6
Security and Reliability
6.1 Operating System Security
Security maintenance for the system layer ensures that the operating system runs smoothly
and also supports stable services at the application layer. The Touch of the Box 700 uses a
custom Android operating system, which provides higher security and virus immunity than
the Windows operating system.
6.2 Network Layer Security
On-premises, IMS hosted, and SP hosted networks each comply with different network layer
security policies.
l
On-premises networks:
–
The Box 700, SMC2.0, and MCU are deployed in the trusted zone, isolated from
the Demilitarized Zone (DMZ) and the untrusted zone. Firewalls are deployed for
security domain division and access control.
–
Terminals (such as TE Desktop and TE Mobile) in the untrusted zone communicate
with NEs in the trusted zone through the Session Border Controller (SBC) or
Switch Center (SC) in the DMZ.
l
IMS hosted and SP hosted networks:
–
The Box 700 is deployed in the untrusted zone, isolated from the DMZ and the
trusted zone through the SBC or the extranet firewall.
–
If a DMZ is deployed, you need to install the SBC, SC, USM Proxy, and MediaX
Proxy in the DMZ for the Box 700 to establish connections.
–
If no DMZ is deployed, the Box 700 connects to the trusted zone through the SBC.
The USM Proxy and MediaX Proxy are not required.
–
On network borders between the DMZ and the trusted and untrusted zones,
firewalls are deployed to implement security domain division and access control.
6.3 Firewall Technology (NAT)
The firewall protects your IP network by separating the internal and external network
communication data. Using Network Address Translation (NAT) technology and signaling
HUAWEI Box 700
Product Overview
6 Security and Reliability
Issue 05 (2019-06-20)
Copyright © Huawei Technologies Co., Ltd.
32
