Home
>
Lucent Technologies
>
Communications System
>
Lucent Technologies DEFINITY® Enterprise Communication Server Release 8.2 Reports Guide
Lucent Technologies DEFINITY® Enterprise Communication Server Release 8.2 Reports Guide
Have a look at the manual Lucent Technologies DEFINITY® Enterprise Communication Server Release 8.2 Reports Guide online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 413 Lucent Technologies manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.
DEFINITY Enterprise Communication Server Release 8.2 Reports Guide 555-233-505 Issue 1 April 2000 Processor Occupancy Reports 4-21 Mapping Links to Applications 4 Table 4-5. Procedures for Calculating Processor Occupancy Step Description Step 1. Is there availab le suffic ient Proc essor Oc c upanc y to grow the switch? nIf the sum of Call Proc essing Oc c up anc y p lus Static Oc c up anc y is g reater than 70 p erc ent, there is no room to g row and no need to c omp lete Steps 2 throug h 7. nIf the sum of Call Proc essing Oc c up anc y p lus Static Oc c up anc y is less than 70 p erc ent, c ontinue with the following step s. Step 2. Calc ulate the Usag e Profile. Use the four-week averag e d ata (ob tained from your c omp leted c op y of Worksheet 5) to solve the following equations. Continued on next page %INTCOM= Total AtmptInt Atmpt _ __________ ´100 %INC= Total AtmptInc Atmpt _ __________ ´100 %OUT= Total AtmptOut Atmpt _ __________ ´100 %PNET= Total Atmpt Pnet Atmpt-Tandem Calls _ _________________________ ´100
DEFINITY Enterprise Communication Server Release 8.2 Reports Guide 555-233-505 Issue 1 April 2000 Processor Occupancy Reports 4-22 Mapping Links to Applications 4 Step 3. Determine the Traffic Ap p lic ation. Is the traffic ap p lic ation ICM/CMS, or CallVisor ASAI/OCM. You c an make this d etermination b ased on the typ e of b usiness served by the switc h, the p erc entag es of inc oming and outg oing traffic , and p ersonal knowledg e of whic h features in use. For examp le, a General Business ap p lic ation has a more even (in terms of inc oming, outgoing, and interc om) d istrib ution of traffic . An ICM/CMS ap plic ation has a hig h p erc entag e of inc oming c alls and also provid e those features sp ec ific to ACD or Call Vec toring . Some of these inc lud e ag ent and trunk trac king c ap ab ility (for examp le, CMS or BCMS), rec urring announc ements, and so on. If the switc h sup p orts more than one traffic ap p lic ation (for examp le, ICM/CMS as the primary and General Business as the sec ond ary), then the p roc essor oc c up anc y req uired for the p rimary ap p lic ation must b e d etermined first and then the remaind er is availab le for the sec ond ary ap p lic ation. NOTE: This d oc ument d esc rib es the method for c alc ulating the BHCC for a simp le General Business traffic ap p lic ation. Those switc hes that p rovid e the DCS, CMS, BCMS, and /or ISDN-PRI feature(s) are termed c omp lex and the Desig n Center must b e c onsulted in order to c alc ulate their BHCC. All ICM (ACD and Call Vec toring ), ASAI/OCM, and vec toring and interflow/traffic ap p lic ations are also termed c omp lex and c urrently are only evaluated b y the Desig n Center. For more information, c ontac t your Ac c ount Team. Step 4. Determine the maximum numb er of c alls the switc h should b e ab le to c omp lete in one hour. In ord er to make this d etermination, to the c onfig uration g uid elines for the switc h. Table 4-5. Procedures for Calculating Processor Occupancy — Continued Step Description Continued on next page
DEFINITY Enterprise Communication Server Release 8.2 Reports Guide 555-233-505 Issue 1 April 2000 Processor Occupancy Reports 4-23 Mapping Links to Applications 4 Step 5. Determine the normal c alling rate for the g iven level of occupancy. a. Calc ulate how many c omp leted c alls the switc h makes for the g iven level of oc c up anc y. This numb er is referred to as Calls p red ic ted . NOTE: 1) The d ivisor numb er, 70, is the c onstant from Step 1 and refers to the p erc entage of the processor used by c all proc essing. 2) The numb er for BHCC is the number that is ob tained in Step 4. b . Comp are the Calls Pred ic ted numb er to the four-Week average Total Calls field on Worksheet 5. c . If the Calls Pred ic ted numb er is less than the Total Calls numb er, then either the c ustomer has a low feature usag e rate or is c omp leting more than 70 p erc ent of c alls. Therefore, if ad d itional c ap ac ity is used in the same way, the following p red ic tions should p rovide reliab le results. If the Calls Predic ted numb er is g reater than the Total Calls numb er, then either the c ustomer has a high feature usag e rate or is c omp leting less than 70 p erc ent of c alls. Therefore, c are must b e taken in p red ic ting how many ad ditional c alls c an be supported. NOTE: If the Calls Pred ic ted numb er eq uals or ap p roximately eq uals the Total Calls numb er, then the c ustomer is using the switc h in a typ ic al manner. Table 4-5. Procedures for Calculating Processor Occupancy — Continued Step Description Continued on next page Calls Predicted= 70 Static Occ+CP Occ _ ____________________ ´BHCC Calls PredictedTotal Calls
