Home > Lucent Technologies > Communications System > Lucent Technologies BCS Products Security Handbook

Lucent Technologies BCS Products Security Handbook

Download as PDF Print this page Share this page

Have a look at the manual Lucent Technologies BCS Products Security Handbook online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 413 Lucent Technologies manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226

227

228

229

230

231

232

233

234

235

236

237

238

239

240

241

242

243

244

245

246

247

248

249

250

251

252

253

254

255

256

257

258

259

260

261

262

263

264

265

266

267

268

269

270

271

272

273

274

275

276

277

278

279

280

281

282

283

284

285

286

287

288

289

290

291

292

293

294

295

296

297

298

299

300

301

302

303

304

305

306

307

308

309

310

311

312

313

314

315

316

317

318

319

320

321

322

323

324

325

326

327

328

329

330

331

332

333

334

335

336

337

338

339

340

341

342

343

344

345

346

347

348

349

350

351

352

353

354

355

356

357

358

359

360

361

362

363

364

365

366

367

368

369

370

371

372

373

374

375

376

377

378

379

380

381

382

383

384

385

386

387

388

View all the pages

Add page 241 to Favourites

image text

Enable zoom

							BCS Products
Security Handbook  
555-025-600  Issue 6
December 1997
Remote Access Example (DEFINITY ECS, DEFINITY G1, G3, and System 75) 
Page C-3 Permanently Disabling Remote Access 
C
18. Leave the Route Pattern blank for all dialed strings that you want to 
disallow the calls, such as international and operator calls. Any ARS/AAR 
calls starting with that dialed string will be blocked.
19. For all the Route Patterns assigned to ARS/AAR Partition 8, use change 
route-pattern to administer an appropriate FRL (1 through 7) in the FRL 
field. Since the FRL on the COR reserved for Remote Access is 0, the 
Remote Access caller will always be prompted for an authorization code for 
outside calls.
20. Assign authorization codes for your Remote Access users that provide the 
lowest possible FRL to match each user’s calling requirements.
See Chapter 3 for additional security measures.
Permanently Disabling Remote Access
For DEFINITY ECS, DEFINITY G3, System 85 R2V4n 3.0 and later, and the “n” 
versions of G1 and System 75V3, as an additional step to ensure system security, 
the Remote Access feature can be permanently removed. Permanent removal 
protects against unauthorized remote access usage even if criminals break into 
the maintenance port. See your Account Representative for information on the “n” 
upgrade.
To permanently disable the Remote Access feature in System 85R2V4n 3.0 and 
later, or G2.2 3.0 and later:
nUse PROC275 WORD4 FIELD2, and change the value to 1.
To permanently disable the Remote Access feature in System 75V3, G3, and the 
“n” versions of G1:
nEnter change remote-access to display the Remote Access screen.
nMake sure the Remote Access Extension field is blank.
nEnter y in the Permanently Disable field.
nEnter save translation. You MUST enter this command or the change will 
be lost if the switch is rebooted
.
nEnter display remote access to verify the changes. If you get an error 
message or you cannot display the screen, then you know it worked.
The Remote Access feature is disabled after you log off from the switch.
For System 85 R2V4n 3.0 and G2.23.0 and later, Remote Access can be 
permanently disabled. To permanently disable the Remote Access feature:
nUse PROC275 WORD4 FIELD2, and change the value to 1.

Add page 242 to Favourites

image text

Enable zoom

							BCS Products
Security Handbook  
555-025-600  Issue 6
December 1997
Remote Access Example (DEFINITY ECS, DEFINITY G1, G3, and System 75) 
Page C-4 Permanently Disabling Remote Access 
C
NOTE:
Once Remote Access has been permanently disabled, only the Lucent 
Technologies Technical Service Center can reenable it. Charges may apply 
for this service.

Add page 243 to Favourites

image text

Enable zoom

							Administering Features of the DEFINITY G3V3 and Later, Including DEFINITY ECS 
Page D-1 Administering the SVN Feature 
D
BCS Products
Security Handbook  
555-025-600  Issue 6
December 1997
D
DAdministering Features of the
DEFINITY G3V3 and Later,
Including DEFINITY ECS
This appendix provides information on administering these features in the 
following DEFINITY ECS and DEFINITY G3.
DEFINITY G3V3 and later, which includes DEFINITY ECS:
nEnhanced Security Violation Notification (SVN)
nBarrier code aging
nCustomer logins and forced password aging
DEFINITY G3V4 and later, which also includes DEFINITY ECS:
nLogoff notification
nCustomer login accessible through INADS remote administration port
nFacility test call notification
nRemote Access notification
Administering the SVN Feature
This section contains the following subsections:
1. Administering the login component
2. Administering the Remote Access component
3. Administering the authorization code component
4. Administering the Station Security Code component

