Home > Lucent Technologies > Communications System > Lucent Technologies BCS Products Security Handbook Instructions Manual

Lucent Technologies BCS Products Security Handbook Instructions Manual

    Download as PDF Print this page Share this page

    Have a look at the manual Lucent Technologies BCS Products Security Handbook Instructions Manual online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 413 Lucent Technologies manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.

    							BCS Products
    Security Handbook  
    555-025-600  Issue 6
    December 1997
    Remote Access Example (DEFINITY ECS, DEFINITY G1, G3, and System 75) 
    Page C-3 Permanently Disabling Remote Access 
    C
    18. Leave the Route Pattern blank for all dialed strings that you want to 
    disallow the calls, such as international and operator calls. Any ARS/AAR 
    calls starting with that dialed string will be blocked.
    19. For all the Route Patterns assigned to ARS/AAR Partition 8, use change 
    route-pattern to administer an appropriate FRL (1 through 7) in the FRL 
    field. Since the FRL on the COR reserved for Remote Access is 0, the 
    Remote Access caller will always be prompted for an authorization code for 
    outside calls.
    20. Assign authorization codes for your Remote Access users that provide the 
    lowest possible FRL to match each user’s calling requirements.
    See Chapter 3 for additional security measures.
    Permanently Disabling Remote Access
    For DEFINITY ECS, DEFINITY G3, System 85 R2V4n 3.0 and later, and the “n” 
    versions of G1 and System 75V3, as an additional step to ensure system security, 
    the Remote Access feature can be permanently removed. Permanent removal 
    protects against unauthorized remote access usage even if criminals break into 
    the maintenance port. See your Account Representative for information on the “n” 
    upgrade.
    To permanently disable the Remote Access feature in System 85R2V4n 3.0 and 
    later, or G2.2 3.0 and later:
    nUse PROC275 WORD4 FIELD2, and change the value to 1.
    To permanently disable the Remote Access feature in System 75V3, G3, and the 
    “n” versions of G1:
    nEnter change remote-access to display the Remote Access screen.
    nMake sure the Remote Access Extension field is blank.
    nEnter y in the Permanently Disable field.
    nEnter save translation. You MUST enter this command or the change will 
    be lost if the switch is rebooted
    .
    nEnter display remote access to verify the changes. If you get an error 
    message or you cannot display the screen, then you know it worked.
    The Remote Access feature is disabled after you log off from the switch.
    For System 85 R2V4n 3.0 and G2.23.0 and later, Remote Access can be 
    permanently disabled. To permanently disable the Remote Access feature:
    nUse PROC275 WORD4 FIELD2, and change the value to 1. 
    						
    							BCS Products
    Security Handbook  
    555-025-600  Issue 6
    December 1997
    Remote Access Example (DEFINITY ECS, DEFINITY G1, G3, and System 75) 
    Page C-4 Permanently Disabling Remote Access 
    C
    NOTE:
    Once Remote Access has been permanently disabled, only the Lucent 
    Technologies Technical Service Center can reenable it. Charges may apply 
    for this service. 
    						
    							Administering Features of the DEFINITY G3V3 and Later, Including DEFINITY ECS 
    Page D-1 Administering the SVN Feature 
    D
    BCS Products
    Security Handbook  
    555-025-600  Issue 6
    December 1997
    D
    DAdministering Features of the
    DEFINITY G3V3 and Later,
    Including DEFINITY ECS
    This appendix provides information on administering these features in the 
    following DEFINITY ECS and DEFINITY G3.
    DEFINITY G3V3 and later, which includes DEFINITY ECS:
    nEnhanced Security Violation Notification (SVN)
    nBarrier code aging
    nCustomer logins and forced password aging
    DEFINITY G3V4 and later, which also includes DEFINITY ECS:
    nLogoff notification
    nCustomer login accessible through INADS remote administration port
    nFacility test call notification
    nRemote Access notification
    Administering the SVN Feature
    This section contains the following subsections:
    1. Administering the login component
    2. Administering the Remote Access component
    3. Administering the authorization code component
    4. Administering the Station Security Code component 
    						
