Home > Lucent Technologies > Communications System > Lucent Technologies BCS Products Security Handbook Instructions Manual

Lucent Technologies BCS Products Security Handbook Instructions Manual

    Download as PDF Print this page Share this page

    Have a look at the manual Lucent Technologies BCS Products Security Handbook Instructions Manual online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 413 Lucent Technologies manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.

    							Other Products and Services 
    Page 7-1 Call Management System (R3V4) 
    7
    BCS Products
    Security Handbook  
    555-025-600  Issue 6
    December 1997
    7
    7Other Products and Services
    This chapter contains security information for Lucent Technologies products other 
    than PBXs and adjuncts that have become available since Issue 2 of this 
    handbook. For information on the Lucent Technologies I
    NTUITY System and the 
    PARTNER MAIL VS System, which have also become available since the last 
    issue of the handbook, see Chapter 5.
    Call Management System (R3V4)
    Call Management System (R3V4) is an MIS system for Call Centers that provides 
    real time and historical data about the status and performance of a customer’s call 
    including information about agents, trunks, trunk groups, splits/skills, busy hours, 
    forecasts, and so on. The application currently resides on personal computer 
    platforms as an adjunct to the Lucent Technologies DEFINITY ECS and 
    DEFINITY Communications Systems.
    Security could be breached if a customer adds modems to the platform for 
    supervisor access from remote locations. If access to UNIX is allowed, and the 
    modems and station lines from the PBX are not secured, it would be possible to 
    make data calls to other computers via the platform. If the customer has modem 
    access to CMS, then the possibility for toll fraud exists if a hacker can get into the 
    switch from CMS.
    Security Tips
    The following considerations are for the CMS administrator. 
    nWhen setting up the ports, modems should be defined in UNIX (using the 
    FACE administration tool) for INBOUND access only. 
    						
    							BCS Products
    Security Handbook  
    555-025-600  Issue 6
    December 1997
    Other Products and Services 
    Page 7-2 Call Management System (R3V4) 
    7
    nIf station lines are used for the modems, the COS or COR should be set to 
    disallow outbound dialing capabilities.
    nSwitchhook flash and distinctive audible alert should be set to no on the 
    station forms.
    nRemote users should not have access to UNIX via the CMS application. 
    Restrict access by means of the User Permissions feature of CMS.
    For additional information on administering CMS, refer to the following 
    documents:
    nCall Management System R3V4 Administration, 585-215-800
    nCall Management System R3V2 Installation and Maintenance, 
    585-215-122 
    nCentreVu™ Call Management System Release 3 Version 4 Sun® 
    SPARCserver™ Computers Installation and Maintenance
    , Issue 1, 
    585-215-807 
    nCMS R3.0 Installation and Maintenance WGS, 585-215-112
    For switch restrictions, consult the applicable chapter in this guide as well as the 
    applicable switch administration manual for the pertinent PBX.
    CMS Helplines
    If an installation problem that requires assistance arises, Lucent Technologies 
    technicians or the customer may call the appropriate number:
    nCustomer Number: 1 800 344-9670
    The problem will be reported, and a trouble ticket will be generated so that 
    the problem can be escalated through the services organization. The 
    customer will be prompted to identify the type of problem (for example, 
    ACD, hardware, CMS R3V4, etc.). The customer will then be connected to 
    the appropriate service organization.
    nTechnician Number: 1 800 248-1234
    The technician should provide the TSC personnel with the customer’s 
    name, the password for the root login ID on the Sun SPARCserver 
    computer, the phone number of the dial-in port, and a description of the 
    problem. If the TSC engineers cannot resolve the problem, they will 
    escalate it to the customer support organization for Lucent Technologies.
    For international support, contact your Lucent Technologies representative or 
    distributor for more information. 
    						
