HELP FILE

How do I secure my device network access?

    Whether you’re a school that doesn't want devices to be used off-campus, a company with a lot of mobile users who need to change networks frequently without being hindered, or an enterprise with advanced security requirements, you can set up the specific boundaries that you want your devices to function within.

    Important:

    Please excuse our mess while we improve your admin experience! We are in the process of migrating all accounts to the new admin experience. The article below is meant for admins who use https://my.jive.com/pbx to administer their account. If you're an admin who uses https://admin.goto.com, please visit our GoTo Admin support site for help.

    Before you begin: You must have admin or super admin permissions. If adding a network range, make sure you have the CIDR that ends in /8.
    About this task: There are various ways that you can secure your network. Choose your preferred option below. Note that if you disable the automatic authorization to establish higher security, you’ll need to authorize your network(s) manually before your devices will be able to connect to our platform.
    Warning: DO NOT DELETE the 0.0.0.0/0 authorization. By default, this IP address appears on all network access lists, with only PROV and ADMIN permissions. It is set up this way to allow automatic network authorization when a device is provisioned to GoTo and to allow admins to access the admin portal from any network.

    We highly recommend you do not change the default permissions (PROV and ADMIN only) for 0.0.0.0/0. Adding REG permissions to this IP address will defeat the purpose of the network access feature, as it would allow any user to connect from a network, regardless of whether that IP address is trusted or not. If these permissions are removed, then IP addresses will not be authorized during the provisioning process and admins will only be able to access the portal from the specific networks listed. Organizations who opt to change this default are liable for any security breaches or fraudulent activity that may occur as a result.

    Disable Automatic Network Authorization

    1. Sign in at https://my.jive.com/pbx.
    2. From Permissions > Network, disable Automatically authorize network with provisioning and Allow non-admins to authorize own network.
    3. Click Save.

    Authorize networks

    1. Sign in at https://my.jive.com/pbx.
    2. From Network Access, click Add Network Access Permission.
    3. Enter the IP address or the CIDR (if adding an IP range) in the Network field. For the CIDR, be sure to format the network to include the subnet mask. For example, 99.88.77.66/24 where /24 is the subnet mask.
    4. Select the type(s) of Access the network should have:
      Option Description
      REG — Recommended Device Registration — Allows calls to be made and received using this network.
      PROV — Recommended Device Provisioning — Allows devices to provision using this network (i.e., access configuration files from GoTo's servers).
      MEDIA Media Release — When both endpoints in a call are on networks that have the Media permissions, the Media (RTP) will connect directly, without routing through GoTo.
      Warning:
      • MEDIA should only be enabled with GoTo’s assistance. If set up incorrectly, your phones could be down for up to 24 hours after it’s corrected.
      • MEDIA should never be enabled for the 0.0.0.0/0 network.
      ADMIN Portal Administration — Allows system admins to make changes to the system using this network. If you authorize 0.0.0.0/0, administrators can access the system from any network.
    5. Optional: Enter an Expiration date and/or a Comment to help identify the network.
    6. Click Admin Portal Checkmark Icon.

    Deauthorize networks

    1. Sign in at https://my.jive.com/pbx.
    2. From Network Access, click Admin Portal Edit Icon next to the 0.0.0.0/0 network.
    3. Disable all access permissions, but leave ADMIN enabled if you would like to allow admins to access the admin portal from any network.
    4. Click Admin Portal Trash Icon for the network you would like to deauthorize and then click Delete to confirm this action.

    Edit networks

    1. Sign in at https://my.jive.com/pbx.
    2. From Network Access, click Admin Portal Edit Icon next to the network you want to edit.
    3. Make the desired changes.
    4. Click Admin Portal Checkmark Icon.