Slider 2TryLearn MoreSlash your Phone bills - Slider Image

Use SIP trunks, WebRTC & Apps

Slash your Phone Bill by 80%

Harden Security with v16: Nuts & Bolts

Strength in Unity

Security for your PBX

In herds under attack, the bigger and more experienced animals protect the smaller, more inexperienced ones. Taking a page from nature’s play book, the new 3CX v16 implements this exact approach by enabling the more experienced members to notify and protect the 3CX herd. When an attacker’s IP is reported through the 3CX auto-update blacklist function from participating systems, the attacking IP is blacklisted and defanged (pun intended), unable to affect the rest of 3CX systems. This security setting alone, transforms the 3CX global install base into a giant honeypot, quickly rendering VoIP attacks ineffective. Talk about safety in numbers!

Secure In Sync

Having to be on the lookout for two or more PBX systems can be tiring. 3CX v16 eases your mind by including new IP blacklist Export and Import functions, enabling you to export all your blacklist entries and import them on another PBX to sync and secure.

Security Advisor

Security Advisor Message - 3CX v16

Having a global presence enables 3CX to have its virtual ear on the ground for VoIP, security vulnerabilities, hacks and exploits. The new 3CX v16 gains from our collective experience in the form of an updated security advisor that benevolently monitors the security level of your extensions. This built-in function includes updated checks and warning notifications for weak extension security level.

Restricted Area: Authorized Personnel Only

For 3CX PBX admins, the Management Console is precious and for good reason! Having control over the 3CX Management Console yields immense power and with great power comes great responsibility. 3CX understands and enforces this with the new option to restrict access to the 3CX Management Console. The new “Restrictions” tab enables the admin to restrict connectivity only to a specified list of IPs, minimizing the Console’s exposure to outsiders.

No Footprinting Allowed/Secure Handshake

No SIP Fingerprinting Allowed - 3CX v16

Most hacking incidents occur after scanning and footprinting for vulnerable systems to attack. 3CX takes note of this and enhances the 3CX v16 security to prevent service exploits by prying eyes, not sending the user agent by default. When SIP communication is authenticated the user agent is revealed in the traffic headers.

Reset in Batch

Managing the security level on a multi-user setup can be a tedious task. The updated “Extensions” extends the “Regenerate” function in 3CX v16, to provide you the flexibility to choose the password/PIN to reset for any number of users!

Secure Foundations

3CX v16 also inherits security genes from the updated under the hood components, keeping the PBX running securely with stability and top-notch performance:

  • Latest Postgres DB version – robust performance on a secure database engine.
  • OpenSSL to 1.0.2o – latest security-fix release.
  • Built using VS2017 compilers – keep the 3CX codebase modern, secure and portable.
  • .NET Core framework update – improved security and performance.
  • GCC 6 – security improvements & code optimization.
  • Debian 8 EOL (End of Life) – recommended upgrade via our Debian 9 “Stretch” ISO to benefit from v16 improved security, performance and features.

Download the v16 Alpha for Windows and Linux below or take it for a spin using our PBX Express tool and we’ll configure a brand new PBX for you to try!

Download links:

View the change log for this version and give us your feedback via the community forum.

By |December 14th, 2018|11 Comments

Free for up to 1 year! Select preferred deployment:


for Linux on a $200 appliance or as a VM

Get the ISO


for Windows as a VM

Download the setup file

On the cloud

In your Google, Amazon, Azure account

Take the PBX Express