Home > Lucent Technologies > Communications System > Lucent Technologies BCS Products Security Handbook Instructions Manual

Lucent Technologies BCS Products Security Handbook Instructions Manual

    Download as PDF Print this page Share this page

    Have a look at the manual Lucent Technologies BCS Products Security Handbook Instructions Manual online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 413 Lucent Technologies manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.

    							BCS Products
    Security Handbook  
    555-025-600  Issue 6
    December 1997
    Product Security Checklists 
    Page H-59 System 25 
    H
    1.If “NO” (N), provide Note reference number and explain.
    Remote Access
    Remote activated only if required
    Use non-DID number for remote 
    access
    Barrier codes are maximum 
    allowable digits, random number 
    sequence, non-sequential
    AVP/VMS
    Do not register ARS or FACS as 
    subscribers
    Provide small mailboxes (AVP) 
    and no voice mail coverage on 
    “utility” stations (that is, non-voice 
    such as FAX endpoints)
    Admin login password changed on 
    regular basis
    Transfer to Subscribers Only = y
    Change password from default for 
    new subscribers
    Voice ports outward restricted if 
    outcalling not used
    Use of outcalling denied or 
    minimized
    Invalid Auto Attendant menu 
    options directed to operator
    Disable remote maintenance 
    access when not in use
    Product Monitoring
    SMDR/CAS reports monitored 
    daily, administration log and activity 
    log checked daily (AVP)
    End-User Education
    Only trusted personnel transferred 
    to remote maintenance port
    Table H-23. System 25 — Continued
    Y/N
    1Note N/A 
    						
    							BCS Products
    Security Handbook  
    555-025-600  Issue 6
    December 1997
    Product Security Checklists 
    Page H-60 PassageWay Telephony Services 
    H
    PassageWay Telephony Services
    Also see the general security checklist on page H-3.
    Customer: _________________________________________
    Location: _________________________________________
    PassageWay Install 
    Date:
    ________________________________________
    Table H-24. PassageWay Telephony Services
    Y/N
    1Note N/A
    General
    Telephony Server is in a secure 
    location (locked room).
    Backups of the Telephony Server 
    machine are made at regular 
    intervals.
    Virus detection is run on the 
    Telephony Server machine at 
    regular intervals. If infected files are 
    detected, they are cleaned or 
    removed, or restored from system 
    backups.
    Product Installation
    When using TCP/IP for Computer 
    Telephone Integration (CTI) links, 
    the CTI link between the Telephony 
    Server and the PBX (for example, 
    DEFINITY ECS) is installed on a 
    private LAN.
    Routing is not enabled between two 
    network cards. 
    						
    							BCS Products
    Security Handbook  
    555-025-600  Issue 6
    December 1997
    Product Security Checklists 
    Page H-61 PassageWay Telephony Services 
    H
    System Administration
    Guidelines followed for 
    logins/passwords for user 
    accounts. (See PassageWay 
    customer documentation.)
    Customer educated about 
    standard Lucent password 
    recommendations (For example, at 
    least 7 characters and forced 
    password change for new 
    subscribers. See PassageWay 
    customer documentation.)
    Default administrator login for 
    Tserver changed at installation.
    Separate Tserver accounts 
    administered for each user. (Login 
    and password added on OS, and 
    login id added to Tserver) for each 
    user. (NOTE: Shared Logins are 
    NOT Allowed.)
    Unused Tserver and system 
    accounts are disabled or removed.
    When using btrieve, enabled the 
    “Log Changes to SDB” feature.
    Customers entered their passwords 
    as accounts were created.
    Individuals given control of only 
    their devices during Tserver 
    administration. (Avoid using Any 
    Device or Exception List.)
    Enabled DEFINITY ECS CDR (or 
    comparable capability of other 
    Lucent switch) to track call history.
    Table H-24. PassageWay Telephony Services
    Y/N
    1Note N/A 
    						
