Maintaining Codec Network Security

Maintaining Codec Network Security

Codecs connected to the internet can be accessed by anyone with knowledge of the codec’s public IP address. In addition, search engines are widely available which can discover and expose unsecured ‘internet connected devices’. Tieline has enabled a number of IP security measures in its latest codecs, which engineers are encouraged to use in securing their devices from nefarious characters. Following are a range of IP codec security measures and precautions that should be followed as a bare minimum, to ensure your codecs remain secure.

Codec Security Options

There are several layers of security available in Tieline codecs to maintain secure connections. These include:

  • Immediately change the Toolbox HTML5 Web-GUI default password when you commission and install your codecs. Create a strong password which includes both capital and lower case letters, symbols and numbers. Password managers can be useful when managing multiple passwords within organizations, or when changing them according to a schedule.
  • Ensure your codec is behind a firewall and only open the TCP and UDP ports required to transmit session and audio data between your codecs. Using non-standard ports instead of Tieline default ports can also ensure the codec is more difficult to discover by external parties.
  • Ports 80 and 8080 are commonly used to access the Tieline codec web server. You can add an additional layer of security by translating these ports on the WAN side of your network into non-standard port numbers. Adjust ports using the Options panel in the Toolbox HTML5 Web-GUI.
  • By default SIP interfaces are disabled to avoid unwanted traffic. The SIP Filter Lists panel in the Toolbox HTML5 Web-GUI allows filtering of SIP URIs and User Agents to provide greater security when using SIP. User documentation outlines how to configure SIP Allow and Block lists.
  • An SSL security certificate can be installed on each codec in your network to ensure it is a trusted device within your network.
  • Options panel with Firewall options in the Toolbox Web-GUI

    Firewall settings facilitate enabling or disabling a range of firewall-related network services, or limit ping to only work in a local subnet. Tieline also recommends SNMP is disabled if a codec is connected to a public network like the internet. Adjust settings using the Toolbox HTML5 Web-GUI Options panel in the Firewall tab.

  • Implementation of CSRF protection (Cross-Site Request Forgery). Enable and disable this setting using the Options panel in the Toolbox HTML5 Web-GUI.

Be sure to document any codec port changes because this information will be required if you need to contact Tieline or other online support services at a future time.

Managing IP Security

Importance of Maintaining Codec and IP Network SecurityA number of additional strategies may be employed, including VPNs, to ensure more secure codec connections. Tieline previously had an article on IP Network Security published in Radio World, explaining best practices in more detail.  To read this article visit

For more information on Tieline codecs visit or contact Tieline sales:

(Maintaining Codec Network Security was first published on September 13, 2021)


Other Posts from Tieline

Jake’s Take on GPIOs

Jake’s Take on GPIOs: With the NAB show now in the rear-view mirror, stations are budgeting and preparing for fall sports, and

Visit Tieline at NAB2024

Visit Tieline at NAB2024 for FREE! The Tieline team will be at the 2024 NAB Show from the 14th to the 17th

Demystifying MPX solutions: composite transmission options

Demystifying MPX Solutions

Demystifying FM-MPX and MicroMPX Solutions By Jacob Daniluck, Tieline VP Sales Americas The Benefits of MPX Codecs Transporting composite MPX signals from