AT&T DEFINITY Remote Port Security Device Informações Técnicas Página 345
- Página / 470
- Índice
- MARCADORES
Avaliado. / 5. Com base em avaliações de clientes
System Security Action Plan
Issue 7 June 2001
14-3
System Security Action Plan
Figure 14-1. System Security Action Plan
Educate End Users Establish Port Security Procedures
Secure the Administration System Perform Security Monitoring
The first step customers should take in
tightening the security of their systems
is to increase end-users’ awareness of
the system’s security features and
vulnerabilities.
Develop and implement a toll fraud detection
and reaction plan with all employees.
Train users on remote access responsibilities
and security procedures.
Establish and maintain security policies
regarding password/authorization code
protection.
Once you have established an effective
Control administrative access passwords,
and change them frequently.
Never store administrative port numbers or
passwords as part of a connection “script.”
Use Remote Port Security Device to “lock-up”
administrative ports.
Monitor call detail records and “800 service”
billing records for unusual activity.
Monitor “invalid login attempt” activity levels
on remote access and administration ports.
Establish thresholds and monitor port and
trunk activity levels.
port security plan, you need to protect it.
Management of the access into adminis-
trative and maintenance capabilities is an
important part of the total System Security
Plan.
System Security Monitoring plays a
critical role in a customer’s overall
security scheme. By monitoring
system security precautions already
taken, customers can react quickly
to any potential threat detected.
Use passwords, authorization codes, and
barrier codes. Set them to maximum length
Assign calling privilege restriction levels to
users on a need-to-call basis.
Block off-hours and weekend calling privileges,
or use alternate restriction levels when possible.
and change them frequently.
Customers must establish security
measures to manage and control
access to the ports into the communication
system. The security measures should
also control the calling privileges users
will have access to.
- Avaya Products 1
- Security Handbook 1
- Contents 10
- About This Document 19
- 1-2 Issue 7 June 2001 20
- Reason for Reissue 21
- Intended Audience 21
- How this Guide is Organized 22
- 1-6 Issue 7 June 2001 24
- Avaya/Customer Security 25
- Roles and Responsibilities 25
- 1-8 Issue 7 June 2001 26
- Avaya Security Offerings 27
- 1-10 Issue 7 June 2001 28
- Related Documentation 29
- 1-12 Issue 7 June 2001 30
- Introduction 31
- Who is the Enemy? 32
- What is in a Loss? 33
- Known Toll Fraud Activity 34
- Voice Mail 35
- 1 for Auto Loans 35
- 2-6 Issue 7 June 2001 36
- — Call Diverters 37
- — Beeper and/or Pager Scam 37
- 2-8 Issue 7 June 2001 38
- Security Risks 39
- Other Port Security Risks 41
- 3-6 Issue 7 June 2001 44
- Security Goals Tables 48
- 3-12 Issue 7 June 2001 50
- 3-14 Issue 7 June 2001 52
- 3-16 Issue 7 June 2001 54
- 3-18 Issue 7 June 2001 56