DEFINITY Enterprise Communication Server Release 8.2 Reports Guide 555-233-505 Issue 1 April 2000 Processor Occupancy Reports 4-24 Mapping Links to Applications 4 Step 6. Determine how many ad d itional c alls the switc h c an complete. The number of add itional c alls c an be c alc ulated with the following equation. Step 7. Determine how many ad d itional extensions c an b e ad d ed . NOTE: The Averag e Numb er of Calls p er Extension d ep end s on the traffic ap p lic ation and other c ustomer-sp ec ific op erating tec hniq ues. If this measurement is not known, then you may use 4.05 (a typ ic al fig ure for a General Business traffic ap p lic ation). Table 4-5. Procedures for Calculating Processor Occupancy — Continued Step Description Continued on next page Number o f Additional Calls= Static Occ+CP Occ Total Calls( 4Week Avg) _ ______________________ ´(Idle Occ-15 ) Additional Extensions= Average Number o f Calls per ExtensionNumber o f Additional Calls _ __________________________________
Security Violations Reports 5-1 Security Violations Summary Report 5 DEFINITY Enterprise Communication Server Release 8.2 Reports Guide 555-233-505 Issue 1 April 2000 5 Security Violations Reports This c hapter d esc rib es the Sec urity Violations Rep orts. There are six sec urity violation rep orts — a d etail rep ort, a summary rep ort, and four status rep orts. These rep orts show system management log ins, and attemp ts to use station security codes, authorization codes, and remote access barrier codes. They also p rovid e information ab out attemp ts to ac c ess the system mad e within a g iven time frame. Security Violations Summary Report The system g enerates a Sec urity Violations Summary Rep ort that d isp lays valid and invalid ac c ess attemp ts, and sec urity violations in eac h of the c ateg ories measured (log in, authorization c od e, b arrier c od e, and station sec urity c od e). Commands Commands are availab le to d isp lay or c lear the Sec urity Violations Summary rep ort. To d isp lay the summary rep ort: 1. Type list measurements security-violations summary [print/schedule] and press RETURN.
DEFINITY Enterprise Communication Server Release 8.2
Reports Guide 555-233-505 Issue 1
April 2000
Security Violations Reports
5-2 Security Violations Summary Report
5
To reset all c ounters of the Sec urity Violations rep orts to zero:
1. Type clear measurements security-violations and press
RETURN.
NOTE:
The Security Violations Summary Report accumulates data until it is
cleared. This report
will overflow; therefore, review and clear it at
least once a month.
Options: The op tions print
and schedule
are available for these
commands.
Screen
Screen 5-1 d isp lays a typ ic al Sec urity Violations Summary Report. The rep ort
head er lists the switc h name and d ate and time the rep ort is req uested . Table 5-1
d esc rib es the d ata p resented in the Sec urity Violations Summary Rep ort.
Screen 5-1. Security Violations Summary Report
--------------------------------------------------------------------------
--------------------------------------------------------------------------
Switch Name:______________ Date: xx:xx am DAY MON xx, 19xx
SECURITY VIOLATIONS SUMMARY REPORT
Counted Since: xx:x am DAY MON xx,19xx
Barrier
Codes Station Security Codes Authorization Codes
-------- ---------------------- -----------------------------------
Origination Remote
Station Trunk Total Station Trunk Access Attd Total
Valid 0 1 2 3 0 0 0 0 0
Invalid 0 4 6 10 0 0 0 0 0
Sec Viol 0 3 0
Successful Invalid Invalid Forced Login Security Trivial
Port Type Logins Attempts IDs Disconnects Violations Attempts
SYSAM-LCL 0 0 0 0 0 0
SYSAM-RMT 0 0 0 0 0 0
MAINT 0 0 0 0 0 0
SYS-PORT 0 0 0 0 0 0
Total 0 0 0 0 0 0
--------------------------------------------------------------------------
--------------------------------------------------------------------------
DEFINITY Enterprise Communication Server Release 8.2 Reports Guide 555-233-505 Issue 1 April 2000 Security Violations Reports 5-3 Security Violations Summary Report 5 Table 5-1. Security Violations Summary Report Field Description Counted Since The time at whic h the c ounts ab ove were last c leared and started accumulating again, or when the system is initialized . Barrier Codes The total numb er of times a user entered a valid or invalid remote ac c ess b arrier c od e, and the numb er of resulting sec urity violations. Barrier c od es are used with remote ac cess trunks. An inexp licab le, significant increase in valid b arrier cod e use c ould ind ic ate the b arrier c od e has b een c omp romised . A marked inc rease in this number of invalid c od es may ind ic ate someone is attemp ting to b reak into your system. If you have just ad ministered a new b arrier c od e, or a barrier code expired recently, it may indicate people are making honest mistakes. Suggested Action: Delete or c hang e the b arrier c od e if you susp ec t it has b een c omp romised . Station Security Code Origination/T otalThe numb er of c alls orig inating from either stations or trunks that g enerated valid or invalid station sec urity c od es, the total numb er of suc h c alls, and the numb er of resulting security violations. A d ramatic inc rease in the numb er of either valid or invalid attemp ts may b e c ause for alarm. Unless rec ord ing of TTI/PSA events is turned off, they ap p ear in the history log . If usag e d oes not seem leg itimate, sec urity c od es and /or c lasses of servic e should b e c hang ed . Continued on next page
