I am told by my data center that they can close off all ports except those I designate. What would be the problem of putting a switch on a rack with no router in front (installing Fail2Ban)and telling the collocation data center to only open 5060 UDP, 10K-20K UDP/22 and 23 for SSH/Telnet? How would I handle an HTTPS port to get into the Elastix GUI and for the user ARI interface? Then use 16 char passwords (with letters, chars, and numbers) for access into everything but ARI (maybe require 6 digits). I saw dicko recommended changing the SSH port. He also shows some back doors into Elastix. Trying to get away from a router at the colo. They really have their own. It's just set wide open. If I tell them to close it down except for the ports I need is that safe? Thanks.