Add page 244 to Favourites

image text

Enable zoom

							BCS Products
Security Handbook  
555-025-600  Issue 6
December 1997
Administering Features of the DEFINITY G3V3 and Later, Including DEFINITY ECS 
Page D-2 Administering the SVN Feature 
D
Administering the Login Component
To administer system parameters for the login component of the SVN feature, do 
the following:
1. To access the System Parameter Security form from the command line 
interface, enter change system-parameters security (G3V3 and later) or 
change system-parameters (releases prior to G3V3).
2. Enter y in the SVN Login Violation Notification Enabled field. When this 
field is set to y(es), the following fields appear on the Security-Related 
System Parameters form:
nOriginating Extension
Enter an unassigned extension, local to the switch and conforming 
to the dial plan, for the purpose of originating and identifying SVN 
referral calls for login security violations.
The originating extension initiates the referral call in the event of a 
login security violation. It also sends the appropriate alerting 
message or display to the referral destination.
nReferral Destination
Enter an extension assigned to a station or attendant console that 
will receive the referral call when a security violation occurs. The 
referral destination must be equipped with a display module unless 
the Announcement Extension has been assigned.
For G3V3 and later, call vectoring using time of day routing allows 
security notification to be extended off-premises.
nLogin Threshold
Enter the minimum number of login attempts that will be permitted 
before a referral call is made. The value assigned to this field, in 
conjunction with the Time Interval field, determines whether a 
security violation has occurred. The system default is 5.
nTime Interval
Enter the time interval within which a login security violation must 
occur. The range is one minute to eight hours (0:01 to 7:59), and is 
entered in the form x:xx. For example, if you want the time interval to 
be 1 minute, enter 0:01. If you want the time interval to be seven 
and one-half hours, enter 7:30. The system default is 0:03.
nAnnouncement Extension
Enter an extension that is assigned to the login SVN announcement. 
The announcement must be recorded for the SVN referral call to be 
made. A repeating announcement is suggested, especially if the 
SVN referral call might go to an answering machine.

Add page 245 to Favourites

image text

Enable zoom

							BCS Products
Security Handbook  
555-025-600  Issue 6
December 1997
Administering Features of the DEFINITY G3V3 and Later, Including DEFINITY ECS 
Page D-3 Administering the SVN Feature 
D
3.For releases before DEFINITY G3V3, administer an “lsvn-call” button on 
any station/attendant console (maximum 1 per system). The SVN button 
location can be determined by entering the command display 
svn-button-location. Activation of this feature button initiates the 
placement of login referral calls, until the button is deactivated.
4. For DEFINITY G3V3 and later releases, which includes DEFINITY ECS, 
administer an “lsvn-halt” button on any station/attendant console 
(maximum 1 per system). The SVN button location can be determined by 
entering the command display svn-button-location. Activation of this 
button stops the placement of all login referral calls, until the button is 
deactivated.
Enable/Disable a Login ID
The Disable a Login ID Following a Security Violation field on the Login 
Administration form is used to set the SVN parameters for a single login.
nEnter y in this field to have the SVN feature disable the specified login 
when a security violation is detected for that login ID. The system default 
isy. 
nEnter n in this field if you don’t want to have the SVN feature disable the 
specified login if a security violation is detected for that login ID. 
The Disable Following a Security Violation field is dynamic and will only appear on 
the Login Administration form when the login component of the SVN feature is 
enabled.
To enable a login that has been disabled by a security violation, or disabled 
manually with the disable login command:
1. Log in to the switch using a login ID with the proper permissions.
2. Enter the command enable login .
To disable a login:
1. Log in to the switch using a login ID with the proper permissions.
2. Enter the command disable login .
List the Status of a Login ID
To list the status of a login:
1. Log in to the switch using a login ID with the proper permissions.
2. Enter the command list login.
A display indicating the status of the specified login will appear. Possible login ID 
statuses are:
ndisabled — The login was disabled manually using the disable login 
command.

