Home > Lucent Technologies > Communications System > Lucent Technologies BCS Products Security Handbook Instructions Manual

Lucent Technologies BCS Products Security Handbook Instructions Manual

    Download as PDF Print this page Share this page

    Have a look at the manual Lucent Technologies BCS Products Security Handbook Instructions Manual online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 413 Lucent Technologies manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.

    							BCS Products
    Security Handbook  
    555-025-600  Issue 6
    December 1997
    Product Security Checklists 
    Page H-9 BasicWorks 
    H
    BasicWorks
    Also see the general security checklist on page H-3.
    Customer: _________________________________________
    System & Version: _________________________________________
    Location: _________________________________________
    New Install: _________________________________________
    System Upgrade: _________________________________________
    Major Addition: _________________________________________
    Table H-4. BasicWorks
    Y/N
    1Note N/A
    System Administration
    Customer advised of all logins under their 
    control. Passwords changed from factory 
    defaults.
    Passwords are customer-entered, 
    maximum length, and unique alphanumeric 
    words.
    NETCON access restricted by 
    COR-to-COR restrictions
    NETCON channels secured
    Non-DID extensions used for NETCON 
    ports
    Unused NETCON channels removed
    Login Security Violation Notification feature 
    active
    nLogins automatically disabled after 
    security violation
    nLogin Security Violations monitored 24 
    hours per day
    Login permissions customized 
    						
    							BCS Products
    Security Handbook  
    555-025-600  Issue 6
    December 1997
    Product Security Checklists 
    Page H-10 BasicWorks 
    H
    Unused logins removed (“remove login” 
    command or disabled [passwords 
    VOIDed])
    UNIQUE customer logins used
    Password aging activated
    Logins temporarily disabled when not 
    needed (“disable/enable” commands)
    Customer access to INADS port disabled
    nAdjunct connectivity (TroubleTracker, 
    Monitor I, SNMP, and G3MA) to access 
    the switch through the INADS port 
    established
    Remote Access
    Remote Access permanently disabled
    Remote Access administered
    nRemote access number is unpublished
    nNon-DID remote access number used
    nBarrier codes are random 7-digit 
    sequences
    nBarrier codes in own restricted COR
    nVoice processing ports COR-to-COR 
    restricted from dialing Remote Access 
    barrier codes
    nRemote Access Security Violation 
    Notification feature active
    — Remote Access Security Violations 
    monitored 24 hours per day
    — Remote Access automatically 
    disabled following detection of a 
    Security Violation
    nBarrier code aging used
    nRemote Access temporarily disabled 
    when not needed (“disable/enable” 
    commands)
    Logoff Notification enabled for Remote 
    Access
    Table H-4.BasicWorks — Continued
    Y/N
    1Note N/A 
    						
    							BCS Products
    Security Handbook  
    555-025-600  Issue 6
    December 1997
    Product Security Checklists 
    Page H-11 BasicWorks 
    H
    PBX Features
    Trunking
    Prohibit Trunk-to-Trunk Transfer on public 
    access trunks
    Tie trunk groups are COR-to-COR 
    restricted
    Trunk groups have dial access = n
    COR-to-COR restrictions on dial-accessed 
    trunks
    Automatic Circuit Assurance (ACA) on 
    trunks groups
    SMDR/CDR activated on all trunk groups
    Attendant control of trunk groups with TAC 
    = y
    Routing
    ARS/WCR used for call routing
    n1+809 and 0+809 area code blocked
    n900 and 976 calls blocked
    n976 “look-alikes” blocked
    nBlock access to Alliance 
    teleconference service (0700)
    n011/LD calls limited by FRLs
    n011/LD calls limited by Time-of-Day 
    routing
    n011/LD calls limited by 6-digit or digit 
    analysis
    nAlternate FRLs used (G3r)
    Table H-4.BasicWorks — Continued
    Y/N
    1Note N/A 
    						
