P a g e
|
5
UCM Security Manual
WEB UI ACCESS
UCM HTTP Server Access
The UCM embedded web server responds to HTTP/HTTPS GET/POST requests. Embedded HTML pages
allow users to configure the device through a web browser such as Microsoft IE, Mozilla Firefox, Google
Chrome and etc. This is the most important tool to configure all the settings on the UCM. It’s also the
immediate interface for the administrator to access configurations, user status and all the system
information.
Therefore, it’s crucial to understand that directly placing the UCM on public network could
expose the domain name / IP address of the UCM and pose serious security concerns.
Protocol Type
HTTP and HTTPS web access are supported to access the UCM web UI. It can be configured under web
UI
Settings
HTTP Server. The protocol type is also the protocol used for zero config when the endpoint
device downloads the config file from the UCM.
Therefore, it’s recommended to use HTTPS instead of
HTTP to secure the transactions and prevent unauthorized access.
Note also that by default we are using HTTP/HTTPS ports that are different from the well know ports 80
and 443.
It is recommended to disable the option “Redirect From Port 80”.
Finally, users have the option to specify a list of UP to 10 IP addresses which will be allowed to access the
UCM web GUI, otherwise the connection will be refused for any IP address not figuring in the white list.
To add IPs to the whitelist, go under menu web UI
Settings
HTTP Server:
•
Enable the option “Enable IP Address Whitelist”
•
Enter the permitted IP(s) by specifying both the address and the Subnet mask.
