Home
>
Lucent Technologies
>
Communications System
>
Lucent Technologies Octel 100 Implementation And Service Manual
Lucent Technologies Octel 100 Implementation And Service Manual
Have a look at the manual Lucent Technologies Octel 100 Implementation And Service Manual online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 413 Lucent Technologies manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.
23. Maintaining the System Implementation and Service ManualProtecting Your System23-23 W hen these parameters are disabled, callers dialing an extension that has not been assigned a mailbox hear, “ is not valid. Please redial the number of the person you are calling.” It is recommended that these parameters are disabled. For additional information on these parameters, see Chapter 13, “Setting Up the System.” Impeding Callers from Accessing the Quick Assist Maintenance Mailbox W hen you run Quick Assist in a recov er mode, the system can automatically assign messages with inv alid header information to a default mailbox. This allows the system manager to then copy the messages to the correct subscriber mailbox. The default for this maintenance mailbox is the last mailbox number av ailable on the system. For example, on a system with four-digit mailboxes, mailbox 9999 is used. Since it is easier for an outside caller attempting to gain unauthorized mailbox access to guess a mailbox number such as 9999, it is recommended that you specify a system mailbox in which you want unattached messages to be placed. In addition, it is strongly recommended that this mailbox be assigned a long password that cannot easily be guessed by an outside caller attempting to access the system. W hen you run Quick Assist in recov er mode from the Quick Assist icon in the program folder, use the Mailbox to Receiv e Unattached Messages field on the Recov er Files dialog box to specify a mailbox in which to place messages with inv alid header information. W hen you run Quick Assist from the \CVR prompt or in batch mode as part of regular system maintenance, specify this mailbox by including the -M n parameter, where n indicates the number of the mailbox to be used, in the Quick Assist command line. For additional information on using the -M n command, see the topic, Running Quick Assist as Part of Routine System Maintenance, earlier in this chapter. Assigning Randomly Generated Passwords to System Mailboxes In System Setup, the system allows you to select the type of password assigned to new system mailboxes. You can assign the same default password to all new mailboxes, not require a password, or you can hav e the system automatically assign a random password to each new mailbox. For security purposes, it is recommended that you use random password assignment. W hen you use random password assignment, the system displays the passwords assigned to the new mailboxes when they are created. For additional information on using randomly generated passwords, see Chapter 13, “Setting Up the System.” Requiring Passwords at Least One Digit Longer than Mailbox Numbers The longer the passwords assigned to system mailboxes, the harder it is for a caller to guess them. The Minimum Length of Password parameter on the Subscriber tab in the System Setup utility allows you to set the least number of digits required in a mailbox password. It is recommended that you set this parameter at least one digit higher than
23. Maintaining the System Implementation and Service ManualProtecting Your System23-24 the length of the system’s mailbox numbers. For example, if the system uses four-digit mailboxes, it is recommended that the Minimum Length of Password parameter be set to at least 5. Remember when setting this parameter to balance system security against ease of use for the subscribers. Setting this parameter too high may make it difficult for system subscribers to remember their passwords. For additional information on using this parameter, see Chapter 13, “Setting Up the System.” Requiring Subscribers to Regularly Change Their Passwords Requiring subscribers to regularly change their passwords helps prev ent outside callers from determining subscriber passwords and gaining unauthorized access to system mailboxes. Use the Days Before Forced Password Change parameter on the Subscriber tab in System Setup to specify the required interim before subscribers are required to change their mailbox passwords. W hen you enable this parameter, subscribers must change their password the first time they log into their mailboxes and each time after the number of specified days expires before they can proceed to the main menu. For additional information on using this parameter, see Chapter 13, “Setting Up the System.” Monitoring Uninitialized Mailboxes If you disable the Days Before Forced Password Change parameter on the Subscriber tab in System Setup, subscribers are not required to change their passwords. This can make it easier for a caller to guess a subscriber’s password, especially if a default password is used for all mailboxes instead of randomly assigned passwords for each mailbox. The Uninitialized Mailboxes report lists all mailboxes for which the password has not yet been changed from the initially assigned password. It is recommended that you check this report regularly to determine which subscribers hav e not yet changed their passwords. Remind subscribers that they should change their passwords regularly to prev ent anyone from accessing their mailboxes. If you find that many subscribers are not changing their passwords, you can enable the Days Before Forced Password Change parameter in the System Setup utility to require them to change their passwords. Using Extended Password Security Extended password security requires subscribers to press after entering their passwords to access their mailboxes. If subscribers do not press , the system pauses before allowing mailbox access. The Enable Extended Password Security parameter on the Subscriber tab in System Setup determines whether the system waits for the subscriber to press or allows immediate mailbox access after successful password entry. This parameter helps prev ent unauthorized users from determining the number of digits in system mailbox passwords. It is recommended that this feature be enabled. For additional information on using this parameter, see Chapter 13, “Setting Up the System.”