    							BCS Products
    Security Handbook  
    555-025-600  Issue 6
    December 1997
    Product Security Checklists 
    Page H-62 PassageWay Telephony Services 
    H
    For NetWare only:
    Used the NetWare Administrator 
    feature (NetWare 4.10 and 4.11) or 
    SYSCON utility (NetWare 3.12) to 
    set the appropriate login and 
    password restrictions (For example, 
    require users to have passwords 
    with a minimum length of 7 
    characters, enable password aging, 
    and so forth.)
    Used the NetWare Administrator 
    feature (NetWare 4.10 and 4.11) or 
    SYSCON utility (NetWare 3.12) to 
    enable the Intruder Detection 
    feature and to lock accounts after 
    several invalid login attempts have 
    been made.
    Enabled the “Restrict Users to 
    Home Worktop” feature in the 
    Telephony Services security 
    database.
    For Windows NT only:
    Disabled the “Extended Worktop 
    Access” feature in the Telephony 
    Services security database.
    Use the “Account Policy” dialog box 
    of the Windows NT user manager 
    to configure the following security 
    features:
    nMinimum password length
    nMinimum and Maximum 
    Password Age
    nPassword Uniqueness
    nAccount Lockout for invalid 
    logon attempts
    Took full advantage of Windows NT 
    event log (for example, for 
    monitoring failed login attempts)
    Table H-24. PassageWay Telephony Services
    Y/N
    1Note N/A 
    						
    							BCS Products
    Security Handbook  
    555-025-600  Issue 6
    December 1997
    Product Security Checklists 
    Page H-63 PassageWay Telephony Services 
    H
    Access Control
    To ensure protection of sensitive 
    system files used by Tserver, only 
    System Administrator has access to 
    Tserver, Security Database, and 
    log files.
    For Windows NT only:
    Make file system NTFS instead of 
    FAT.
    Remote Access
    When using pcANYWHERE (or 
    another tool for remote access of 
    customer PCs), customer has 
    been advised of the following 
    precautions:
    nDo not publish phone number 
    for modem.
    nUse return call option with 
    Lucent phone number. (Do not 
    set up pcANYWHERE without 
    the callback option.)
    Table H-24. PassageWay Telephony Services
    Y/N
    1Note N/A 
    						
    							BCS Products
    Security Handbook  
    555-025-600  Issue 6
    December 1997
    Product Security Checklists 
    Page H-64 PassageWay Telephony Services 
    H
    1.If “NO” (N), provide Note reference number and explain
    nWhen on the PC, 
    pcANYWHERE is not started 
    except as required.
    nFor added security, unplug 
    phone jack from modem when 
    pcANYWHERE is not in use.
    nChange password after 
    services leaves and after 
    remote access.
    nConfigure the following 
    security options:
    — Require login names for 
    callers
    — Make passwords case 
    sensitive
    — Log failed connection 
    attempts
    — Maximum login attempts 
    per call
    — Time to enter complete 
    login
    — Disconnect if inactive
    nConfigure pcANYWHERE to 
    log remote control and on-line 
    sessions. (Set the “Save 
    Session Statistics in Activity 
    Log File” checkbox in the 
    “Other Session Parameters” 
    group box.)
    Table H-24. PassageWay Telephony Services
    Y/N
    1Note N/A 
    						
    							Large Business Communications Systems Security Tools by Release 
    Page I-1  
    I
    BCS Products
    Security Handbook  
    555-025-600  Issue 6
    December 1997
    I
    ILarge Business Communications
    Systems Security Tools by Release
    The following tables contain page references for the available security features for 
    the System 75, System 85, DEFINITY G1, G2, G3, and DEFINITY ECS. 
    Information is listed by release. 
    						
    							BCS Products
    Security Handbook  
    555-025-600  Issue 6
    December 1997
    Large Business Communications Systems Security Tools by Release 
    Page I-2  
    I
    Table I-1. Large Business Communications Systems Security Tools by Release
    Feature See Section/Page S75 S85 G1 G2 G3V1 G3V2 G3V3 G3V4ECS 
    R5 & 
    later
    3-way COR check‘‘
    Restriction 
    Override (3-way 
    COR Check)’’ on 
    page 3-14
    xxxx
    AAR/ARS Analysis‘‘
    AAR/ARS 
    Analysis’’ on page 
    3-17
    xxxxxxxxx
    Administrable 
    Logins‘‘
    Forced Password 
    Aging and 
    Administrable 
    Logins’’ on page 
    3-47
    xxx
    Administration 
    Security‘‘
    Administration / 
    Maintenance 
    Access’’ on page 
    2-4
    xxxxxxxxx
    Alternate Facility 
    Restriction Levels‘‘
    Remote Access’’ 
    on page 2-2
    ‘‘Class of 
    Restriction’’ on 
    page 3-12
    ‘‘Alternate Facility 
    Restriction Levels’’ 
    on page 3-16
    ‘‘Provide 
    Individualized 
    Calling Privileges 
    Using FRLs’’ on 
    page 3-28
    x xxxxxx
    ARS Dial Tone‘‘
    ARS Dial Tone’’ 
    on page 3-17
    xxxxxxxxx
    Attendant-
    Controlled Voice 
    Terminals‘‘
    Attendant - 
    Controlled Voice 
    Terminals’’ on page 
    3-18
    xx
    Authorization 
    Codes(See Index)R1V3xxxxxxxx
    Authorization 
    Code Security 
    Violation 
    Notification‘‘
    Security Violation 
    Notification Feature 
    (DEFINITY ECS 
    and DEFINITY G3 
    only)’’ on page 
    3-53
    xxx 
    						
