I have an Asterisk connected to a Digium ISDN gateway, which I use to connect to another PBX locally. Everything is behind a firewall and on the same subnet.
I don’t use registration but have the gateway configured to talk to my Asterisk’s static private IP, instead of the gateway being a dynamic host registering to the Asterisk via username and password authentication.
I figured, as everything is static and local, I don’t need registration.
Would you agree, that this is a sufficient security practice?