Home > Lucent Technologies > Communications System > Lucent Technologies DEFINITY Enterprise Communications Server Release 8.2 Instructions Manual

Lucent Technologies DEFINITY Enterprise Communications Server Release 8.2 Instructions Manual

Add to Favourites
    Download as PDF

    Here you can view all the pages of manual Lucent Technologies DEFINITY Enterprise Communications Server Release 8.2 Instructions Manual. The Lucent Technologies manuals for Communications System are available online for free. You can easily download all the documents as PDF.

    Overview View all the pages Comments

    Page 341

    Page 341 Enhancing system security 317 11 DEFINITY ECS Release 8.2 Administrator’s Guide 555-233-506 Issue 1.1 June 2000 11 Enhancing system security Toll fraud is the theft of long distance service and can come from both internal and external sources. When toll fraud occurs, your company is responsible for usage charges. In addition, unauthorized use may tie up your system, preventing your customers from reaching you and your employees from doing business. Lucent Technologies designed the DEFINITY ECS to... 
    Enhancing system security 
317  
11
DEFINITY ECS Release 8.2
Administrator’s Guide  555-233-506  Issue 1.1
June 2000
11
Enhancing system security
Toll fraud is the theft of long distance service and can come from both internal and 
external sources. When toll fraud occurs, your company is responsible for usage 
charges. In addition, unauthorized use may tie up your system, preventing your 
customers from reaching you and your employees from doing business.
Lucent Technologies designed the DEFINITY ECS to...

    Page 342

    Page 342 DEFINITY ECS Release 8.2 Administrator’s Guide 555-233-506 Issue 1.1 June 2000 Enhancing system security 318 Basic security 11 Basic security Keeping your system secure The following is a partial list you can use to help secure your system. It is not intended as a comprehensive security checklist. Refer to the BCS Products Security Handbook for more information about these and other security-related features. nSecure the system administration and maintenance ports and/or logins on DEFINITY ECS... 
    DEFINITY ECS Release 8.2
Administrator’s Guide  555-233-506  Issue 1.1
June 2000
Enhancing system security 
318 Basic security 
11
Basic security
Keeping your system secure
The following is a partial list you can use to help secure your system. It is not 
intended as a comprehensive security checklist. Refer to the BCS Products 
Security Handbook for more information about these and other security-related 
features.
nSecure the system administration and maintenance ports and/or logins on 
DEFINITY ECS...

    Page 343

    Page 343 DEFINITY ECS Release 8.2 Administrator’s Guide 555-233-506 Issue 1.1 June 2000 Enhancing system security 319 Preventing toll fraud 11 Preventing toll fraud Top 15 tips to help prevent toll fraud 1. Protect system administration access Make sure secure passwords exist for all logins that allow System Administration or Maintenance access to the system. Change the passwords frequently. Set logoff notification and forced password aging when administering logins. You must assign passwords for these... 
    DEFINITY ECS Release 8.2
Administrator’s Guide  555-233-506  Issue 1.1
June 2000
Enhancing system security 
319 Preventing toll fraud 
11
Preventing toll fraud
Top 15 tips to help prevent toll fraud
1. Protect system administration access
Make sure secure passwords exist for all logins that allow System 
Administration or Maintenance access to the system. Change the 
passwords frequently.
Set logoff notification and forced password aging when administering 
logins. You must assign passwords for these...

    Page 344

    Page 344 DEFINITY ECS Release 8.2 Administrator’s Guide 555-233-506 Issue 1.1 June 2000 Enhancing system security 320 Preventing toll fraud 11 7. Protect access to information stored as voice Password restrict access to voice mail mailboxes. Use non-trivial passwords and change passwords regularly. 8. Provide physical security for telecommunications assets Restrict unauthorized access to equipment rooms and wire connection closets. Protect system documentation and reports data from being compromised. 9.... 
    DEFINITY ECS Release 8.2
Administrator’s Guide  555-233-506  Issue 1.1
June 2000
Enhancing system security 
320 Preventing toll fraud 
11
7. Protect access to information stored as voice
Password restrict access to voice mail mailboxes.
Use non-trivial passwords and change passwords regularly.
8. Provide physical security for telecommunications assets
Restrict unauthorized access to equipment rooms and wire connection 
closets.
Protect system documentation and reports data from being compromised.
9....

    Page 345

    Page 345 DEFINITY ECS Release 8.2 Administrator’s Guide 555-233-506 Issue 1.1 June 2000 Enhancing system security 321 Physical security 11 14.Callers misrepresenting themselves as the “phone company,” “AT&T,” “RBOCS,” or even known employees within your company may claim to be testing the lines and ask to be transferred to “900,” “90,” or ask the attendant to do “start 9 release.” This transfer reaches an outside operator, allowing the unauthorized caller to place a long distance or international call.... 
    DEFINITY ECS Release 8.2
Administrator’s Guide  555-233-506  Issue 1.1
June 2000
Enhancing system security 
321 Physical security 
11
14.Callers misrepresenting themselves as the “phone company,” “AT&T,” 
“RBOCS,” or even known employees within your company may claim to 
be testing the lines and ask to be transferred to “900,” “90,” or ask the 
attendant to do “start 9 release.” This transfer reaches an outside operator, 
allowing the unauthorized caller to place a long distance or international 
call....

