Home > Lucent Technologies > Communications System > Lucent Technologies BCS Products Security Handbook Instructions Manual

Lucent Technologies BCS Products Security Handbook Instructions Manual

    Download as PDF Print this page Share this page

    Have a look at the manual Lucent Technologies BCS Products Security Handbook Instructions Manual online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 413 Lucent Technologies manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.

    							BCS Products
    Security Handbook  
    555-025-600  Issue 6
    December 1997
    Special Security Product and Service Offers 
    Page G-5 Toll Fraud Contact List 
    G
    Toll Fraud Contact List
    Contact: For:
    Your Lucent Technologies Account 
    Executive or Design SpecialistsGeneral questions related to toll fraud
    Lucent Technologies Toll Fraud 
    Intervention Hotline
    800 643-2353All systems and products— 
    including DEFINITY ECS, 
    DEFINITY Communications 
    Systems, DIMENSION, System 75, 
    System 85, MERLIN II, MERLIN 
    LEGEND, PARTNER II, PARTNER 
    Plus, and System 25 
    Communications Systems; and 
    their adjuncts: Immediate crisis 
    intervention if you suspect that your 
    company is experiencing toll fraud.
    Lucent Technologies Technical 
    Service Center (TSC)
    800 242-2121DEFINITY ECS, DEFINITY 
    Communications Systems, 
    DIMENSION, System 75, and 
    System 85 Communications 
    Systems, and adjuncts: Immediate 
    crisis intervention if you suspect that 
    your company is currently 
    experiencing toll fraud.
    Lucent Technologies National Service 
    Assistance Center (NSAC)
    800 628-2888MERLIN II, MERLIN LEGEND, 
    PARTNER II, PARTNER Plus, and 
    System 25 Communications 
    Systems, and adjuncts: Immediate 
    crisis intervention if you suspect that 
    your company is currently 
    experiencing toll fraud.
    AT&T Calling Card Assistance
    800 882-CARD (2273)Assistance and information related to 
    Corporate Credit card fraud
    AT&T Long Distance Services
    800 222-3000Information related to toll fraud offers 
    and assistance with risk 
    management for long distance 
    network services
    United States Secret Service (Listed 
    under Federal Government in your 
    local telephone directory)To file a legal complaint in the event 
    of international or interstate toll fraud 
    						
    							Product Security Checklists 
    Page H-1  
    H
    BCS Products
    Security Handbook  
    555-025-600  Issue 6
    December 1997
    H
    HProduct Security Checklists
    This appendix contains the following security checklists:
    nGeneral Security Procedures (page H-3)
    nAUDIX Voice Mail System (page H-5)
    nAUDIX Voice Power System (page H-7)
    nBasicWorks (page H-9)
    nCONVERSANT Voice Information System (page H-13)
    nDEFINITY G1 (page H-15), G2 (page H-21), and G3 (page H-15)
    nDEFINITY AUDIX System (page H-5)
    nDIMENSION PBX System and DEFINITY ECS(page H-25)
    nINTUITY AUDIX Voice Messaging System (page H-5)
    nLucent Technologies/Bay Networks (page H-28)
    nMERLIN II Communications System (page H-28)
    nMERLIN LEGEND Communications System (page H-31)
    nMERLIN MAIL Voice Messaging System (page H-34)
    nMERLIN MAIL-ML Voice Messaging System (page H-36)
    nMERLIN MAIL R3 Voice Messaging System (page H-38)
    nMERLIN Plus Communications System (page H-41)
    nMultimedia Communications Exchange Server (page H-42)
    nMultipoint Conferencing Unit (MCU)/Conference Reservation and Control 
    System (CRCS) (page H-43
    )
    nPARTNER II Communications System (page H-53)
    nPARTNER MAIL System (page H-56)
    nPARTNER MAIL VS System (page H-56) 
    						
    							BCS Products
    Security Handbook  
    555-025-600  Issue 6
    December 1997
    Product Security Checklists 
    Page H-2  
    H
    nPARTNER Plus Communications System (page H-53)
    nSystem 25 (page H-58)
    nSystem 75 (page H-15)
    nSystem 85 (page H-21)
    nPassageWay Telephony Services (page H-60) 
    						
    							BCS Products
    Security Handbook  
    555-025-600  Issue 6
    December 1997
    Product Security Checklists 
    Page H-3 General Security Procedures 
    H
    General Security Procedures
    Customer: ________________________________________
    Location: _________________________________________
    System & Version: _________________________________________
    Date Installed: _________________________________________
    Table H-1. General Security Procedures
    Y/N
    1Note N/A
    Physical Security
    Switch room and wiring closets 
    locked
    All equipment documentation 
    secured
    Attendant console secured at 
    night; headset unplugged
    Local and Remote administration 
    equipment secured
    Remote Port Security Devices 
    installed
    Telephone logs and print reports 
    secured
    Adjunct (CAS, AUDIX Voice Mail 
    System, CMS, ISII, G3MA, etc.) 
    remote administration terminals 
    secured
    Customer Education
    System manager/administrator has 
    copy of Security Handbook/Toll 
    Fraud Overview
    System security policy established 
    and distributed 
    						