    							BCS Products
    Security Handbook  
    555-025-600  Issue 6
    December 1997
    Product Security Checklists 
    Page H-12 BasicWorks 
    H
    1.If “NO” (N), provide Note reference number and explain.
    Facility Test Call/Data Origination
    Facility Test code changed from default, if 
    used
    nFacility Test code translated only when 
    needed
    nFacility Test code limited to system 
    admin/mtce COR
    nLogoff Notification enabled for Facility 
    Test Call
    Data Origination feature code not 
    translated
    Miscellaneous
    Console permissions restricted/limited
    Individual and group-controlled restrictions 
    used
    Authorization codes used
    Operator calls restricted
    Switch-hook flash denied on FAX 
    machines, modems, etc.
    COR-to-COR restrictions used on all CORs
    Ports for adjuncts in own restricted COR
    Restrict call forwarding off-net = y
    Digit conversion of unauthorized calls to 
    console or security
    Three-way COR check on 
    transfer/conference
    Authorization Code Security Violation 
    Notification feature active
    Product Monitoring
    Traffic measurements reports monitored 
    daily
    SMDR/CMS reports monitored daily
    Recent change history log reviewed daily
    Table H-4.BasicWorks — Continued
    Y/N
    1Note N/A 
    						
    							BCS Products
    Security Handbook  
    555-025-600  Issue 6
    December 1997
    Product Security Checklists 
    Page H-13 CONVERSANT Voice Information System 
    H
    CONVERSANT Voice Information 
    System
    Also see the general security checklist on page H-3, and the security checklist for 
    the host communications system.
    Customer: _________________________________________
    PBX Type: _________________________________________
    Location: _________________________________________
    New Install: _________________________________________
    System Upgrade: _________________________________________
    Major Addition: _________________________________________
    Table H-5. CONVERSANT Voice Information System
    Y/N
    1Note N/A
    System Administration
    Administrative login name changed 
    from default
    All UNIX login passwords changed 
    from default
    Busy lamp on modem port
    Modem dial-up password 
    administered
    System Features
    Customized scripts do not allow 
    transfers
    Customized scripts limit transfers to 
    specific extensions 
    						
    							BCS Products
    Security Handbook  
    555-025-600  Issue 6
    December 1997
    Product Security Checklists 
    Page H-14 CONVERSANT Voice Information System 
    H
    1.If “NO” (N), provide Note reference number and explain.
    Host PBX
    Analog ports in CONVERSANT 
    Voice Information System hunt 
    group restricted from toll calls by 
    host PBX, for example, restricted 
    COR
    Analog ports in CONVERSANT 
    Voice Information System hunt 
    group COR-to-COR restricted from 
    dialing RA barrier codes (when host 
    communications system is 
    System 75, or DEFINITY ECS, or 
    DEFINITY G1 or G3)
    Product Monitoring
    System reports checked daily
    Table H-5. CONVERSANT Voice Information System — Continued
    Y/N
    1Note N/A 
    						
    							BCS Products
    Security Handbook  
    555-025-600  Issue 6
    December 1997
    Product Security Checklists 
    Page H-15 DEFINITY ECS, DEFINITY G1 and G3, and System 75 
    H
    DEFINITY ECS, DEFINITY G1 and 
    G3, and System 75
    Also see the general security checklist on page H-3, and the security checklist for 
    any attached voice mail systems or other adjuncts.
    Customer: _________________________________________
    Location: _________________________________________
    System & Version: _________________________________________
    New Install: _________________________________________
    System Upgrade: _________________________________________
    Major Addition: _________________________________________
    Table H-6. DEFINITY ECS, G1, and G3, and System 75
    Y/N
    1Note N/A
    System Administration
    Customer advised of all logins 
    under their control
    Passwords changed from factory 
    defaults
    Passwords are customer entered, 
    maximum length, unique, nonsense 
    alphanumeric words
    NETCON access restricted by 
    COR-to-COR
    NETCON channels secured
    Non-DID extensions used for 
    NETCON ports
    Unused NETCON channels 
    removed
    Login Security Violation 
    Notification feature active
    Logins automatically disabled after 
    security violations (G3V3 and later) 
    						
