Extension Security Overview

This topic describes security options to prevent Yeastar P-Series PBX System from unauthorized SIP registrations and abused outbound calls.

SIP security options

Yeastar P-Series PBX System provides the following options to prevent unauthorized SIP registrations.

Allow Remote Registration: Anytime you use a remote extension to access PBX, you expose your PBX to the public internet, which increases the risk of VoIP hacking and attack. The option is disabled by default.
Note: We recommend that you keep the option disabled unless you need a remote extension.

SIP User Agent Identification

By default, PBX allows phones to register extensions without user agent limit. To enhance extension security, you can restrict which user agent is allowed to register an extension.

When a phone is trying to register the extension, the phone will send SIP packets containing user agent. If the prefix of the user agent does not match the specified value, the registration will fail.

SIP Registration IP Restriction: By default, PBX allows SIP registrations without the limit of IP address.; To enhance extension security, you can specify which IP address or IP section is allowed to register an extension.

Call restrictions options

Yeastar P-Series PBX System provides the following options to prevent abused outbound calls.

Disable Outbound Calls: Restrict users from making outbound calls.
Disable Outbound Calls outside Business Hours: Restrict users from making outbound calls during off-duty time and holidays.

Disallow International Calls: Restrict users from making international calls.
Note: The option works only when you have enabled Enable Allowed Country/Region Code Dialaing Protection. For more information, see Block Outbound International Calls.

Outbound Call Frequency Restriction: When an extension makes outbound calls and the number of calls exceeds the outbound call frequency restriction within specified time period, the system would restrict the extension from making outbound calls. For more information, see Limit Outbound Call Frequency of an Extension.
Max Outbound Call Duration (s): When the user is in an outbound call and the call duration reaches the limit, the system would end the call.

Outbound Route Permission

Specify the outbound routes that an extension is allowed to use.

Note: If this extension belongs to an organization or an extension group that has permission to use a specific outbound route, then you can't change the extension's permission to the outbound route here.