Better Music Builder VM-82U G3 Instruction Manual Page 355
- Page / 484
- Table of contents
- BOOKMARKS
Rated. / 5. Based on customer reviews
System security action plan
Issue 9 May 2003
15-3
System security action plan
Figure 15-1. System security action plan
Educate end users Establish port security procedures
Secure the administration system Perform security monitoring
The first step customers should take in
tightening the security of their systems
is to increase end-users’ awareness of
the system’s security features and
vulnerabilities.
Develop and implement a toll fraud detection
and reaction plan with all employees.
Train users on remote access responsibilities
and security procedures.
Establish and maintain security policies
regarding password/authorization code
protection.
Once you have established an effective
Control administrative access passwords,
and change them frequently.
Never store administrative port numbers or
passwords as part of a connection “script.”
Use Remote Port Security Device to “lock-up”
administrative ports.
Monitor call detail records and “800 service”
billing records for unusual activity.
Monitor “invalid login attempt” activity levels
on remote access and administration ports.
Establish thresholds and monitor port and
trunk activity levels.
port security plan, you need to protect it.
Management of the access into adminis-
trative and maintenance capabilities is an
important part of the total System Security
Plan.
System Security Monitoring plays a
critical role in a customer’s overall
security scheme. By monitoring
system security precautions already
taken, customers can react quickly
to any potential threat detected.
Use passwords, authorization codes, and
barrier codes. Set them to maximum length
Assign calling privilege restriction levels to
users on a need-to-call basis.
Block off-hours and weekend calling privileges,
or use alternate restriction levels when possible.
and change them frequently.
Customers must establish security
measures to manage and control
access to the ports into the communication
system. The security measures should
also control the calling privileges users
will have access to.
- Handbook 1
- Contents 10
- About this document 25
- 1-2 Issue 9 May 2003 26
- Reason for reissue 27
- Intended audience 27
- How this guide is organized 28
- 1-6 Issue 9 May 2003 30
- Avaya/customer security 31
- 1-8 Issue 9 May 2003 32
- Related resources 33
- 1-10 Issue 9 May 2003 34
- Avaya security offerings 34
- Related documentation 35
- Trademarks 36
- Sending us comments 36
- Introduction 37
- Who is the enemy? 38
- What is in a loss? 39
- Known toll fraud activity 40
- Voice mail 41
- 2-6 Issue 9 May 2003 42
- — Call diverters 43
- — Beeper and/or pager scam 43
- 2-8 Issue 9 May 2003 44
- IP security 45
- Mission-critical assets 46
- Control networks 46
- Firewalls and routing 46
- Customer-managed applications 46
- Administration and management 47
- Software patches and upgrades 47
- Additional information 48
- Security risks 49
- Remote access 50
- Other port security risks 51
- 4-6 Issue 9 May 2003 54
- General security measures 56
- Security goals tables 58
- 4-12 Issue 9 May 2003 60
- 4-14 Issue 9 May 2003 62
- 4-16 Issue 9 May 2003 64
- 4-18 Issue 9 May 2003 66
- 4-20 Issue 9 May 2003 68
- 5-2 Issue 9 May 2003 70
- 5-4 Issue 9 May 2003 72
- Barrier codes 73
- 5-6 Issue 9 May 2003 74
- 5-8 Issue 9 May 2003 76
- Authorization codes 76
- Trunk administration 77
- 5-12 Issue 9 May 2003 80
- Command: status remote-access 80
- Logoff screen notification 80
- 5-14 Issue 9 May 2003 82
- 5-16 Issue 9 May 2003 84
- 5-18 Issue 9 May 2003 86
- Facility restriction level 87
