That is an intriguing thought. Given that we have an EA, it might make a very case to argue for dropping ShoreTel.
I think I'll do a little research on this topic. Kurt On Sun, Jul 21, 2013 at 6:13 PM, Michael B. Smith <[email protected]> wrote: > I run into this all the time for various Windows-based telephony and UM > systems. Cisco used to be this way also. Don't know if they still are. Two of > the other vendors I work with are. > > Lync has Enterprise Voice and it can be a complete replacement for a PBX, > given an appropriate gateway to the PSTN. > > Asterisk also has patching issues, don't let anyone fool you there... as far > as I have seen, Microsoft does this better than anyone else. > > -----Original Message----- > From: [email protected] [mailto:[email protected]] > On Behalf Of Kurt Buff > Sent: Friday, July 19, 2013 7:01 PM > To: [email protected] > Subject: [NTSysADM] A little afield of the normal topic - ShoreTel > installation > > All, > > We are using ShoreTel for our phone solution. Works well. > > I have just recently upgraded from 10.2 to 11.2 to 12.3, after I moved it to > a new VLAN - that was a bit of a late night... > > However, it's running on an ancient SuperMicro server, on Server 2003 R2. > > It's time to move it to a new Dell machine, running 2008 R2, and to get to > the current version of 13.2. > > I've looked at the prerequisites for installing 12.3, and am appalled at what > they suggest, and was hoping for a bit of feedback from anyone here regarding > this. > > Here's what they want me to do: > > o- Turn off the firewall - disable all of the profiles (Domain, Public and > Private), then turn off and disable the service. > o- Turn off the Base Filtering Engine (disable the service) > o- Set DEP for essential Windows programs and services only > o- Turn off UAC > o- Do not apply patches released past a certain date, stating > "When releasing a new build, ShoreTel publishes build notes listing > the Microsoft > patches that are certified against the build. ShoreTel also > highlights software > changes required by the Microsoft patches. Note that no additional > Microsoft > updates should be applied to your ShoreWare server between ShoreTel > builds. If > you install Microsoft updates between ShoreTel builds, they may > have an adverse > effect on your telephone system. > Disable Microsoft updates until you review the detailed > certification provided with > each release." > > > If you are running ShoreTel, have you run into this, and how do you protect > your ShoreTel environment, other than firewalling the subnet that it's on? > > To me, this seems like egregiously broken software, requiring me to reduce > the security of the server to near zero. > > Thoughts appreciated. > > Kurt > >