    							BCS Products
    Security Handbook  
    555-025-600  Issue 6
    December 1997
    Other Products and Services 
    Page 7-3 CallMaster PC 
    7
    CallMaster PC
    CallMaster PC, a software application used with the DEFINITY ECS, gives Call 
    Center agents and supervisors the ability to access and control their CallMaster or 
    CallMaster II telephone sets through a Microsoft Windows™-compatible PC. If 
    Call Center employees use Remote Access software such as Norton 
    pcANYWHERE
    ® software or Microcom’s Carbon Copy Plus™ for Windows, or 
    similar software that allows applications to run on their PC from a remote location, 
    their system might be susceptible to toll fraud, as follows:
    An agent dials in from home, provides a password (if required), and may then use 
    any software, including CallMaster PC, on the remote computer. If a hacker can 
    crack the password for the remote software, he or she can access the remote 
    computer, run the victim’s CallMaster PC on it, and set up a conference call 
    between the hacker’s phone and another phone, at the company’s expense.
    Security Tips
    Warn customers with Remote Access software that they must administer the 
    software’s password protection to prevent unauthorized access to the computer, 
    and they should change the password frequently.
    For additional information, refer to the 
    CALLMASTER PC User’s Guide (shipped 
    with the unit; not available from the BCS Publication Center), and the 
    documentation for any Remote Access software you use. 
    						
    							BCS Products
    Security Handbook  
    555-025-600  Issue 6
    December 1997
    Other Products and Services 
    Page 7-4 Multipoint Conferencing Unit (MCU)/Conference Reservation and Control System 
    7
    Multipoint Conferencing Unit
    (MCU)/Conference Reservation and
    Control System (CRCS)
    The MCU has a DEFINITY ECS-based architecture. The primary component of 
    the MCU is the Multimedia Server Module (MSM), which is similar to the most 
    basic version of the DEFINITY ECS Processor Port Network (PPN). MSM security 
    concerns are similar to those for the DEFINITY ECS (including, for example, 
    trunking, COR, and COS). Therefore, refer to the appropriate sections in this 
    document regarding the DEFINITY ECS for more information on MSM security.
    The MCU system includes two possible adjuncts: the Expansion Services Module 
    (ESM) and the Conference Reservation and Control System (CRCS). 
    The ESM is a data conferencing module that communicates with the MSM. The 
    ESM does not provide network access and is therefore not a source of toll fraud; 
    however, the ESM requires proper password management on the part of system 
    administrators and users to preserve the functionality of the ESM.
    CRCS is the automated conference reservation and control system for the MCU 
    product. CRCS is in part an extension of the DEFINITY SAT; therefore, once 
    CRCS is installed, CRCS server and client logins should be set with passwords 
    immediately. Also, ensure that CRCS is installed in a secure area or room that can 
    be locked.
    PassageWay®Telephony Services for
    NetWare® and Windows NT®
    NOTE:
    The following information applies to PassageWay Telephony Services 
    connected to either the DEFINITY ECS or MERLIN LEGEND driver.
    The PassageWay Telephony Services product provides computer/telephony 
    integration for applications running in a Novell NetWare or a Microsoft Windows 
    NT Local Area Network (LAN) environment. These applications may be able to 
    control phones on a PBX, monitor phones, monitor calls passing through ACD 
    splits and VDNs, and invoke PBX features on behalf of station set users. Different 
    switches provide different capabilities to applications. 
    The major components of the PassageWay Telephony Services product are as 
    follows:
    nPBX driver: Interfaces the other product components in this list to a specific 
    vendors PBX  
    						
