Hello friends, I would still call my self new here... I installed 3CX (V15.5) Debian on VmWare workstation 14 Pro (14.1.0), running on WIN7 pro SP1. I had a steep learning curve each step of the way, after much struggle & frustration I finally have my system up & running (from last 2 days). All IP phones & soft phones are (6 in total, 2 remote stun extensions) configured. 2 yealink T48s, 2 cisco SPA514 & 1 each apple & win clients. I am just paranoid that I had to open all these ports 5060,5061, 443, 9000s & more. I just followed the instructions & opened as per documentation. Don't really understand well what that means to my security other than i am open to the whole world. As I can access my system remotely so can everyone else. Am I right to assume that? Is it really that dangerous. If yes...can someone advise what are the measures that one should take to secure the system. Our network is very basic & small, we only have service provider modem/router (Smart RG 505). How can I make it tough for someone to get into my system. I saw some people talking about changing port 5060 to something else. I didn't do that yet because didn't want to break my system...just yet & week's hard work go waste . But I understand I may have to do it at some point. Besides that's the whole point, its part of the training make, break & re-deploy. But I want to enjoy my hard work for couple more days before I try tweak/make changes. I already see people trying to get into my system, I see 3 blacklisted IP addresses in just 2 days. Can someone advise dos & don't when it comes to security. Thank you in advance.