    							BCS Products
    Security Handbook  
    555-025-600  Issue 6
    December 1997
    Large Business Communications Systems Security Tools by Release 
    Page I-3  
    I
    Automatic Circuit 
    Assurance‘‘Automatic Circuit 
    Assurance (ACA)’’ 
    on page 3-51
    ‘‘Automatic Circuit 
    Assurance’’ on 
    page 6-11
    xxxxxxxxx
    Barrier Code‘‘
    Remote Access’’ 
    on page 2-2
    ‘‘Security Tips’’ on 
    page 3-2
    ‘‘Barrier Codes’’ on 
    page 3-4
    ‘‘Restrict Who Can 
    Use Remote 
    Access/Track its 
    Usage’’ on page 
    3-25
    ‘‘Protecting 
    Remote Access’’ 
    on page 4-13
    xxxxxxxxx
    Barrier Code Aging‘‘
    Remote Access 
    Barrier Code 
    Aging/Access 
    Limits (DEFINITY 
    G3V3 and Later)’’ 
    on page 3-61
    xxx
    BCMS 
    Measurement‘‘
    BCMS 
    Measurements 
    (DEFINITY ECS 
    and DEFINITY G1 
    and G3 only)’’ on 
    page 3-52
    x x xxxx
    Table I-1. Large Business Communications Systems Security Tools by Release — 
    Feature See Section/Page S75 S85 G1 G2 G3V1 G3V2 G3V3 G3V4ECS 
    R5 & 
    later 
    						
    							BCS Products
    Security Handbook  
    555-025-600  Issue 6
    December 1997
    Large Business Communications Systems Security Tools by Release 
    Page I-4  
    I
    Call Detail 
    Recording (SMDR)‘‘Call Detail 
    Recording (CDR) / 
    Station Message 
    Detail Recording 
    (SMDR)’’ on page 
    3-48
    ‘‘Call Detail 
    Recording (CDR) / 
    Station Message 
    Detail Recording 
    (SMDR)’’ on page 
    5-11
    ‘‘Call Detail 
    Recording (CDR) / 
    Station Message 
    Detail Recording 
    (SMDR)’’ on page 
    6-8
    xxxxxxxxx
    Call Forward 
    On/Off Net‘‘
    Class of Service’’ 
    on page 3-14
    xxxx
    Call Prompting/
    ASAI‘‘
    Protecting 
    Vectors That 
    Contain Call 
    Prompting’’ on 
    page 3-9
    x xxxxxx
    Call Vectoring‘‘
    Call Vectoring 
    (DEFINITY ECS 
    and DEFINITY G3 
    only)’’ on page 3-9
    ‘‘Prevent 
    After-Hours Calling 
    Using Time of Day 
    Routing or 
    Alternate FRLs’’ 
    on page 3-29
    x xxxxxx
    Central Office 
    Restrictions‘‘
    Central Office 
    Restrictions’’ on 
    page 3-19
    xxxxxxxxx
    Class of 
    Restrictions(See Index) x x x x x x x
    Table I-1. Large Business Communications Systems Security Tools by Release — 
    Feature See Section/Page S75 S85 G1 G2 G3V1 G3V2 G3V3 G3V4ECS 
    R5 & 
    later 
    						
    All Lucent Technologies manuals Comments (0)

    Related Manuals for Lucent Technologies BCS Products Security Handbook Instructions Manual