    							BCS Products
    Security Handbook  
    555-025-600  Issue 6
    December 1997
    Administering Features of the DEFINITY G3V3 and Later, Including DEFINITY ECS 
    Page D-2 Administering the SVN Feature 
    D
    Administering the Login Component
    To administer system parameters for the login component of the SVN feature, do 
    the following:
    1. To access the System Parameter Security form from the command line 
    interface, enter change system-parameters security (G3V3 and later) or 
    change system-parameters (releases prior to G3V3).
    2. Enter y in the SVN Login Violation Notification Enabled field. When this 
    field is set to y(es), the following fields appear on the Security-Related 
    System Parameters form:
    nOriginating Extension
    Enter an unassigned extension, local to the switch and conforming 
    to the dial plan, for the purpose of originating and identifying SVN 
    referral calls for login security violations.
    The originating extension initiates the referral call in the event of a 
    login security violation. It also sends the appropriate alerting 
    message or display to the referral destination.
    nReferral Destination
    Enter an extension assigned to a station or attendant console that 
    will receive the referral call when a security violation occurs. The 
    referral destination must be equipped with a display module unless 
    the Announcement Extension has been assigned.
    For G3V3 and later, call vectoring using time of day routing allows 
    security notification to be extended off-premises.
    nLogin Threshold
    Enter the minimum number of login attempts that will be permitted 
    before a referral call is made. The value assigned to this field, in 
    conjunction with the Time Interval field, determines whether a 
    security violation has occurred. The system default is 5.
    nTime Interval
    Enter the time interval within which a login security violation must 
    occur. The range is one minute to eight hours (0:01 to 7:59), and is 
    entered in the form x:xx. For example, if you want the time interval to 
    be 1 minute, enter 0:01. If you want the time interval to be seven 
    and one-half hours, enter 7:30. The system default is 0:03.
    nAnnouncement Extension
    Enter an extension that is assigned to the login SVN announcement. 
    The announcement must be recorded for the SVN referral call to be 
    made. A repeating announcement is suggested, especially if the 
    SVN referral call might go to an answering machine.  
    						
    							BCS Products
    Security Handbook  
    555-025-600  Issue 6
    December 1997
    Administering Features of the DEFINITY G3V3 and Later, Including DEFINITY ECS 
    Page D-3 Administering the SVN Feature 
    D
    3.For releases before DEFINITY G3V3, administer an “lsvn-call” button on 
    any station/attendant console (maximum 1 per system). The SVN button 
    location can be determined by entering the command display 
    svn-button-location. Activation of this feature button initiates the 
    placement of login referral calls, until the button is deactivated.
    4. For DEFINITY G3V3 and later releases, which includes DEFINITY ECS, 
    administer an “lsvn-halt” button on any station/attendant console 
    (maximum 1 per system). The SVN button location can be determined by 
    entering the command display svn-button-location. Activation of this 
    button stops the placement of all login referral calls, until the button is 
    deactivated.
    Enable/Disable a Login ID
    The Disable a Login ID Following a Security Violation field on the Login 
    Administration form is used to set the SVN parameters for a single login.
    nEnter y in this field to have the SVN feature disable the specified login 
    when a security violation is detected for that login ID. The system default 
    isy. 
    nEnter n in this field if you don’t want to have the SVN feature disable the 
    specified login if a security violation is detected for that login ID. 
    The Disable Following a Security Violation field is dynamic and will only appear on 
    the Login Administration form when the login component of the SVN feature is 
    enabled.
    To enable a login that has been disabled by a security violation, or disabled 
    manually with the disable login command:
    1. Log in to the switch using a login ID with the proper permissions.
    2. Enter the command enable login .
    To disable a login:
    1. Log in to the switch using a login ID with the proper permissions.
    2. Enter the command disable login .
    List the Status of a Login ID
    To list the status of a login:
    1. Log in to the switch using a login ID with the proper permissions.
    2. Enter the command list login.
    A display indicating the status of the specified login will appear. Possible login ID 
    statuses are:
    ndisabled — The login was disabled manually using the disable login 
    command. 
    						
    							BCS Products
    Security Handbook  
    555-025-600  Issue 6
    December 1997
    Administering Features of the DEFINITY G3V3 and Later, Including DEFINITY ECS 
    Page D-4 Administering the SVN Feature 
    D
    nsvn-disabled — A security violation was detected for that login and the 
    login was disabled by the SVN feature.
    nactive — The login is currently logged in.
    ninactive — The login is not logged in.
    nvoid — The password associated with the login has been set to void.
    Administering the Remote Access Component
    To administer the Remote Access (barrier code) security violation parameters of 
    the SVN feature, do the following:
    1. To access the System Parameter Security form from the command line 
    interface, enter change system-parameters security (G3V3 and later) or 
    change system-parameters (releases prior to G3V3).
    2. Enable the Remote Access component of the feature by entering y in the 
    SVN Remote Access Violation Notification field. When this field is enabled, 
    the following additional fields appear on the Security-Related System 
    Parameters form:
    nOriginating Extension
    Enter an unassigned extension that is local to the switch and 
    conforms to the dial plan, for the purpose of originating and 
    identifying SVN referral calls for login security violations.
    The originating extension initiates the referral call in the event of a 
    login security violation. It also sends the appropriate alerting 
    message or display to the referral destination.
    nReferral Destination
    Enter an extension assigned to a station or attendant console that 
    will receive the referral call when a security violation occurs. The 
    referral destination must be equipped with a display module unless 
    the Announcement Extension has been assigned.
    For DEFINITY G3V3 and later, including DEFINITY ECS, call 
    vectoring using time of day routing allows security notification to be 
    extended off-premises.
    nLogin Threshold
    Enter the minimum number of login attempts that will be permitted 
    before a referral call is made. The value assigned to this field, in 
    conjunction with the Time Interval field, determines whether a 
    security violation has occurred. The system default is 5. 
    						