- 3-20 Issue 7 June 2001 58
- 4-2 Issue 7 June 2001 60
- 4-4 Issue 7 June 2001 62
- Barrier Codes 62
- 4-6 Issue 7 June 2001 64
- Authorization Codes 65
- 4-8 Issue 7 June 2001 66
- Trunk Administration 66
- Remote Access Dial Tone 66
- Night Service 67
- DEFINITY G3 only) 67
- 4-10 Issue 7 June 2001 68
- Status Remote Access Command 69
- Logoff Screen Notification 69
- Outgoing Calls 70
- 4-14 Issue 7 June 2001 72
- 4-16 Issue 7 June 2001 74
- 4-18 Issue 7 June 2001 76
- Toll Analysis (G3 only) 76
- Free Call List 76
- AAR/ARS Analysis 76
- ARS Dial Tone 77
- Station Restrictions 77
- 4-20 Issue 7 June 2001 78
- System 75) 78
- Central Office Restrictions 78
- Trunk-to-Trunk Transfer 79
- 4-22 Issue 7 June 2001 80
- Forced Entry of Account Code 80
- DEFINITY G2.2 and G3 only) 81
- Digit Conversion 81
- 4-24 Issue 7 June 2001 82
- Station Security Codes (SSCs) 82
- Personal Station Access (PSA) 82
- 4-26 Issue 7 June 2001 84
- 4-28 Issue 7 June 2001 86
- 4-30 Issue 7 June 2001 88
- Fully Restrict Service 88
- Using FRLs 88
- 4-32 Issue 7 June 2001 90
- Routing or Alternate FRLs 90
- Block International Calling 91
- 4-34 Issue 7 June 2001 92
- Limit International Calling 92
- 4-36 Issue 7 June 2001 94
- 4-38 Issue 7 June 2001 96
- Disable Facility Test Calls 97
- 4-42 Issue 7 June 2001 100
- CAUTION: 101
- 4-44 Issue 7 June 2001 102
- Limit Access to Tie Trunks 102
- 4-46 Issue 7 June 2001 104
- Expert Agents 104
- Remove Data Origination Code 105
- (DEFINITY G2.2 and G3 only) 105
- 4-48 Issue 7 June 2001 106
- Detecting Toll Fraud 107
- 4-50 Issue 7 June 2001 108
- Administration Security 108
- Logins for INADS Port 108
- 4-52 Issue 7 June 2001 110
- Detail Recording (SMDR) 110
- 4-54 Issue 7 June 2001 112
- Monitor I 112
- ARS Measurement Selection 113
- 4-56 Issue 7 June 2001 114
- DEFINITY G1 and G3 only) 114
- CMS Measurements 115
- 4-58 Issue 7 June 2001 116
- 4-60 Issue 7 June 2001 118
- 4-62 Issue 7 June 2001 120
- 4-64 Issue 7 June 2001 122
- 4-66 Issue 7 June 2001 124
- (DEFINITY G3V3 and Later) 124
- Malicious Call Trace 125
- 4-68 Issue 7 June 2001 126
- Service Observing 126
- Busy Verification 127
- List Call Forwarding Command 127
- 4-70 Issue 7 June 2001 128
- 5-2 Issue 7 June 2001 130
- 5-4 Issue 7 June 2001 132
- Security Tips 133
- 5-6 Issue 7 June 2001 134
- MERLIN LEGEND Communications 135
- 5-8 Issue 7 June 2001 136
- Preventative Measures 136
- Protection Via Star Codes and 137
- Allowed/Disallowed Lists 137
- 5-10 Issue 7 June 2001 138
- Default Disallowed List 138
- Security Defaults and Tips 139
- 5-12 Issue 7 June 2001 140
- Protecting Remote Access 140
- 5-14 Issue 7 June 2001 142
- Why Toll Fraud happens 143
- Tool Fraud Warning Signs 143
- 5-16 Issue 7 June 2001 144
- TIPS to Prevent Toll Fraud 144
- Responsibility 145
- 5-18 Issue 7 June 2001 146
- Toll Fraud Prevention 147
- General Security Measures 147
- 5-20 Issue 7 June 2001 148
- Preventive Measures 148
- ****SECURITY ALERT**** 149
- WARNING: 149
- 5-24 Issue 7 June 2001 152
- Access Feature 152
- Other Security Hints 152