    							BCS Products
    Security Handbook  
    555-025-600  Issue 6
    December 1997
    Product Security Checklists 
    Page H-16 DEFINITY ECS, DEFINITY G1 and G3, and System 75 
    H
    Login permissions customized 
    (G3V2)
    Unused logins removed (remove 
    login command, (G3V3 and later) or 
    disabled (passwords VOIDed)
    UNIQUE customer logins used 
    (G3V3 and later)
    Password aging activated (G3V3 
    and later)
    Logins temporarily disabled when 
    not needed (disable/enable 
    commands) (G3V3 and later)
    If customer access to INADS port 
    enabled, adjunct connectivity 
    (TroubleTracker, Monitor I, SNMP 
    and G3MA) to access the switch 
    through the INADS port established 
    (G3V4)
    Remote Access
    Remote Access permanently 
    disabled if not used (G3V2 and 
    North American Dial Plan loads)
    Remote Access administered
    Remote access number is 
    unpublished
    Non-DID remote access number 
    used
    Barrier codes are random 7-digit 
    sequences
    Barrier codes in own restricted 
    COR
    Seven-digit authorization codes 
    used
    Second dial tone omitted between 
    barrier and authorization codes
    Authorization code timeout to 
    attendant
    Table H-6. DEFINITY ECS, G1, and G3, and System 75 — Continued
    Y/N
    1Note N/A 
    						
    							BCS Products
    Security Handbook  
    555-025-600  Issue 6
    December 1997
    Product Security Checklists 
    Page H-17 DEFINITY ECS, DEFINITY G1 and G3, and System 75 
    H
    Voice processing ports 
    COR-to-COR restricted from dialing 
    Remote Access barrier codes
    Remote Access Security Violation 
    Notification feature active
    Remote Access Security Violations 
    monitored 24 hours per day
    Login Security Violations 
    monitored 24 hours per day
    Remote Access automatically 
    disabled following detection of a 
    Security Violation (G3V3 and later)
    Barrier code aging used (G3V3 and 
    later)
    Remote Access temporarily 
    disabled when not needed 
    (disable/enable commands) (G3V3 
    and later)
    Logoff notification enabled (G3V4)
    PBX Features
    Trunking
    Prohibit Trunk-to-Trunk transfer on 
    public access trunks
    Tie trunk groups are COR-to-COR 
    restricted
    Trunk groups have dial access = n
    COR-to-COR restrictions on 
    dial-accessed trunks
    ACA (Automatic Circuit Assurance) 
    on trunk groups
    SMDR/CDR activated on all trunk 
    groups
    Trunks measured by BCMS/CMS
    Trunk-to-Trunk Transfer only 
    allowed with DCS or CAS (G3V3 
    and later) 
    COS Trunk-to-Trunk Restriction 
    Override = n (DEFINITY ECS R5)
    Table H-6. DEFINITY ECS, G1, and G3, and System 75 — Continued
    Y/N
    1Note N/A 
    						
    							BCS Products
    Security Handbook  
    555-025-600  Issue 6
    December 1997
    Product Security Checklists 
    Page H-18 DEFINITY ECS, DEFINITY G1 and G3, and System 75 
    H
    Personal Station Access (PSA) 
    (DEFINITY ECS R5)
    PSA COS assignment limited to 
    stations with need to access PSA
    8-digit security codes assigned to 
    stations using PSA
    Station Security Code Security 
    Violation Notification feature active
    nStation Security Code Security 
    Violations monitored 24 hours 
    per day
    Extended User Administration of 
    Redirected Calls (DEFINITY ECS 
    R5)
    8-digit security codes assigned to 
    stations using Extended User
    Telecommuting Access Extension 
    not administered
    Administration of FACs for 
    Redirected Calls
    nExtend Call Forward All 
    Activate
    nExtended Call Forward 
    Busy/Don’t Answer Activate
    nExtended Call Forward Cancel
    nChange Coverage
    Station Security Code Security 
    Violation Notification feature active
    nStation Security Code Security 
    Violations monitored 24 hours 
    per day
    Routing
    ARS/WCR used for call routing
    1+809 and 0+809 area code 
    blocked
    900, 976 calls blocked
    976 look-alikes blocked
    Table H-6. DEFINITY ECS, G1, and G3, and System 75 — Continued
    Y/N
    1Note N/A 
    						
    All Lucent Technologies manuals Comments (0)

    Related Manuals for Lucent Technologies BCS Products Security Handbook Instructions Manual