- Toll analysis (G3 only) 87
- 5-20 Issue 9 May 2003 88
- Free call list 88
- AAR/ARS analysis 88
- ARS dial tone 88
- Station restrictions 88
- 5-22 Issue 9 May 2003 90
- Central office restrictions 90
- 5-24 Issue 9 May 2003 92
- Forced entry of account code 92
- DEFINITY G2.2 and G3) 92
- Digit conversion 93
- Station security codes 93
- Personal station access 93
- 5-26 Issue 9 May 2003 94
- 5-30 Issue 9 May 2003 98
- Fully restrict service 99
- 5-32 Issue 9 May 2003 100
- 5-34 Issue 9 May 2003 102
- Block international calling 102
- Limit international calling 103
- 5-36 Issue 9 May 2003 104
- 5-38 Issue 9 May 2003 106
- Disable facility test calls 108
- 5-40 Issue 9 May 2003 108
- CAUTION: 109
- 5-42 Issue 9 May 2003 110
- Limit access to tie trunks 113
- Require account codes 115
- 5-48 Issue 9 May 2003 116
- Remove data origination code 116
- Detecting toll fraud 118
- Administration security 119
- Logins for INADS port 119
- 5-52 Issue 9 May 2003 120
- 5-54 Issue 9 May 2003 122
- Monitor I 123
- 5-56 Issue 9 May 2003 124
- ARS measurement selection 124
- Automatic circuit assurance 124
- 5-58 Issue 9 May 2003 126
- DEFINITY G1 and G3) 126
- CMS measurements 126
- 5-60 Issue 9 May 2003 128
- 5-62 Issue 9 May 2003 130
- 5-64 Issue 9 May 2003 132
- 5-66 Issue 9 May 2003 134
- (DEFINITY G3V3 and Later) 135
- 5-68 Issue 9 May 2003 136
- ECS, and DEFINITY G1 and G3) 136
- Malicious call trace 136
- Service observing 137
- 5-70 Issue 9 May 2003 138
- Busy verification 138
- List call-forwarding command 138
- 6-2 Issue 9 May 2003 140
- 6-4 Issue 9 May 2003 142
- Security tips 143
- 6-6 Issue 9 May 2003 144
- MERLIN LEGEND Communications 145
- 6-8 Issue 9 May 2003 146
- Preventive measures 146
- Protection via star codes and 147
- 6-10 Issue 9 May 2003 148
- Default disallowed list 148
- Security defaults and tips 149
- 6-12 Issue 9 May 2003 150
- 6-14 Issue 9 May 2003 152
- Why toll fraud happens 153
- Tool fraud warning signs 153
- 6-16 Issue 9 May 2003 154
- Tips to prevent toll fraud 154
- Responsibility 155
- 6-18 Issue 9 May 2003 156
- Toll fraud prevention 157
- 6-20 Issue 9 May 2003 158
- ****SECURITY ALERT**** 159
- WARNING: 159
- 6-22 Issue 9 May 2003 160
- 6-24 Issue 9 May 2003 162
- Access feature 162
- Other security hints 162
- Educating users 163
- Educating operators 163
- 6-26 Issue 9 May 2003 164
- Establishing a policy 164
- Choosing passwords 165
- Physical security 165
- 6-34 Issue 9 May 2003 172
- **** SECURITY ALERT **** 173
- 6-40 Issue 9 May 2003 178
- Trunk-to-trunk transfer 178
- General information 178
- 6-42 Issue 9 May 2003 180
- Caribbean Islands 180
- Questions to ask the customer 180
- 4. Published 8/30/00 181
- 6-44 Issue 9 May 2003 182
- 5. Published 8/30/00 183
- 6. Published 8/30/00 183
- 6-46 Issue 9 May 2003 184
- 6-48 Issue 9 May 2003 186
- Issue 9 May 2003 189
- 6-52 Issue 9 May 2003 190
- 6-54 Issue 9 May 2003 192
- 6-56 Issue 9 May 2003 194
- Dear _____ 196
- MERLIN Plus Communications 197
- 6-60 Issue 9 May 2003 198
- PARTNER Plus Communications 199
- System 25 200
- 6-64 Issue 9 May 2003 202
- Voice messaging systems 203
- 7-2 Issue 9 May 2003 204
- Communication Manager 206
- MultiVantage Software 206
- DEFINITY ECS, DEFINITY 206
- System 75,and System 85 206
- 7-6 Issue 9 May 2003 208
- Facility restriction levels 208
- Station-to-trunk restrictions 208
- Class of restriction 209
- Class of service 209
- Toll analysis 209
- 7-8 Issue 9 May 2003 210
- Security measures in the PBX 210
- 7-10 Issue 9 May 2003 212
- 7-12 Issue 9 May 2003 214
- Detecting voice mail fraud 214
- 7-14 Issue 9 May 2003 216
- Call Traffic report 216
- Trunk Group report 216