    							BCS Products
    Security Handbook  
    555-025-600  Issue 6
    December 1997
    Product Security Checklists 
    Page H-4 General Security Procedures 
    H
    1.If “NO” (N), provide Note reference number and explain.
    System security policy reviewed 
    periodically
    Security policy included in new-hire 
    orientation
    Employees know how to detect 
    potential toll fraud
    Employees know where to report 
    suspected toll fraud
    Authorization Codes not sequential
    Remote access phone number not 
    published
    Barrier codes and passwords are 
    chosen to be difficult to guess
    Barrier codes, passwords (including 
    voice mail), and authorization 
    codes removed/changed when 
    employees terminated
    Authorization codes, account 
    codes, and passwords not written 
    down or translated on auto-dial 
    buttons
    Logins and passwords are not 
    written down
    All customer passwords changed 
    on regular basis
    HackerTracker thresholds 
    established
    Social Engineering explained
    Customer is aware of 
    network-based toll fraud 
    surveillance offerings such as 
    netPROTECT
    Customer knows how to subscribe 
    to ACCESS security shared folder
    Table H-1. General Security Procedures — Continued
    Y/N
    1Note N/A 
    						
    							BCS Products
    Security Handbook  
    555-025-600  Issue 6
    December 1997
    Product Security Checklists 
    Page H-5 AUDIX, DEFINITY AUDIX and INTUITY AUDIX Voice Messaging Systems 
    H
    AUDIX, DEFINITY AUDIX and 
    I
    NTUITY AUDIX Voice Messaging 
    Systems
    Also see the general security checklist on page H-3, and the security checklist for 
    the host communications system.
    (
    Customer: _________________________________________
    PBX Type: _________________________________________
    Location: _________________________________________
    New Install: _________________________________________
    System Upgrade: _________________________________________
    Major Addition: _________________________________________
    Table H-2. AUDIX, DEFINITY AUDIX and I
    NTUITY AUDIX Voice 
    Messaging Systems
    Y/N
    1Note N/A
    System Administration
    Administration password changed 
    from default    
    User passwords 7 to 15 characters      
    Forced password change for new 
    subscribers    
    System Features
    Only active subscribers translated
    Call transfer out of voice mail 
    system not allowed
    If transfer allowed, Enhanced Call 
    Transfer enabled
    If transfer allowed and basic 
    transfer enabled, transfer restricted 
    to subscribers (DEFINITY AUDIX 
    and I
    NTUITY AUDIX Voice 
    Messaging Systems only) 
    						
    							BCS Products
    Security Handbook  
    555-025-600  Issue 6
    December 1997
    Product Security Checklists 
    Page H-6 AUDIX, DEFINITY AUDIX and INTUITY AUDIX Voice Messaging Systems 
    H
    1.If “NO” (N), provide Note reference number and explain.
    If transfer allowed, number 
    restrictions administered 
    (DEFINITY AUDIX Voice 
    Messaging System 3.2 only)
      not allowed on Auto 
    Attendants
    Retries before lockout < 6
    Retries before disconnect < 4
    Busy lamp on modem port
    Voice Processing ports restricted 
    from toll calls by host PBX, for 
    example, restricted COR
    Outcalling not used
    Number of digits on outcalling 
    minimized, and/or outcalling 
    destination restricted by host PBX
    Voice processing ports 
    COR-to-COR restricted from dialing 
    RA barrier codes (when host 
    communications system is 
    System 75, or DEFINITY ECS, or 
    DEFINITY G1 or G3)
    Product Monitoring
    Administration Log and Activity Log 
    checked daily Table H-2. AUDIX, DEFINITY AUDIX and I
    NTUITY AUDIX Voice 
    Messaging Systems — Continued
    Y/N
    1Note N/A
    *T 
    						
    							BCS Products
    Security Handbook  
    555-025-600  Issue 6
    December 1997
    Product Security Checklists 
    Page H-7 AUDIX Voice Power System 
    H
    AUDIX Voice Power System
    Also see the general security checklist on page H-3, the security checklist for the 
    host communications system.
    Customer: _________________________________________
    PBX Type: _________________________________________
    Location: _________________________________________
    New Install: _________________________________________
    System Upgrade: _________________________________________
    Major Addition: _________________________________________
    Table H-3. AUDIX Voice Power System
    Y/N
    1Note N/A
    System Administration
    Administrative login name changed 
    from default
    All UNIX login passwords changed 
    from default
    System Features
    Only active subscribers translated
    Call transfer not allowed
    If call transfer enabled, transfer to 
    subscriber enabled
    Passwords changed from default 
    for all subscribers
    Retries before lockout < 6
    Retries before disconnect < 4
    Outcalling inactive
    Number of digits on outcalling 
    minimized, or outcalling destination 
    restricted 
    						
    							BCS Products
    Security Handbook  
    555-025-600  Issue 6
    December 1997
    Product Security Checklists 
    Page H-8 AUDIX Voice Power System 
    H
    1.If “NO” (N), provide Note reference number and explain.
    Invalid Auto Attendant menu 
    options directed to operator or 
    security
    Voice processing ports on host 
    PBX system restricted from toll 
    calls
    Voice Processing ports restricted 
    from dialing remote access 
    extension
    Product Monitoring
    Administration Log and Activity Log 
    checked daily
    End-User Education
    Passwords changed from default 
    for new subscribers
    Administrator instructed to change 
    administration login password 
    regularly
    Table H-3. AUDIX Voice Power System — Continued
    Y/N
    1Note N/A 
    						
    All Lucent Technologies manuals Comments (0)

    Related Manuals for Lucent Technologies BCS Products Security Handbook Instructions Manual