Home
>
Lucent Technologies
>
Communications System
>
Lucent Technologies BCS Products Security Handbook Instructions Manual
Lucent Technologies BCS Products Security Handbook Instructions Manual
Here you can view all the pages of manual Lucent Technologies BCS Products Security Handbook Instructions Manual. The Lucent Technologies manuals for Communications System are available online for free. You can easily download all the documents as PDF.
Page 41
BCS Products Security Handbook 555-025-600 Issue 6 December 1997 Security Risks Page 2-11 Security Goals Tables 2 Prevent unauthorized outgoing calls (continued)Restrict phones from making outbound callsAttendant- Controlled voice terminals (G2 and System 85 only)Place phones in attendant- controlled group Limit outgoing calls FRLs Restrict tie trunk usage Deny access to AAR/ARS/WCR Authorization codesSet to maximum length Set FRL on COR Limit calling permissionsCOS (G2 and System 85...
Page 42
BCS Products Security Handbook 555-025-600 Issue 6 December 1997 Security Risks Page 2-12 Security Goals Tables 2 1. Methods are listed in decreasing order of importance, relative to security. 2. Basic transfer with Transfer Restriction = Digits allows access to dial tone.Prevent exit from Voice Messaging SystemLimit calling permissionsCOR (G1, G3, and System 75 only)Set low FRL Set calling party restrictions or outward restrictions Set COR to COR restrictions COS (G2 and System 85 only)Set...
Page 43
BCS Products Security Handbook 555-025-600 Issue 6 December 1997 Security Risks Page 2-13 Security Goals Tables 2 Table 2-2. Security Goals: MERLIN II, MERLIN LEGEND, MERLIN Plus, and System 25 Communications Systems Security Goal Method Security Tool Steps Protect Remote Access featureLimit access Barrier codes Set max length Authorization codes (MERLIN LEGEND Communications System R3 only)Set max length Turn off Remote Access when not neededRemote Access administrationDeactivate feature...
Page 44
BCS Products Security Handbook 555-025-600 Issue 6 December 1997 Security Risks Page 2-14 Security Goals Tables 2 Protect Remote System ProgrammingRequire password to access system programmingSystem Programming password (MERLIN LEGEND Communications System and System 25 only)Set password Protect Remote Call ForwardingSet limit for how long a forwarded call can lastAutomatic Timeout (MERLIN Plus Communications System R2 only)Administer a time limit Turn off remote call forwarding...
Page 45
BCS Products Security Handbook 555-025-600 Issue 6 December 1997 Security Risks Page 2-15 Security Goals Tables 2 Prevent unauthorized use of facilitiesLimit access to ARS route patternsFRLs Set lowest possible value Restrict who can use outcallingCOS (MERLIN MAIL, MERLIN MAIL-ML, and MERLIN MAIL R3 Voice Messaging Systems only)Select a COS that does not permit outcalling Prevent theft of information via Voice Messaging SystemAssign secure passwordsPasswords Encourage users to...
Page 46
BCS Products Security Handbook 555-025-600 Issue 6 December 1997 Security Risks Page 2-16 Security Goals Tables 2 1. The risk of toll fraud applies only if the Remote Administration Unit (RAU) is installed with the PARTNER II or PARTNER Plus Communications System. Table 2-3. Security Goals: PARTNER II and PARTNER Plus Communications Systems Security Goal Method Security Tool Steps Protect Remote Access1Do not use unattended modeAttended mode (RAU)None (Attended mode is system default) Prevent...
Page 47
Large Business Communications Systems Page 3-1 3 BCS Products Security Handbook 555-025-600 Issue 6 December 1997 3 3Large Business Communications Systems This chapter provides information on protecting the following: nDEFINITY ECS Release 5 and later nDEFINITY Communications Systems nSystem 75 nSystem 85 The first section of this chapter, ‘‘ Keeping Unauthorized Third Parties from Entering the System’’ details the major ways third parties enter the system and tells how to keep them from doing...
Page 48
BCS Products Security Handbook 555-025-600 Issue 6 December 1997 Large Business Communications Systems Page 3-2 Keeping Unauthorized Third Parties from Entering the System 3 Keeping Unauthorized Third Parties from Entering the System How Third Parties Enter the System The major ways in which unauthorized third parties gain entry into the system are as follows: nRemote Access nRemote Maintenance Port nVectors nTransfers from adjunct systems, including voice mail systems, call prompters, and voice...
Page 49
BCS Products Security Handbook 555-025-600 Issue 6 December 1997 Large Business Communications Systems Page 3-3 Keeping Unauthorized Third Parties from Entering the System 3 nRequire maximum length barrier codes and authorization codes. For System 75 R1V1 and R1V2, require the entry of a barrier code. For System 85 and releases of DEFINITY G2.1 and G2.2 prior to 3.0, require either a barrier code or an authorization code. For DEFINITY G2 and System 85, require the entry of 11 digits (4-digit...
Page 50
BCS Products Security Handbook 555-025-600 Issue 6 December 1997 Large Business Communications Systems Page 3-4 Keeping Unauthorized Third Parties from Entering the System 3 *For ASAI, see the applicable product feature description. Barrier Codes Figure 3-1 illustrates how barrier codes and/or authorization codes can provide added security for Remote Access calls. Refer to this flowchart as necessary throughout the sections on Barrier Codes and Authorization Codes. Table 3-1. Security Tools for...