- Educating Users 153
- Educating Operators 153
- 5-26 Issue 7 June 2001 154
- Establishing a Policy 154
- Choosing Passwords 155
- Physical Security 155
- **** SECURITY ALERT **** 164
- 5-40 Issue 7 June 2001 168
- Trunk to Trunk Transfer 169
- Information 169
- General Information 169
- 5-42 Issue 7 June 2001 170
- Caribbean Islands 171
- QUESTIONS TO ASK THE CUSTOMER 171
- 5-44 Issue 7 June 2001 172
- 5-46 Issue 7 June 2001 174
- 5-48 Issue 7 June 2001 176
- 5-50 Issue 7 June 2001 178
- 5-52 Issue 7 June 2001 180
- Issue 7 June 2001 181
- 5-54 Issue 7 June 2001 182
- 5-56 Issue 7 June 2001 184
- 5-58 Issue 7 June 2001 186
- Revised 8/17/00 187
- EXHIBIT 3: Letter from Avaya 187
- MERLIN Plus Communications 188
- PARTNER Plus Communications 190
- System 25 191
- 5-64 Issue 7 June 2001 192
- 5-66 Issue 7 June 2001 194
- Voice Messaging Systems 195
- 6-2 Issue 7 June 2001 196
- DEFINITY ECS, DEFINITY 198
- Facility Restriction Levels 199
- 6-6 Issue 7 June 2001 200
- Station-to-Trunk Restrictions 200
- Class of Restriction 200
- Class of Service 201
- Toll Analysis 201
- Security Measures in the PBX 201
- 6-8 Issue 7 June 2001 202
- 6-10 Issue 7 June 2001 204
- Detecting Voice Mail Fraud 205
- 6-12 Issue 7 June 2001 206
- Call Traffic Report 207
- Trunk Group Report 207
- 6-14 Issue 7 June 2001 208
- Automatic Circuit Assurance 208
- 6-16 Issue 7 June 2001 210
- Unauthorized System Use 210
- Administration Passwords 210
- Trusted Server Security 211
- 6-18 Issue 7 June 2001 212
- System Only) 212
- 6-20 Issue 7 June 2001 214
- Protecting Passwords 215
- 6-22 Issue 7 June 2001 216
- Security Features 216
- Basic Call Transfer 216
- Enhanced Call Transfer 217
- 6-24 Issue 7 June 2001 218
- Transfer Out of the System 218
- Outcalling 218
- 6-26 Issue 7 June 2001 220
- NTUITY System, no 221
- 6-28 Issue 7 June 2001 222
- Limit Outcalling 222
- Protect AMIS Networking 222
- Traffic Reports 223
- Security Measures 225
- 6-32 Issue 7 June 2001 226
- 6-34 Issue 7 June 2001 228
- 6-36 Issue 7 June 2001 230
- 6-38 Issue 7 June 2001 232
- 6-40 Issue 7 June 2001 234
- 6-42 Issue 7 June 2001 236
- Closely Monitor All Mailboxes 236
- Restrict Outcalling 237
- 6-44 Issue 7 June 2001 238
- 6-46 Issue 7 June 2001 240
- 6-48 Issue 7 June 2001 242
- MERLIN LEGEND 242
- 6-50 Issue 7 June 2001 244
- 6-52 Issue 7 June 2001 246
- 6-54 Issue 7 June 2001 248
- MAIL VS Systems 248
- 6-58 Issue 7 June 2001 252
- 6-62 Issue 7 June 2001 256
- Automated Attendant 257
- 7-2 Issue 7 June 2001 258
- 7-4 Issue 7 June 2001 260
- 7-6 Issue 7 June 2001 262
- 7-8 Issue 7 June 2001 264
- 7-10 Issue 7 June 2001 266
- 7-12 Issue 7 June 2001 268
- 7-14 Issue 7 June 2001 270
- Voice Power System 273
- MERLIN II Communications 275
- System R3 275
- PARTNER Attendant 277
- Other Products and Services 279
- 8-2 Issue 7 June 2001 280
- CMS Helplines 280
- CallMaster PC 281
- Multipoint Conferencing Unit 282
- Control System (CRCS) 282
- PassageWay 283
- Telephony Services for 283
- and Windows NT 283
- 8-6 Issue 7 June 2001 284
- 8-8 Issue 7 June 2001 286