    							BCS Products
    Security Handbook  
    555-025-600  Issue 6
    December 1997
    Administering Features of the DEFINITY G3V3 and Later, Including DEFINITY ECS 
    Page D-5 Administering the SVN Feature 
    D
    nTime Interval
    Enter the time interval within which a login security violation must 
    occur. The range is one minute to eight hours (0:01 to 7:59), and is 
    entered in the form x:xx. For example, if you want the time interval to 
    be 1 minute, enter 0:01. If you want the time interval to be seven 
    and one-half hours, enter 7:30. The system default is 0:03.
    nAnnouncement Extension
    Enter an extension that is assigned to the Remote Access SVN 
    announcement. The announcement must be recorded for the SVN 
    referral call to be made. A repeating announcement is suggested, 
    especially if the SVN referral call might go to an answering machine. 
    3. To activate the Disable Following a Security Violation feature, display the 
    Remote Access Form and enter y in the Disable Following a Security 
    Violation field.
    4.For releases before G3V3, administer an “rsvn-call” button on any 
    station/attendant console (maximum 1 per system). The SVN button 
    location can be determined by entering the command display 
    svn-button-location. Activation of this feature button initiates the 
    placement of remote access referral calls, until the button is deactivated.
    5. For G3V3 and later releases, administer an “rsvn-halt” button on any 
    station/attendant console (maximum 1 per system). The SVN button 
    location can be determined by entering the command display 
    svn-button-location. Activation of this feature button stops the placement 
    of all remote access referral calls until the button is deactivated.
    Enable/Disable Remote Access Code
    To enable a Remote Access Code that has been disabled following a security 
    violation, or disabled manually with the disable remote access command:
    1. Log in to the switch using a login ID with the proper permissions.
    2. Enter the command enable remote access.
    To disable a Remote Access Code:
    1. Log in to the switch using a login ID with the proper permissions.
    2. Enter the command disable remote access. 
    						
    							BCS Products
    Security Handbook  
    555-025-600  Issue 6
    December 1997
    Administering Features of the DEFINITY G3V3 and Later, Including DEFINITY ECS 
    Page D-6 Administering the SVN Feature 
    D
    Administering Remote Access Kill After N 
    Attempts
    Following is an example of how to administer this feature.
    1. To access the System Parameters Features screen from the command line 
    interface, enter change system-parameters features security (G3V3 
    and later) or change system-parameters features (releases prior to 
    G3V3). When the system-parameters features screen appears, complete 
    the following fields:
    nSVN Remote Access Violation Notification Enabled field — Enter y 
    in this field to enable the Remote Access component of the SVN 
    feature.
    nOriginating Extension field — Enter an unassigned extension that 
    conforms to the switch dial plan.
    nReferral Destination field — Enter an extension that is assigned to a 
    station equipped with a display module.
    nBarrier Code Threshold field — Enter the number of times entry of 
    an invalid barrier code will be permitted before a security violation is 
    detected.
    nTime Interval field — Enter the duration of time that the invalid 
    barrier code attempts must occur within.
    2. Enter the change remote-access command to access the Remote Access 
    form.
    nDisable Following A Security Violation field — If not already 
    assigned, enter y in this field to disable Remote Access following a 
    security violation.
    NOTE:
    The Disable Following A Security Violation field is dynamic. It 
    will only appear if the remote access component of the SVN 
    feature is enabled.
    In the event of a Remote Access barrier code security violation, a referral call is 
    generated, alerting the switch administrator of the violation. When the violation is 
    detected, the Remote Access feature is disabled, prohibiting any further use until 
    the security violation is investigated.
    Consult the monitor security-violations report, trunk group measurements reports, 
    and security measurements reports to determine the nature and source of the 
    security violation. Local exchange and long distance carriers may provide 
    assistance in tracing the source of the violation. The Remote Access feature 
    should not be re-enabled until the source of the violation is identified, and you are 
    confident that the feature is secure.
    Enter the enable remote-access command to re-enable the Remote Access 
    feature. 
    						