Add page 246 to Favourites

image text

Enable zoom

							BCS Products
Security Handbook  
555-025-600  Issue 6
December 1997
Administering Features of the DEFINITY G3V3 and Later, Including DEFINITY ECS 
Page D-4 Administering the SVN Feature 
D
nsvn-disabled — A security violation was detected for that login and the 
login was disabled by the SVN feature.
nactive — The login is currently logged in.
ninactive — The login is not logged in.
nvoid — The password associated with the login has been set to void.
Administering the Remote Access Component
To administer the Remote Access (barrier code) security violation parameters of 
the SVN feature, do the following:
1. To access the System Parameter Security form from the command line 
interface, enter change system-parameters security (G3V3 and later) or 
change system-parameters (releases prior to G3V3).
2. Enable the Remote Access component of the feature by entering y in the 
SVN Remote Access Violation Notification field. When this field is enabled, 
the following additional fields appear on the Security-Related System 
Parameters form:
nOriginating Extension
Enter an unassigned extension that is local to the switch and 
conforms to the dial plan, for the purpose of originating and 
identifying SVN referral calls for login security violations.
The originating extension initiates the referral call in the event of a 
login security violation. It also sends the appropriate alerting 
message or display to the referral destination.
nReferral Destination
Enter an extension assigned to a station or attendant console that 
will receive the referral call when a security violation occurs. The 
referral destination must be equipped with a display module unless 
the Announcement Extension has been assigned.
For DEFINITY G3V3 and later, including DEFINITY ECS, call 
vectoring using time of day routing allows security notification to be 
extended off-premises.
nLogin Threshold
Enter the minimum number of login attempts that will be permitted 
before a referral call is made. The value assigned to this field, in 
conjunction with the Time Interval field, determines whether a 
security violation has occurred. The system default is 5.

Add page 247 to Favourites

image text

Enable zoom

							BCS Products
Security Handbook  
555-025-600  Issue 6
December 1997
Administering Features of the DEFINITY G3V3 and Later, Including DEFINITY ECS 
Page D-5 Administering the SVN Feature 
D
nTime Interval
Enter the time interval within which a login security violation must 
occur. The range is one minute to eight hours (0:01 to 7:59), and is 
entered in the form x:xx. For example, if you want the time interval to 
be 1 minute, enter 0:01. If you want the time interval to be seven 
and one-half hours, enter 7:30. The system default is 0:03.
nAnnouncement Extension
Enter an extension that is assigned to the Remote Access SVN 
announcement. The announcement must be recorded for the SVN 
referral call to be made. A repeating announcement is suggested, 
especially if the SVN referral call might go to an answering machine. 
3. To activate the Disable Following a Security Violation feature, display the 
Remote Access Form and enter y in the Disable Following a Security 
Violation field.
4.For releases before G3V3, administer an “rsvn-call” button on any 
station/attendant console (maximum 1 per system). The SVN button 
location can be determined by entering the command display 
svn-button-location. Activation of this feature button initiates the 
placement of remote access referral calls, until the button is deactivated.
5. For G3V3 and later releases, administer an “rsvn-halt” button on any 
station/attendant console (maximum 1 per system). The SVN button 
location can be determined by entering the command display 
svn-button-location. Activation of this feature button stops the placement 
of all remote access referral calls until the button is deactivated.
Enable/Disable Remote Access Code
To enable a Remote Access Code that has been disabled following a security 
violation, or disabled manually with the disable remote access command:
1. Log in to the switch using a login ID with the proper permissions.
2. Enter the command enable remote access.
To disable a Remote Access Code:
1. Log in to the switch using a login ID with the proper permissions.
2. Enter the command disable remote access.

Add page 248 to Favourites

image text

Enable zoom

							BCS Products
Security Handbook  
555-025-600  Issue 6
December 1997
Administering Features of the DEFINITY G3V3 and Later, Including DEFINITY ECS 
Page D-6 Administering the SVN Feature 
D
Administering Remote Access Kill After N 
Attempts
Following is an example of how to administer this feature.
1. To access the System Parameters Features screen from the command line 
interface, enter change system-parameters features security (G3V3 
and later) or change system-parameters features (releases prior to 
G3V3). When the system-parameters features screen appears, complete 
the following fields:
nSVN Remote Access Violation Notification Enabled field — Enter y 
in this field to enable the Remote Access component of the SVN 
feature.
nOriginating Extension field — Enter an unassigned extension that 
conforms to the switch dial plan.
nReferral Destination field — Enter an extension that is assigned to a 
station equipped with a display module.
nBarrier Code Threshold field — Enter the number of times entry of 
an invalid barrier code will be permitted before a security violation is 
detected.
nTime Interval field — Enter the duration of time that the invalid 
barrier code attempts must occur within.
2. Enter the change remote-access command to access the Remote Access 
form.
nDisable Following A Security Violation field — If not already 
assigned, enter y in this field to disable Remote Access following a 
security violation.
NOTE:
The Disable Following A Security Violation field is dynamic. It 
will only appear if the remote access component of the SVN 
feature is enabled.
In the event of a Remote Access barrier code security violation, a referral call is 
generated, alerting the switch administrator of the violation. When the violation is 
detected, the Remote Access feature is disabled, prohibiting any further use until 
the security violation is investigated.
Consult the monitor security-violations report, trunk group measurements reports, 
and security measurements reports to determine the nature and source of the 
security violation. Local exchange and long distance carriers may provide 
assistance in tracing the source of the violation. The Remote Access feature 
should not be re-enabled until the source of the violation is identified, and you are 
confident that the feature is secure.
Enter the enable remote-access command to re-enable the Remote Access 
feature.