- 8-10 Issue 7 June 2001 288
- Call Routing 289
- 9-2 Issue 7 June 2001 290
- Blocking Calls 291
- 10-2 Issue 7 June 2001 292
- 10-4 Issue 7 June 2001 294
- 10-6 Issue 7 June 2001 296
- 10-8 Issue 7 June 2001 298
- 10-10 Issue 7 June 2001 300
- System 75 300
- 10-12 Issue 7 June 2001 302
- 10-14 Issue 7 June 2001 304
- Country Code Length VNI 305
- 10-16 Issue 7 June 2001 306
- Blocking ARS Calls on G3 306
- 10-18 Issue 7 June 2001 308
- Remote Access Example 309
- (DEFINITY ECS, DEFINITY G1 309
- G3, and System 75) 309
- 11-2 Issue 7 June 2001 310
- 11-4 Issue 7 June 2001 312
- DEFINITY ECS 313
- Administering the SVN Feature 314
- Enable/Disable a Login ID 315
- 12-4 Issue 7 June 2001 316
- List the Status of a Login ID 316
- 12-6 Issue 7 June 2001 318
- Attempts 318
- 12-8 Issue 7 June 2001 320
- Component 320
- 12-10 Issue 7 June 2001 322
- 12-12 Issue 7 June 2001 324
- Forced Password Aging 325
- 12-14 Issue 7 June 2001 326
- Changing a Login’s Attributes 327
- 12-16 Issue 7 June 2001 328
- Display a Specified Login 329
- List Logins 329
- Remove a Login 329
- 12-18 Issue 7 June 2001 330
- Changing Your Password 331
- AUDIX Voice Power System 332
- CONVERSANT Voice Information 332
- They don’t match; try again 333
- New password: 333
- End users: 333
- DEFINITY AUDIX System 334
- DEFINITY ECS and DEFINITY G1 335
- DEFINITY G2 336
- Avaya INTUITY System 336
- MERLIN MAIL or MERLIN MAIL-ML 337
- Voice Messaging System 337
- MERLIN MAIL R3, MERLIN LEGEND 338
- Messaging System 338
- PARTNER MAIL System 339
- PARTNER MAIL VS System 339
- System 85 341
- 13-12 Issue 7 June 2001 342
- Toll Fraud Job Aids 343
- 14-2 Issue 7 June 2001 344
- System Security Action Plan 345
- “Phraud” 346
- Appropriately 347
- 14-6 Issue 7 June 2001 348
- Special Security Product and 349
- Service Offers 349
- 15-2 Issue 7 June 2001 350
- Key and Lock Features 350
- Avaya Support 351
- Securing DEFINITY Systems 352
- Security Gateway (ASG) 352
- 15-6 Issue 7 June 2001 354
- (Session Establishment) 354
- 15-8 Issue 7 June 2001 356
- Loss of an ASG Key 356
- Interactions of ASG 356
- Security Measurements 357
- 15-10 Issue 7 June 2001 358
- Logging In With ASG 358
- Maintaining Login IDs 358
- Adding an ASG Login 359
- 15-12 Issue 7 June 2001 360
- ASG Login 360
- Disabling ASG Authentication 361
- Setting Notification Limits 361
- 15-14 Issue 7 June 2001 362
- HackerTracker 363
- Security Tune-Up Service 363
- Toll Fraud Contact List 364
- Product Security Checklists 365
- General Security Procedures 366
- Customer Education 367
- AUDIX, DEFINITY AUDIX and 368
- AUDIX Voice Messaging 368
- System Administration 369
- System Features 369
- Product Monitoring 371
- End-User Education 371
- BasicWorks 372
- Remote Access 373
- PBX Features 373
- 16-10 Issue 7 June 2001 374
- Host PBX 377
- G3, and System 75 378
- 16-18 Issue 7 June 2001 382
- DEFINITY G2 and System 85 384
- DIMENSION PBX System 388
- Remote Access (DISA) 391
- MERLIN MAIL Voice Messaging 396
- End User Education 397
- 16-40 Issue 7 June 2001 404
- 16-42 Issue 7 June 2001 406