    							BCS Products
    Security Handbook  
    555-025-600  Issue 6
    December 1997
    Administering Features of the DEFINITY G3V3 and Later, Including DEFINITY ECS 
    Page D-7 Administering the SVN Feature 
    D
    If the Remote Access feature is to be dormant for a period of time, the feature can 
    be disabled using the disable remote-access command. Entry of this command 
    will disable the Remote Access feature until it is re-enabled using the enable 
    remote-access command.
    Administering Login ID Kill After N Attempts
    Following is an example of how to administer this feature.
    1. Enter the change system-parameters features command to assign 
    Security Violation Notification (SVN) parameters. When the 
    system-parameters features screen appears, complete the following fields:
    nSVN Login Violation Notification Enabled field — Enter y in this field 
    to enable the login component of the SVN feature.
    nOriginating Extension field — Enter an unassigned extension that 
    conforms to the switch dial plan.
    nReferral Destination field — Enter an extension that is assigned to a 
    station equipped with a display module.
    nLogin Threshold field — Enter the number of times entry of an 
    invalid login ID, or valid login ID/invalid password combination will 
    be permitted before a security violation is detected.
    nTime Interval field — Enter the duration of time that the invalid login 
    attempts must occur within.
    2. Enter the add/change login  command to access the login 
    administration form.
    nDisable Following A Security Violation field — If not already 
    assigned, enter y in this field to disable the login ID following a 
    security violation involving the login ID.
    In the event a security violation involving the login ID is detected, a referral call is 
    generated, alerting the switch administrator of the violation. When a login violation 
    is detected for a valid login ID, the login ID is disabled, prohibiting any further use 
    until the security violation is investigated and the login ID is re-enabled.
    Consult the monitor security-violation report and security measurements report to 
    determine the nature and source of the security violation. If the attempts to access 
    the switch administration originated from a remote source, the local exchange and 
    long distance carriers may provide assistance in tracing the source of the invalid 
    access attempts. The affected login ID should not be re-enabled until the source 
    of the violation is identified and you are confident that the switch administration 
    maintenance interface is secure.
    Enter the enable login  command to re-enable the login ID.
    If a login ID is to be dormant for a period of time, the login ID can be disabled 
    using the disable login  command. Entry of this command will disable 
    the login ID until it is re-enabled using the enable login  command. 
    						
    							BCS Products
    Security Handbook  
    555-025-600  Issue 6
    December 1997
    Administering Features of the DEFINITY G3V3 and Later, Including DEFINITY ECS 
    Page D-8 Administering the SVN Feature 
    D
    Administering the Authorization Code 
    Component
    To administer the Authorization Code component of the SVN feature in G3V3 and 
    later releases, do the following:
    1. Access the System Parameter Security form by entering change 
    system-parameters security from the command line interface.
    2. When the SVN Authorization Code Violation Notification Enabled field is 
    set to y, the following additional fields appear on the Security-Related 
    System Parameters form:
    nOriginating Extension
    Enter an unassigned extension that is local to the switch and 
    conforms to the dial plan, for the purpose of originating and 
    identifying SVN referral calls for authorization code security 
    violations.
    The originating extension initiates the referral call in the event of an 
    authorization code security violation. It also sends the appropriate 
    alerting message or display to the referral destination.
    nReferral Destination
    Enter an extension assigned to a station or attendant console that 
    will receive the referral call when an authorization code security 
    violation occurs. 
    If the announcement extension field is blank, the referral destination 
    must be on the switch and a display module is required. Call 
    vectoring, using time of day routing, allows security notification to be 
    extended off-premises.
    nAuthorization Code Threshold
    Enter the minimum number of invalid authorization code attempts 
    that will be permitted before a referral call is made. The value 
    assigned to this field, in conjunction with the Time Interval field, will 
    determine whether a security violation has occurred. The system 
    default for the Authorization Code security violations threshold is 10.
    nTime Interval
    Enter the time interval within which the authorization code security 
    violations must occur. The range for the time interval is one minute 
    to eight hours (0:01 to 7:59), and is entered in the form x:xx. For 
    example, if you want the time interval to be one minute, enter 0:01. If 
    you want the time interval to be seven and one-half hours, enter 
    7:30. The system default is 0:03. 
    						
    All Lucent Technologies manuals Comments (0)

    Related Manuals for Lucent Technologies BCS Products Security Handbook Instructions Manual