- 7-16 Issue 9 May 2003 218
- Unauthorized system use 218
- Administration passwords 219
- 7-18 Issue 9 May 2003 220
- Trusted server security 220
- System only) 221
- 7-20 Issue 9 May 2003 222
- Value Outgoing Call Type 223
- 7-22 Issue 9 May 2003 224
- Protecting passwords 224
- Security features 225
- Basic call transfer 225
- 7-24 Issue 9 May 2003 226
- Enhanced call transfer 226
- Transfer out of the system 227
- Outcalling 227
- NTUITY System, use the 229
- NTUITY System, no 229
- 7-28 Issue 9 May 2003 230
- Limit outcalling 231
- Protect AMIS networking 231
- 7-30 Issue 9 May 2003 232
- Traffic reports 232
- 7-32 Issue 9 May 2003 234
- Security measures 234
- 7-34 Issue 9 May 2003 236
- 7-36 Issue 9 May 2003 238
- 7-42 Issue 9 May 2003 244
- Closely monitor all mailboxes 245
- 7-44 Issue 9 May 2003 246
- Restrict outcalling 246
- 7-46 Issue 9 May 2003 248
- 7-48 Issue 9 May 2003 250
- MERLIN LEGEND 251
- Messaging 2000 System 252
- Messages 253
- 7-52 Issue 9 May 2003 254
- 7-54 Issue 9 May 2003 256
- MAIL VS systems 257
- 7-56 Issue 9 May 2003 258
- 7-58 Issue 9 May 2003 260
- 7-62 Issue 9 May 2003 264
- Automated attendant 265
- 8-2 Issue 9 May 2003 266
- 8-4 Issue 9 May 2003 268
- 8-6 Issue 9 May 2003 270
- 8-8 Issue 9 May 2003 272
- 8-10 Issue 9 May 2003 274
- 8-12 Issue 9 May 2003 276
- Call detail recording 277
- 8-14 Issue 9 May 2003 278
- Voice session record 278
- ■ Failed login attempts 279
- ■ Calls to strange places 279
- Voice Power System 281
- MERLIN II Communications 283
- System R3 283
- PARTNER Attendant 285
- Other products and services 287
- 9-2 Issue 9 May 2003 288
- CMS helplines 288
- CallMaster PC 289
- Multipoint Conferencing Unit 290
- Control System (CRCS) 290
- PassageWay 291
- Telephony Services for 291
- NetWare and Windows NT 291
- 9-6 Issue 9 May 2003 292
- 9-8 Issue 9 May 2003 294
- 9-10 Issue 9 May 2003 296
- Call routing 297
- 10-2 Issue 9 May 2003 298
- Blocking calls 299
- 11-2 Issue 9 May 2003 300
- 11-4 Issue 9 May 2003 302
- 11-6 Issue 9 May 2003 304
- 11-8 Issue 9 May 2003 306
- 11-10 Issue 9 May 2003 308
- System 75 309
- 11-12 Issue 9 May 2003 310
- 11-14 Issue 9 May 2003 312
- 11-16 Issue 9 May 2003 314
- Blocking ARS calls on G3 315
- 11-18 Issue 9 May 2003 316
- 0 and the country code to 317
- 11-20 Issue 9 May 2003 318
- Remote access example 319
- (Communication Manager 319
- DEFINITY ECS, DEFINITY G1 319
- G3, and System 75) 319
- 12-2 Issue 9 May 2003 320
- 12-4 Issue 9 May 2003 322
- Administering features of the 323
- DEFINITY G3V3 and later 323
- Administering the SVN feature 324
- Enable/disable a login ID 325
- 13-4 Issue 9 May 2003 326
- List the status of a login ID 326
- ■ Login Threshold 327
- ■ Time Interval 327
- ■ Announcement Extension 327
- 13-6 Issue 9 May 2003 328
- N Attempts feature 328
- 13-8 Issue 9 May 2003 330
- 13-10 Issue 9 May 2003 332
- ■ Remote Access Extension 333
- ■ Barrier Code Length 333
- ■ Remote Access Dial Tone 333
- 13-12 Issue 9 May 2003 334
- 13-14 Issue 9 May 2003 336
- Changing a login’s attributes 337
- 13-16 Issue 9 May 2003 338
- Display a specified login 339
- List logins 339
- 13-18 Issue 9 May 2003 340
- Remove a login 340
- Changing your password 341
- AUDIX Voice Power System 342
- CONVERSANT Voice Information 342
- They don’t match; try again 343
- New password: 343
- Enter to continue 343
- DEFINITY AUDIX System 344
- ECS and DEFINITY G1 and G3 345
- DEFINITY G2 346
- Avaya INTUITY System 346
- MERLIN MAIL or MERLIN MAIL-ML 347
- Voice Messaging System 347
- MERLIN MAIL R3, MERLIN LEGEND 348
- Messaging System 348
- PARTNER MAIL System 349
- PARTNER MAIL VS System 349
- System 85 351