    							BCS Products
    Security Handbook  
    555-025-600  Issue 6
    December 1997
    Other Products and Services 
    Page 7-5 PassageWay®Telephony Services for NetWare® and Windows NT® 
    7
    nTelephony Server Main Module (TSERVER NLM: for NetWare or 
    TSERV.EXE: for Windows NT): Enforces license restrictions, provides a 
    security database to manage user permissions, and provides connectivity 
    between client applications and PBX drivers 
    nAdministration Application: Administers the Security Database, a Windows 
    PC application that runs on a LAN client PC.
    nTelephony Services API (TSAPI): Provides a programming interface for 
    applications. Client libraries make the programming interface available in 
    application environments, which may include Windows 3.1 and 3.11, 
    Windows for Workgroups, Win 95, Windows NT, OS/2
    ®, HP-UX, 
    Macintosh, Unixware, and Netware. 
    The PassageWay Telephony Services product may be vulnerable to toll fraud if 
    the Telephony Server is not configured and administered properly. For example, 
    even if the switch provides restrictions, the PassageWay Telephony Server 
    administration may allow an end user to monitor and control phones other than 
    their own.
    Security Tips
    The following tips are for the PassageWay Telephony Server administrator. 
    nWhen the product is installed, do the following:
    For Netware only: 
    nUse the NetWare Administrator feature (NetWare 4.10 and 4.11) or 
    SYSCON utility (NetWare 3.12) to set the appropriate login and 
    password restrictions (for example, require users to have passwords 
    with a minimum length of 7 characters, enable password aging, and 
    so forth).
    nUse the NetWare Administrator feature (NetWare 4.10 and 4.11) or 
    SYSCON utility (NetWare 3.12) to enable the Intruder Detection 
    feature and to lock accounts after several invalid login attempts 
    have been made.
    nEnable the “Restrict users to Home Worktop” feature.
    For Windows NT only: 
    nDisable the “Extended Worktop Access” feature.
    nTake full advantage of Windows NT user manager administration, 
    including password options.
    nTake full advantage of Windows NT event log (for example, for 
    monitoring failed login attempts).
    nEducate administrative personnel about the capabilities of the 
    PassageWay Telephony Server. Administrators must understand that the 
    programming interface provides “third party control” capabilities. These 
    capabilities allow an end user application to monitor and control phones  
    						
    							BCS Products
    Security Handbook  
    555-025-600  Issue 6
    December 1997
    Other Products and Services 
    Page 7-6 PassageWay®Telephony Services for NetWare® and Windows NT® 
    7
    other than the users to the extent that the PassageWay Telephony 
    Servers Security database will permit. Therefore, administrators must be 
    familiar with the procedures in the 
    PassageWay® Telephony Services: 
    NetWare Managers Guide
     and in the PassageWay® Telephony Services 
    for Windows NT® Network Manager’s Guide that regulate what features a 
    user may request and the phones and other devices for which a user may 
    request a feature.
    nThere is little need for a “Device Group” that contains all devices, except 
    perhaps for tracking, billing, or a similar application. The presence of such 
    groups may be an indicator of unauthorized control, monitoring, or other 
    security problem. Limit the use of these groups to those who need them.
    nSimilarly, minimize the use of the “exception list” feature in defining Device 
    Groups. An exception list gives permission to operate on all devices except 
    those explicitly named; therefore, an exception list is often a large Device 
    Group and has the same vulnerabilities as a Device Group containing all 
    devices.
    nPassageWay Telephony Server administrators should be aware of switch 
    Class of Service (COS) and Class of Restriction (COR) assignments and 
    should not define Device Groups that allow applications to use Third party 
    call control to originate from an unrestricted phone and then transfer the 
    call to a restricted phone. Such programs might also act as agents for 
    setting up trunk to trunk calls (where permitted by the PBX) from phones 
    other than the requesting user’s phone. 
    nSince a user with PassageWay Telephony Server administration privileges 
    can open an administrative door to toll fraud just as a DEFINITY ECS or 
    MERLIN LEGEND administrator can, protect administrative privileges for 
    the PassageWay Telephony Server as closely as switch administrative 
    restrictions.
    nPassageWay Telephony Server Administration permissions should be 
    given only to a small number of trusted users since a user with 
    administration privileges may grant other users full administration 
    privileges. Only give users the privileges they need.
    nAny PBX used in a development environment should not be connected to 
    the public network (or networked with general use PBXs) since 
    development environments may be informal, minimally protected 
    environments.
    nExercise caution when using pcANYWHERE. PassageWay Telephony 
    Services technical staff use this tool to diagnose and maintain their 
    products on the customer premises. Simply having pcANYWHERE 
    installed on a PC does not pose a security risk; it must be up and running 
    and administered to receive calls. In addition, pcANYWHERE offers a 
    number of security features. General tips for protecting the PassageWay 
    product at the customer site when pcANYWHERE is used include the 
    following:
    — Only run pcANYWHERE as necessary 
    						
