Home
>
Lucent Technologies
>
Communications System
>
Lucent Technologies BCS Products Security Handbook Instructions Manual
Lucent Technologies BCS Products Security Handbook Instructions Manual
Have a look at the manual Lucent Technologies BCS Products Security Handbook Instructions Manual online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 413 Lucent Technologies manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.
Toll Fraud Job Aids Page F-1 Toll Fraud Warning Signs F BCS Products Security Handbook 555-025-600 Issue 6 December 1997 F FToll Fraud Job Aids The job aids in this appendix are tools for your organization to use in securing your system against toll fraud. Copy them and distribute them to your staff to post or use in any other manner that meets their needs. Toll Fraud Warning Signs nCustomers or employees complain that the 800 number is always busy. The busy line could even impact local Direct Inward Dial (DID) lines. nSwitchboard operators complain of frequent hang-ups or touch-tone sounds when they answer. nSignificant increase in “internal” requests for “operator assistance” in making outbound calls, particularly international ones. nUnexplained increase in long distance usage. nIncrease in short duration calls. nHeavy call volume on nights, weekends, and/or holidays. nStation Message Detail Recording (SMDR) shows an unusual amount of short duration calls. nEstablished thresholds on trunk groups are exceeded. nSwitchboard operators note or complain about frequent calls from individuals with foreign accents. nStaff or customer complaints of inability to enter voice mail system. nAny attempts by outsiders to obtain sensitive information regarding the telecommunications system or calls from individuals posing as employees when they clearly are not.
BCS Products Security Handbook 555-025-600 Issue 6 December 1997 Toll Fraud Job Aids Page F-2 Toll Fraud Warning Signs F nSudden or unexplained inability to access specific administrative functions within the system. nEmployees complain of difficulty in obtaining an outside line. nSimultaneous Direct Inward System Access (DISA) authorization code use coming from two different places at the same time. nAn upsurge in use on DISA or other trunks. nUnusual increase in customer premises equipment-based system memory usage. nUnexplained changes in system software parameters. nUnexplained problems related to being “locked out” of the system or Personal Identification Number (PIN) changes in the voice mail system. nSignificant increase in calls from a single geographic area or from the same Automatic Number Identification (ANI). nAny discrepancies in telephone bills, such as unusual calling patterns, calls to international locations with which the user does not normally interact, and calls for which you cannot account.
BCS Products Security Handbook 555-025-600 Issue 6 December 1997 Toll Fraud Job Aids Page F-3 System Security Action Plan F System Security Action Plan Figure F-1. System Security Action Plan Educate End UsersEstablish Port Security Procedures Secure the Administration System Perform Security Monitoring The first step customers should take in tightening the security of their systems is to increase end-users’ awareness of the system’s security features and vulnerabilities. Develop and implement a toll fraud detection and reaction plan with all employees. Train users on remote access responsibilities and security procedures. Establish and maintain security policies regarding password/authorization code protection. Once you have established an effective Control administrative access passwords, and change them frequently. Never store administrative port numbers or passwords as part of a connection “script.” Use Remote Port Security Device to “lock-up” administrative ports. Monitor call detail records and “800 service” billing records for unusual activity. Monitor “invalid login attempt” activity levels on remote access and administration ports. Establish thresholds and monitor port and trunk activity levels. port security plan, you need to protect it. Management of the access into adminis- trative and maintenance capabilities is an important part of the total System Security Plan.System Security Monitoring plays acritical role in a customer’s overall security scheme. By monitoring system security precautions already taken, customers can react quickly to any potential threat detected. Use passwords, authorization codes, and barrier codes. Set them to maximum length Assign calling privilege restriction levels to users on a need-to-call basis. Block off-hours and weekend calling privileges, or use alternate restriction levels when possible. and change them frequently.Customers must establish security measures to manage and control access to the ports into the communication system. The security measures should also control the calling privileges users will have access to.
BCS Products Security Handbook 555-025-600 Issue 6 December 1997 Toll Fraud Job Aids Page F-4 Top 10 Tips to Help Prevent Phone “Phraud” F Top 10 Tips to Help Prevent Phone “Phraud” 1. Protect System Administration Access Insure secure passwords exist for all logins that allow System Administration or Maintenance access to the system. Change the passwords frequently. 2. Prevent Voice Mail System Transfer to Dial Tone Activate “secure transfer” features in voice mail systems. Place appropriate restrictions on voice mail access/egress ports. 3. Deny Unauthorized Users Direct Inward System Access (Remote Access) If you are not using Remote Access features, deactivate or disable them. If you are using Remote Access, require the use of barrier codes and/or authorization codes set for maximum length. Change the codes frequently. 4. Place Protection on Systems that Prompt Callers to Input Digits Callers should be prevented from dialing unintended digit combinations at prompts. Auto attendants and call vectors should be restricted from allowing access to dial tone. 5. Use System Software to Intelligently Control Call Routing Create ARS or WCR patterns to control how each call is to be handled. Use “Time Of Day” routing capabilities to limit facilities available on nights and weekends. Deny all end-points the ability to directly access outgoing trunks. 6. Block Access To International Calling Capability When international access is required, establish permission groups. Limit access to only the specific destinations required for business. 7. Protect Access to Information Stored as Voice Password restrict access to voice mail mailboxes. Use non-trivial passwords and change passwords regularly. 8. Provide Physical Security for Telecommunications Assets Restrict unauthorized access to equipment rooms and wire connection closets. Protect system documentation and reports data from being compromised.
