appliance operating system and applications are
described in the ShoreTel 12.1: Maintenance Guide and are also distributed via e-mail or
other customer notification pathways such as the ShoreTel support website.
3.6 Deployment Scenarios
The ShoreTel Service Appliance 100 may be deployed both internal to the LAN or
externally in a company’s DMZ.
Deployment scenarios may include multiple installations of appliances in a ShoreTel
However, in any multi-appliance deployment scenario, if one appliance is accessible for
external access then all appliances must also be accessible for external access.
Terms of Use | Privacy Policy | DMCA Policy