    							BCS Products
    Security Handbook  
    555-025-600  Issue 6
    December 1997
    Other Products and Services 
    Page 7-7 PassageWay®Telephony Services for NetWare® and Windows NT® 
    7
    — Do not publish the phone number for the modem.
    — Use the return call option with Lucent phone number. (Do not set up 
    pcANYWHERE without the callback option.)
    — For added security, unplug the phone jack from the modem when 
    pcANYWHERE is not in use.
    — Change your password after services leaves and after remote 
    access.
    — Configure the following security options:
    nRequire login names for callers
    nMake passwords case sensitive
    nLog all failed connection attempts
    nSet a maximum number of login attempts per call
    nAllow time to enter the complete login
    nDisconnect if inactive
    — Configure pcANYWHERE to log remote control and on-line 
    sessions. (Set the “Save Session Statistics in Activity Log File” 
    checkbox in the “Other Session Parameters” group box.)
    nPassageWay Telephony Services communicates with the DEFINITY 
    Enterprise Communications Server (ECS) through the DEFINITY ECS LAN 
    Gateway. Security Features are not provided in this system component. 
    For example, there is no encryption or password to prevent unauthorized 
    use of the Ethernet link into the PBX. The following are recommendations:
    — Customers are warned that the DEFINITY ECS LAN Gateway link is 
    not intended for wide area networking. It is recommended that 
    customers not configure a LAN in such a way as to use the 
    DEFINITY ECS LAN Gateway link for local or wide area data 
    networking. 
    — Customers should provide a separate, secure link between their 
    PBXs and PassageWay Telephony Server(s). This presupposes a 
    separate network adapter and hub used only for the DEFINITY ECS 
    LAN Gateway interface.
    In the Tserver, there should be no routing between the Network 
    Interface Card (NIC) used for the DEFINITY LAN Gateway and the 
    NIC used for client access. (This does not mean to imply, however, 
    that all Telephony Server clients have to be on the same LAN.)
    For NetWare, if TCP/IP support is provided on a separate LAN, keep 
    this support isolated from the DEFINITY ECS LAN Gateway. For 
    Windows NT, configure the NT machine for a secure DEFINITY ECS 
    LAN Gateway connection. Refer to Chapter 2 in the 
    PassageWay® 
    Telephony Services for Windows NT® DEFINITY Enterprise 
    Communications Server Network Managers Guide
    . 
    						