    Page 346

    Page 346 DEFINITY ECS Release 8.2 Administrator’s Guide 555-233-506 Issue 1.1 June 2000 Enhancing system security 322 System security checklist 11 System security checklist Here’s some of the steps required for indemnification. Use these to analyze your system security. 1. Remove all default factory logins of cust, rcust, browse, nms, and bcms and assign unique logins with 7-character alphanumeric passwords and a 90-day password aging. Use the list logins command to find out what logins are there. 2. If... 
    DEFINITY ECS Release 8.2
Administrator’s Guide  555-233-506  Issue 1.1
June 2000
Enhancing system security 
322 System security checklist 
11
System security checklist
Here’s some of the steps required for indemnification. Use these to analyze your 
system security.
1. Remove all default factory logins of 
cust, rcust, browse, nms, and bcms 
and assign unique logins with 7-character alphanumeric passwords and a 
90-day password aging. Use the 
list logins command to find out what 
logins are there.
2. If...

    Page 347

    Page 347 DEFINITY ECS Release 8.2 Administrator’s Guide 555-233-506 Issue 1.1 June 2000 Enhancing system security 323 System security checklist 11 4. If you use Remote Access to process calls off-net or in any way access the public network: a. Use a 7-digit barrier code. b. Assign a unique COR to the barrier code. c. Restrict the COR assigned to each barrier code by FRL level to only the required calling areas to conduct business. d. Set the aging cycle to 90 days with 100 call limit per barrier code. e.... 
    DEFINITY ECS Release 8.2
Administrator’s Guide  555-233-506  Issue 1.1
June 2000
Enhancing system security 
323 System security checklist 
11
4. If you use Remote Access to process calls off-net or in any way access the 
public network:
a. Use a 7-digit barrier code.
b. Assign a unique COR to the barrier code.
c. Restrict the COR assigned to each barrier code by FRL level to only 
the required calling areas to conduct business.
d. Set the aging cycle to 
90 days with 100 call limit per barrier code.
e....

    Page 348

    Page 348 DEFINITY ECS Release 8.2 Administrator’s Guide 555-233-506 Issue 1.1 June 2000 Enhancing system security 324 System security checklist 11 c.If the vector has a “route-to” step that routes the call to a remote switch via AAR, assign a unique COR with a unique ARS/AAR Partition Group, the lowest FRL to complete an AAR call, and n on all unique COR assigned to your public network trunking facilities on the Calling Permissions. Assign the appropriate AAR route patterns on the AAR Partition Group... 
    DEFINITY ECS Release 8.2
Administrator’s Guide  555-233-506  Issue 1.1
June 2000
Enhancing system security 
324 System security checklist 
11
c.If the vector has a “route-to” step that routes the call to a remote 
switch via AAR, assign a unique COR with a unique ARS/AAR 
Partition Group, the lowest FRL to complete an AAR call, and 
n on 
all unique COR assigned to your public network trunking facilities 
on the Calling Permissions. Assign the appropriate AAR route 
patterns on the AAR Partition Group...

    Page 349

    Page 349 DEFINITY ECS Release 8.2 Administrator’s Guide 555-233-506 Issue 1.1 June 2000 Enhancing system security 325 System security checklist 11 8. If loop start trunks are administered in the switch and cannot be changed by the Local Exchange Company, block all class of service from forwarding calls off-net. In the Class of Service screen, Restriction Call Fwd-Off Net field, set to y for the 16 (0-15) COS numbers. Refer to ‘‘ Class of Service’’ on page 545 for more information. NOTE: If a station is... 
    DEFINITY ECS Release 8.2
Administrator’s Guide  555-233-506  Issue 1.1
June 2000
Enhancing system security 
325 System security checklist 
11
8. If loop start trunks are administered in the switch and cannot be changed by 
the Local Exchange Company, block all class of service from forwarding 
calls off-net. In the Class of Service screen, Restriction Call Fwd-Off Net 
field, set to 
y for the 16 (0-15) COS numbers.
Refer to ‘‘
Class of Service’’ on page 545 for more information.
NOTE:
If a station is...

    Page 350

    Page 350 DEFINITY ECS Release 8.2 Administrator’s Guide 555-233-506 Issue 1.1 June 2000 Enhancing system security 326 System security checklist 11 14. Assign all trunk groups or same trunk group types a unique Class of Restriction. If the trunk group does not require networking through your switch, administer the Class of Restriction of the trunk group where the FRL is 0, the Calling Party Restriction field is outward, and all unique Class of Restriction assigned to your outgoing trunk groups are n.... 
    DEFINITY ECS Release 8.2
Administrator’s Guide  555-233-506  Issue 1.1
June 2000
Enhancing system security 
326 System security checklist 
11
14. Assign all trunk groups or same trunk group types a unique Class of 
Restriction. If the trunk group does not require networking through your 
switch, administer the Class of Restriction of the trunk group where the 
FRL is 
0, the Calling Party Restriction field is outward, and all unique 
Class of Restriction assigned to your outgoing trunk groups are 
n....
    Start reading Lucent Technologies DEFINITY Enterprise Communications Server Release 8.2 Instructions Manual

    Related Manuals for Lucent Technologies DEFINITY Enterprise Communications Server Release 8.2 Instructions Manual

    All Lucent Technologies manuals