- 14-12 Issue 9 May 2003 352
- Toll fraud job aids 353
- 15-2 Issue 9 May 2003 354
- System security action plan 355
- 15-4 Issue 9 May 2003 356
- 15-6 Issue 9 May 2003 358
- Special security product and 359
- 16-2 Issue 9 May 2003 360
- Key and lock features 360
- Securing DEFINITY systems 362
- Security Gateway 362
- 16-6 Issue 9 May 2003 364
- (session establishment) 364
- 16-8 Issue 9 May 2003 366
- Loss of an ASG key 366
- Interactions of ASG 366
- ■ Security measurements 367
- 16-10 Issue 9 May 2003 368
- Logging in with ASG 368
- Maintaining login IDs 368
- Adding an ASG login 369
- 16-12 Issue 9 May 2003 370
- ASG login 370
- Disabling ASG authentication 371
- Setting notification limits 371
- 16-14 Issue 9 May 2003 372
- Avaya support 373
- HackerTracker 373
- Security Tune-Up Service 373
- Toll fraud contact list 374
- Product security checklists 375
- General security procedures 376
- Customer Education 377
- AUDIX, DEFINITY AUDIX and 378
- AUDIX voice messaging 378
- System Administration 379
- System Features 379
- Product Monitoring 381
- End-User Education 381
- BasicWorks 382
- Remote Access 383
- PBX Features 383
- Trunking 383
- 17-10 Issue 9 May 2003 384
- Host PBX 387
- G3, and System 75 388
- 17-16 Issue 9 May 2003 390
- COS Trunk-to-Trunk 391
- Restriction Override 391
- 17-18 Issue 9 May 2003 392
- Restrict call forwarding 393
- DEFINITY G2 and System 85 394
- 17-22 Issue 9 May 2003 396
- DIMENSION PBX System 398
- 17-26 Issue 9 May 2003 400
- Remote Access (DISA) 401
- Voice Mail 401
- 17-28 Issue 9 May 2003 402
- 17-30 Issue 9 May 2003 404
- MERLIN MAIL Voice Messaging 406
- Automated Attendant 407
- End User Education 407
- 17-34 Issue 9 May 2003 408
- 17-36 Issue 9 May 2003 410
- 17-38 Issue 9 May 2003 412
- 17-40 Issue 9 May 2003 414
- Enable Password Security 415
- Login Attempts 415
- Login Notification 415
- 17-42 Issue 9 May 2003 416
- 17-44 Issue 9 May 2003 418
- Multimedia Communications 419
- Exchange Server 419
- /Conference Reservation and 420
- Control System 420
- 17-48 Issue 9 May 2003 422
- ESM security checklist 422
- Host MSM 423
- 17-50 Issue 9 May 2003 424
- CRCS Security Checklist 424
- MSM security checklist 425
- 17-52 Issue 9 May 2003 426
- Networking Features 427
- 17-54 Issue 9 May 2003 428
- Miscellaneous 429
- PARTNER, PARTNER II, and 430
- PARTNER Plus 430
- PARTNER Advanced 430
- Communications System (ACS) 430
- 17-58 Issue 9 May 2003 432
- 17-60 Issue 9 May 2003 434
- PARTNER MAIL, PARTNER MAIL 435
- VS, and 435
- 17-62 Issue 9 May 2003 436
- 17-64 Issue 9 May 2003 438
- PassageWay Telephony Services 440
- Guidelines followed for 441
- (See PassageWay customer 441
- 17-68 Issue 9 May 2003 442
- Access Control 443
- For Windows NT only: 443
- 17-70 Issue 9 May 2003 444
- Large business communications 445
- 18-2 Issue 9 May 2003 446
- Issue 9 May 2003 18-3 447
- — Continued 447
- Continued on next page 447
- 18-4 Issue 9 May 2003 448
- Issue 9 May 2003 18-5 449
- 18-6 Issue 9 May 2003 450
- Issue 9 May 2003 18-7 451
- 18-8 Issue 9 May 2003 452
- Issue 9 May 2003 18-9 453
- 18-10 Issue 9 May 2003 454
- Non-supported products 455
- As of September 30, 2000 456
- As of December 31, 1999 456
- Links to additional security 457
- Web sites 458
- Glossary 459
- Issue 9 May 2003 (draft) 460
- Numerics 471
- IN-2 Issue 9 May 2003 (draft) 472
- IN-4 Issue 9 May 2003 (draft) 474
- IN-6 Issue 9 May 2003 (draft) 476
- IN-8 Issue 9 May 2003 (draft) 478
Related products and manuals for Microphones Better Music Builder VM-82U G3
(20 pages)© 2020, manymanuals.com. All rights reserved. | 5.632 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comments to this Manuals