Identify Trusted and Un-trusted Networks

It's crucial that you identify the trusted network (i.e., your local LAN) and the un-trusted network (i.e., public Internet – WAN) in the environment in which the device is deployed. There may be multiple un-trusted networks in a single deployment environment. For example, far-end WAN users and a SIP trunk with an ITSP may represent two un-trusted networks.

Once identified, you need to handle the un-trusted networks with extreme caution in order to safeguard your trusted network from malicious attacks from them. One of the main precautions is to separate your trusted network from the un-trusted network, using different logical configuration entities such as SRDs etc. The precautions and security guidelines are described in detail in subsequent sections.