- 16-44 Issue 7 June 2001 408
- Multimedia Communications 409
- Exchange Server 409
- 16-48 Issue 7 June 2001 412
- ESM Security Checklist 412
- Networking Features 417
- 16-54 Issue 7 June 2001 418
- PARTNER, PARTNER II, and 420
- PARTNER Plus 420
- Communications Systems, and 420
- PARTNER Advanced 420
- Communications System (ACS) 420
- 16-58 Issue 7 June 2001 422
- Release 1 and later 423
- 16-60 Issue 7 June 2001 424
- PARTNER MAIL, PARTNER MAIL 425
- VS, and 425
- 16-62 Issue 7 June 2001 426
- PassageWay Telephony Services 430
- 16-68 Issue 7 June 2001 432
- Access Control 433
- 16-70 Issue 7 June 2001 434
- Systems Security Tools by 435
- 17-2 Issue 7 June 2001 436
- Issue 7 June 2001 17-3 437
- (Continued) 437
- Continued on next page 437
- 17-4 Issue 7 June 2001 438
- Issue 7 June 2001 17-5 439
- 17-6 Issue 7 June 2001 440
- Issue 7 June 2001 17-7 441
- 17-8 Issue 7 June 2001 442
- Issue 7 June 2001 17-9 443
- 17-10 Issue 7 June 2001 444
- Non-supported Products 445
- 18-2 Issue 7 June 2001 446
- Glossary 447
- GL-2 Issue 7 June 2001 448
- Issue 7 June 2001 GL-3 449
- GL-4 Issue 7 June 2001 450
- Issue 7 June 2001 GL-5 451
- GL-6 Issue 7 June 2001 452
- Issue 7 June 2001 GL-7 453
- GL-8 Issue 7 June 2001 454
- Issue 7 June 2001 GL-9 455
- GL-10 Issue 7 June 2001 456
- Issue 7 June 2001 GL-11 457
- GL-12 Issue 7 June 2001 458
- Numerics 459
- IN-2 Issue 7 June 2001 460
- IN-4 Issue 7 June 2001 462
- IN-6 Issue 7 June 2001 464
- IN-8 Issue 7 June 2001 466
- IN-10 Issue 7 June 2001 468
- IN-12 Issue 7 June 2001 470
Manuais e produtos relacionados com Redes AT&T DEFINITY Remote Port Security Device
Redes AT&T Definity Callmaster I Manual de Instruções
(186 páginas)
(186 páginas)
Redes AT&T Definity Callmaster II Manual do Utilizador
(150 páginas)
(150 páginas)
Redes AT&T Definity 6211 Manual de Instruções
(236 páginas)
(236 páginas)
Redes AT&T StarLAN 10 Manual de Instruções
(456 páginas)
(456 páginas)
Redes AT&T DEFINITY 7100 series Manual do Utilizador
(111 páginas)
(111 páginas)
Redes AT&T StarLAN 10 Manual de Instruções
(613 páginas)
(613 páginas)
Redes AT&T 6550G Manual do Utilizador
(39 páginas)
(39 páginas)
Redes AT&T Definity 6416D+M Manual do Utilizador
(14 páginas)
(14 páginas)
Redes AT&T Definity TN500 Manual de Instruções
(268 páginas)
(268 páginas)
Redes AT&T Definity 8434DX Guia do Utilizador
(21 páginas)
(21 páginas)
Redes AT&T DEFINITY 7200 series Guia do Utilizador
(348 páginas)
(348 páginas)
Redes AT&T 6424D+M Especificações
(242 páginas)
(242 páginas)
Redes AT&T SB67030 Guia do Utilizador
(258 páginas)
(258 páginas)
Redes AT&T Definity 6408D+ Manual de Instruções
(50 páginas)
(50 páginas)
Redes AT&T Definity 8410D Manual do Utilizador
(31 páginas)
(31 páginas)
Redes AT&T Definity 6221 Manual de Instruções
(158 páginas)
(158 páginas)
Redes AT&T PLUG&SHARE 6602G Manual do Utilizador
(8 páginas)
(8 páginas)
Redes AT&T 8102 Especificações
(4 páginas)
(4 páginas)
© 2020, manymanuals-pt.com. Todos os direitos reservados. | 0.052 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentários a estes Manuais