    							BCS Products
    Security Handbook  
    555-025-600  Issue 6
    December 1997
    Other Products and Services 
    Page 7-8 TransTalk 9000 Digital Wireless System 
    7
    nThe PassageWay Telephony Server is only as secure as the underlying 
    system, either NetWare or Windows NT. Observe the security requirements 
    of your operating system.
    In addition, for Windows NT, it is recommended that the following be used: 
    nMultiple level administration permissions to control which administrators 
    are allowed to pass on administration permission. See Chapter 3 in the 
    PassageWay Telephony Services for Windows NT Network Managers 
    Guide
    . 
    nSecure version of Windows NT with NTFS (NT File System). For additional 
    security information on Windows NT, consult a reference book such as 
    Inside Windows NT by Helen Custer or Windows NT Resource Guide by 
    Microsoft Press.
    TransTalk 9000 Digital Wireless 
    System
    The TransTalk 9000 Digital Wireless System is a flexible wireless adjunct for use 
    with the DEFINITY ECS, DEFINITY Communications Systems, MERLIN 
    LEGEND, PARTNER II, PARTNER Plus, System 25, System 75, and System 85 
    Communications Systems, as well as the MERLIN MAIL Voice Messaging 
    System. It provides employees up to 500 feet of mobility from the radio base 
    station, allowing them to make and answer calls when they are away from their 
    desk.
    From a security standpoint, the handset for the TransTalk 9000 Digital Wireless 
    System, the MDW 9000, has the same vulnerabilities as any desk set. If calling 
    restrictions are required for the user or location where the handset is placed, the 
    handset must be restricted at the switch.
    In addition, since the MDW 9000 allows freedom of movement, the potential for 
    employee abuse may be increased with this product. For example, employees 
    could move to secluded areas, where they would not be seen or overheard, and 
    make personal calls. For this reason, if restrictions are required, you should 
    restrict the station ports in the same way as you would a desk set.
    Security Tips
    nEducate customers about the possibility of employee abuse. Make sure 
    they understand the potential risks.
    nIf your business needs warrant a number of MDW 9000 sets, make sure 
    you understand each employee’s calling needs. For instance, if your 
    business does not require that employees make outgoing business calls, 
    restrict the MDW handset(s) to internal or local calls.
    Refer to the applicable section of this guide for information on switch restrictions 
    to utilize with the TransTalk 9000 Digital Wireless System. 
    						
    							Call Routing 
    Page A-1 Call Routing 
    A
    BCS Products
    Security Handbook  
    555-025-600  Issue 6
    December 1997
    A
    ACall Routing
    Call Routing
    The following is the basic call flow through the DEFINITY ECS, DEFINITY G1 and 
    G3, or System 75:
    Endpoint signals switch to start call.
    If originating endpoint is a station, the request for service is an off-hook.
    If originating endpoint is a trunk, the request for service is seizure signal 
    (wink start, off-hook, ground start).
    The switch signals endpoint to start dialing.
    If the endpoint is a station, dial tone is played for the caller.
    If the endpoint is a trunk, a start dial signal (wink dial tone, etc.) is sent to the 
    originating end.
    The digit string is dialed.
    The first digit dialed is compared to dial plan record.
    The type of call is identified depending on the dialed digit.
    The calls can be to an extension number, trunk access code, attendant, or feature 
    access code.
    The number of digits needed is known after the first digit is dialed. 
    						
    							BCS Products
    Security Handbook  
    555-025-600  Issue 6
    December 1997
    Call Routing 
    Page A-2 Call Routing 
    A
    Example: User dials  . Call is routed to an attendant because zero is defined as 
    an attendant call requiring one digit.
    Example: User dials  . Digit two is defined as a 4-digit extension code on the dial 
    plan form. Three more digits are required to place the call. The three additional 
    digits are dialed. The four digits dialed determine the destination called.
    The system checks the calling permissions of the originator’s COR to see if the 
    COR of the originator is allowed to call the COR of the destination dialed. If the 
    COR of the originator is set to y for the COR of the destination, the call will 
    complete. If the COR of the originator is set to n for the COR of the destination, 
    the intercept tone is returned to the caller.
    Example: User dials  . Digit nine is defined as feature access code for ARS. 
    More digits will follow. As the digits are dialed they are checked against the ARS 
    analysis table until a unique match is found. When the singular match is found, a 
    check is made to see if a route pattern is identified. If a route pattern is not 
    identified, the call is routed to intercept. If a route pattern is identified, the call is 
    routed to that pattern.
    When the call reaches the route, the trunk group identified as the first choice is 
    checked for an available member. If a member is not available, the next choice in 
    the pattern is checked for an available member.
    When an available member is found, the FRL of the originating endpoint is 
    checked against the FRL of the choice selected. If the FRL of the endpoint is 
    greater than or equal to the FRL on the choice, the call completes. If the FRL is 
    less than all the choices in the route pattern, intercept is returned to the caller.
    0
    2
    9 
    						
    All Lucent Technologies manuals Comments (0)

    Related Manuals for Lucent Technologies BCS Products Security Handbook Instructions Manual