BCS Products Security Handbook 555-025-600 Issue 6 December 1997 Toll Fraud Job Aids Page F-5 Top 10 Tips to Help Prevent Phone “Phraud” F 9. Monitor Traffic and System Activity for Abnormal Patterns Activate features that “Turn Off” access in response to unauthorized access attempts. Use Traffic and Call Detail reports to monitor call activity levels. 10. Educate System Users to Recognize Toll Fraud Activity and React Appropriately From safely using Calling Cards to securing voice mailbox passwords, users need to be trained on how to protect themselves from inadvertent compromises to the system’s security.
Special Security Product and Service Offers Page G-1 Remote Port Security Device (RPSD) G BCS Products Security Handbook 555-025-600 Issue 6 December 1997 G GSpecial Security Product and Service Offers Remote Port Security Device (RPSD) The Lucent Technologies RPSD1 offers enhanced protection for dial-up data access. Communications systems typically consist of a mix of digital PBXs, voice mail systems, and adjunct applications computers. Dial-up ports on these systems provide remote access for maintenance and administration support. They also provide potential access to the hackers or thieves who use easily obtainable computers and software to gain unauthorized access to your systems. NOTE: Since the RPSD contains a Data Encryption Standard (DES) algorithm, its use outside the United States and Canada is prohibited by law. Once a hacker gains access to your systems, he or she can explore sensitive information, disrupt voice and data communications, and manipulate software applications. This access can result in unauthorized use of network facilities and the theft of long distance services. While effective system security management can usually stop the hacker, the Lucent Technologies Remote Port Security Device (RPSD) gives you a state-of-the-art single channel protection system that enhances your ability to prevent unauthorized users or hackers from accessing your system’s dial-up communications ports. 1. The RPSD is compatible with: the DEFINITY ECS, DEFINITY Communications Systems, System 75 (V2 or higher), System 85 and DIMENSION PBX Systems; the AUDIX, DEFINITY AUDIX, and AUDIX Voice Power Systems; and all System Management products.
BCS Products Security Handbook 555-025-600 Issue 6 December 1997 Special Security Product and Service Offers Page G-2 Remote Port Security Device (RPSD) G Dial-up ports provide access to data networks and computers that contain critical data and software applications. While these ports help to improve productivity and increase customer satisfaction, they also provide potential access to hackers. The Key and Lock use a sophisticated dynamic challenge/response technique to assist you in preventing unauthorized access to your administration and maintenance ports. The Key and Lock authentication process is as follows: The Lock answers the incoming call destined for the dial-up modem port. It generates a dynamic challenge, unique to every call, and transmits it to the RPSD installed at the calling end. The Lock and Key must be initialized with the same secret encryption key value. This secret encryption key has approximately 70 quadrillion combinations. When the RPSD Key receives the challenge, it generates a response using the secret encryption key. It then transmits the expected response back to the RPSD Lock. If the RPSD lock successfully authenticates the response, it provides ringing to the terminating modem and the call completes. The RPSD terminates a call immediately if any step in the challenge/response authentication process is not completed successfully. The RPSD helps to: nprotect remote locations that communicate with a central network via dial-up lines nsafeguard companies that remotely administer PBX and voice mail systems nensure that critical network routing information and PBX feature translations are not compromised ncontrol access of dial-up ports by remote maintenance or service personnel Key and Lock Features nUses randomly-generated encrypted data to perform Key/Lock authentication handshake. nTime of Day/Day of Week restrictions can control Key access to Locks. Each user profile can have up to 14 restrictions set. nHistory Logs provide audit trails of the last 500 administrative changes, accesses, and failures. nSystem Administration provides menu-driven commands with on-line help and security options for administrative access. nSelf-check and built-in diagnostics enable simple and fast problem diagnosis. nA Power Monitor Circuit allows you to fail or bypass calls to the Lock during a power failure.
BCS Products Security Handbook 555-025-600 Issue 6 December 1997 Special Security Product and Service Offers Page G-3 Security Audit Service G nAn Alarm Contact Closure interface is provided to generate an alarm when the Lock loses power. Lock and Keys work with all data communications protocols. Lucent Technologies Support Lucent Technologies provides RPSD Keys to their maintenance centers to accommodate access to systems you secure with the RPSD Lock. For more information on the RPSD, see the DEFINITY Communications Systems Remote Port Security Device User’s Manual , 555-025-400. Security Audit Service The Lucent Technologies Security Audit Service is a fee-based, consultative service that provides a security evaluation of a customer’s telecommunications system. The Security Audit is conducted by a team of experts from Lucent Technologies’ World-Class Service Center (WCSC). The process starts with a preliminary telephone interview. This is followed by an on-site (or remote) security audit of the equipment, followed by an analysis of system vulnerability and written recommendations for increasing security. For more information, contact your Lucent Technologies representative. Lucent Technologies HackerTracker Lucent Technologies HackerTracker alerts you to abnormal calling activities. You can program the software to continually monitor all incoming calls and watch for hallmarks of hacker activity. Call detail activity is marked against a set of pre-established threshold criteria, and if these thresholds are exceeded, alarms and alerts are sent to designated security system administrators. HackerTracker is designed to work in conjunction with Lucent Technologies’ Call Accounting System (CAS Plus Version 3). For more information, call 1 800 521-7872.
BCS Products Security Handbook 555-025-600 Issue 6 December 1997 Special Security Product and Service Offers Page G-4 Security Tune-Up Service G Security Tune-Up Service The Security Tune-Up Service is a fee-based, consultative service designed to provide an expedient, on-line review of your system security as it relates to toll fraud. This service is provided for the DEFINITY ECS, DEFINITY Communications Systems G1, G2, and G3, the DIMENSION PBX System, System 75, System 85; and the AUDIX, the AUDIX Voice Power, the DEFINITY AUDIX, and the I NTUITY AUDIX Voice Messaging Systems. Customer Support Engineers, specializing in security, will remotely access your system, analyze the potential risks in the system, and optionally implement agreed-upon changes to secure the system. For more information, call 1 800 643-2353.