Add page 249 to Favourites

image text

Enable zoom

							BCS Products
Security Handbook  
555-025-600  Issue 6
December 1997
Administering Features of the DEFINITY G3V3 and Later, Including DEFINITY ECS 
Page D-7 Administering the SVN Feature 
D
If the Remote Access feature is to be dormant for a period of time, the feature can 
be disabled using the disable remote-access command. Entry of this command 
will disable the Remote Access feature until it is re-enabled using the enable 
remote-access command.
Administering Login ID Kill After N Attempts
Following is an example of how to administer this feature.
1. Enter the change system-parameters features command to assign 
Security Violation Notification (SVN) parameters. When the 
system-parameters features screen appears, complete the following fields:
nSVN Login Violation Notification Enabled field — Enter y in this field 
to enable the login component of the SVN feature.
nOriginating Extension field — Enter an unassigned extension that 
conforms to the switch dial plan.
nReferral Destination field — Enter an extension that is assigned to a 
station equipped with a display module.
nLogin Threshold field — Enter the number of times entry of an 
invalid login ID, or valid login ID/invalid password combination will 
be permitted before a security violation is detected.
nTime Interval field — Enter the duration of time that the invalid login 
attempts must occur within.
2. Enter the add/change login  command to access the login 
administration form.
nDisable Following A Security Violation field — If not already 
assigned, enter y in this field to disable the login ID following a 
security violation involving the login ID.
In the event a security violation involving the login ID is detected, a referral call is 
generated, alerting the switch administrator of the violation. When a login violation 
is detected for a valid login ID, the login ID is disabled, prohibiting any further use 
until the security violation is investigated and the login ID is re-enabled.
Consult the monitor security-violation report and security measurements report to 
determine the nature and source of the security violation. If the attempts to access 
the switch administration originated from a remote source, the local exchange and 
long distance carriers may provide assistance in tracing the source of the invalid 
access attempts. The affected login ID should not be re-enabled until the source 
of the violation is identified and you are confident that the switch administration 
maintenance interface is secure.
Enter the enable login  command to re-enable the login ID.
If a login ID is to be dormant for a period of time, the login ID can be disabled 
using the disable login  command. Entry of this command will disable 
the login ID until it is re-enabled using the enable login  command.

Add page 250 to Favourites

image text

Enable zoom

							BCS Products
Security Handbook  
555-025-600  Issue 6
December 1997
Administering Features of the DEFINITY G3V3 and Later, Including DEFINITY ECS 
Page D-8 Administering the SVN Feature 
D
Administering the Authorization Code 
Component
To administer the Authorization Code component of the SVN feature in G3V3 and 
later releases, do the following:
1. Access the System Parameter Security form by entering change 
system-parameters security from the command line interface.
2. When the SVN Authorization Code Violation Notification Enabled field is 
set to y, the following additional fields appear on the Security-Related 
System Parameters form:
nOriginating Extension
Enter an unassigned extension that is local to the switch and 
conforms to the dial plan, for the purpose of originating and 
identifying SVN referral calls for authorization code security 
violations.
The originating extension initiates the referral call in the event of an 
authorization code security violation. It also sends the appropriate 
alerting message or display to the referral destination.
nReferral Destination
Enter an extension assigned to a station or attendant console that 
will receive the referral call when an authorization code security 
violation occurs. 
If the announcement extension field is blank, the referral destination 
must be on the switch and a display module is required. Call 
vectoring, using time of day routing, allows security notification to be 
extended off-premises.
nAuthorization Code Threshold
Enter the minimum number of invalid authorization code attempts 
that will be permitted before a referral call is made. The value 
assigned to this field, in conjunction with the Time Interval field, will 
determine whether a security violation has occurred. The system 
default for the Authorization Code security violations threshold is 10.
nTime Interval
Enter the time interval within which the authorization code security 
violations must occur. The range for the time interval is one minute 
to eight hours (0:01 to 7:59), and is entered in the form x:xx. For 
example, if you want the time interval to be one minute, enter 0:01. If 
you want the time interval to be seven and one-half hours, enter 
7:30. The system default is 0:03.

All Lucent Technologies manuals Comments (0)

Lucent Technologies BCS Products Security Handbook

Related Manuals for Lucent Technologies BCS Products Security Handbook