DEFINITY Enterprise Communication Server Release 8.2 Reports Guide 555-233-505 Issue 1 April 2000 Security Violations Reports 5-4 Security Violations Summary Report 5 Authorization CodesThe numb er of c alls, b y orig ination, that g enerated valid or invalid authorization cod es, the total numb er of such c alls, and the numb er of resulting sec urity violations. Calls are monitored b ased on the following orig ination typ es: nSt a t i o n nTrunk (other than remote ac c ess) nRemote Access nAttend ant If valid authorization c od e usag e inc reases d ramatic ally, you should investig ate. Someone may have ob tained valid c od es; on the other hand , it may turn out that a numb er of new, leg itimate users have c ome onto the system. If invalid authorization c od e usag e inc reases d ramatic ally, you should investig ate. Someone may b e trying to break into your system. However, a leg itimate exp lanation may b e that authorization c od es have rec ently b een c hanged and users are making some honest mistakes. If you susp ec t Authorization Cod es have b een c omp romised , change them. Table 5-1. Security Violations Summary Report — Continued Field Description Continued on next page
DEFINITY Enterprise Communication Server Release 8.2 Reports Guide 555-233-505 Issue 1 April 2000 Security Violations Reports 5-5 Security Violations Summary Report 5 Port Type The typ e of p ort used by the measured log in p roc ess. If break-ins are occ urring at this level, the offender may have ac c ess to your system administration. This is an extremely d ang erous situation. On the G3r, p ort types c an b e: nSYSA M - L C L ( SYSA M L o c a l Po r t . ) : This p ort on the SYSAM b oard is typ ic ally used as the loc al c onnec tion to the management terminal. It is loc ated in the switc h room. nSYSA M - RM T (SYSA M Re m o t e Po r t . ) : The dial-up port on the SYSAM b oard is typ ic ally used b y servic es for remote maintenanc e and is also used b y the switc h to c all out with alarm information. If system b reak-ins are mad e or attemp ted using this p ort, the offend er is someone who has the d ial-up numb er. nMAINT: These ports on the Expansion Port Networks maintenanc e b oard s are typ ic ally used as loc al c onnec tions for on site maintenanc e p erformed b y servic es. If system b reak-ins are mad e or attemp ted using this p ort, the offend er is someone who works in the building. nSYS- PO RT ( Sy st e m Po r t s) : These ports are ac c essed b y d ial-up throug h the TDM b us. On the G3si, p ort typ es c an b e: nMGR1: The d ed ic ated system ad ministration terminal c onnec tion. nNET: The network c ontroller d ial-up p orts. nEPN: The EPN maintenanc e EIA port. nINADS: The Initialization and Administration System port. Total Measurements totaled for all the ab ove p ort typ es. Successful LoginsThe total numb er of suc c essful logins into SM (that is, the login ID and the password submitted were valid) for the given port type. Table 5-1. Security Violations Summary Report — Continued Field Description Continued on next page
DEFINITY Enterprise Communication Server Release 8.2 Reports Guide 555-233-505 Issue 1 April 2000 Security Violations Reports 5-6 Security Violations Summary Report 5 Invalid Login AttemptsThe total numb er of log in attemp ts where the attempting party submitted an invalid login ID or password while ac c essing the g iven p ort typ e. NOTE: Look for numb ers sig nific antly hig her than normal. Invalid attempts do not inc lude cases where a user makes several attemp ts to log on and is suc c essful on the sec ond or third attemp t. (A user is g iven three tries at log g ing on before d isc onnec ted .) Invalid Login IDsThe total numb er of unsuc c essful log in attemp ts where the attemp ting p arty sub mitted an invalid log in while ac c essing the g iven p ort typ e. Login Forced DisconnectsThe total numb er of log in p roc esses d isc onnec ted automatic ally b y the switc h b ec ause the threshold for c onsec utive invalid log in attemp ts was exc eed ed for the g iven p ort typ e. The threshold is three attemp ts. Login Security ViolationsThe total numb er of log in sec urity violations for the given port type. As with b arrier c od e attemp ts, the user c an define the meaning of a sec urity violation b y setting two p arameters ad ministratively: 1. The numb er of unsuc c essful log ins 2. The time interval A log in sec urity violation notific ation is sent to the attend ant c onsole or a station with a d isp lay when the numb er of unsuc c essful logins is exc eed ed within the ad ministered interval of time. Login Trivial AttemptsThe total numb er of times a user c onnec ted to the system and gave no inp ut to the log in seq uenc e. A larg e numb er of trivial attempts c ould mean that the d ial-up numbers were accidentally distributed to the wrong personnel. Table 5-1. Security Violations Summary Report — Continued Field Description Continued on next page