23. Maintaining the System Implementation and Service ManualProtecting Your System23-25 Providing Notification of Unsuccessful Mailbox Login Attempts The system can v oice notification to subscribers when one or more unsuccessful login attempts hav e been made to their mailboxes. This feature informs subscribers that someone may hav e attempted to gain unauthorized access to their mailboxes. The Failed Login Notification option on the Class of Serv ice dialog box determines whether this feature is enabled. The Failed Login Notify option on the Subscriber Settings dialog box controls this feature by indiv idual mailbox. W hen an unsuccessful login attempt occurs, it is recommended that the subscriber change their mailbox password immediately and notify the system manager of the attempted login. It is recommended that this feature be enabled for all mailboxes. For additional information on using this feature, see Chapter 16, “Managing System Mailboxes.” Locking Subscriber Mailboxes After Unsuccessful Login Attempts The system can lock a mailbox when a caller attempting to log into the mailbox has been disconnected after entering the incorrect password a specified number of times. A locked mailbox prev ents any caller, including the subscriber, from logging into the mailbox until the system manager manually unlocks the mailbox. Mailbox Lock-Out Option on the Class of Serv ice dialog box determines whether this feature is enabled. The Mailbox Lock-Out option on the Subscriber Settings dialog box controls this feature by indiv idual mailbox. The Consecutiv e Login Failures Before Lock-Out parameter on the Subscriber Parameters tab in System Setup determines the number of failed login attempts allowed before the mailbox is locked, if the Mailbox Lock-Out option is enabled for the mailbox. It is recommended that this feature be enabled for all mailboxes. For additional information on using the Mailbox Lock-Out feature, see Chapter 16, “Managing System Mailboxes.” Monitoring Failed Login Attempts The Login Failure report prov ides a list of all unsuccessful login attempts to system mailboxes. You should monitor this report regularly to determine if there are a lot of failed login attempts to a particular mailbox and when the failed attempts occurred. A high number of failed login attempts could indicate the mailbox owner requires additional training or that an unauthorized user is attempting to gain access to the mailbox. Having Subscribers Record Their Name Prompts W hen subscribers record their Name prompts, those prompts are v oiced as confirmation to callers sending messages to system mailboxes. This ensures that messages will be sent to the correct mailboxes. If a Name prompt is not recorded for a subscriber mailbox, only the mailbox number is v oiced to callers sending messages to that mailbox.
23. Maintaining the System Implementation and Service ManualProtecting Your System23-26 Deleting Unused Mailboxes Immediately If a mailbox is no longer being used, it is recommended that you immediately delete that mailbox from the system. This prev ents anyone from gaining unauthorized system access through the mailbox. If a mailbox is being reassigned to a new mailbox owner, it is strongly recommended that you delete, then re-create the mailbox. For additional information on deleting system mailboxes, see the topic, Deleting Mailboxes, in Chapter 16, “Managing System Mailboxes.” Requiring Callers to Enter Passwords to Proceed in V-Trees If V-Trees are used to distribute or collect sensitiv e information, such as pricing data or customer data, it is strongly recommended that you use the Require Password to Proceed to Next Lev el option. This option requires callers to a V-Tree to correctly enter a predefined password before they are allowed to proceed in the V-Tree. You can use this option on multiple lev els to protect indiv idual options, or you can use it on the first lev el of the V-Tree to limit access to the entire V-Tree. This ensures that only authorized callers can gain access to the V-Tree information. For additional information on using the Require Password to Proceed to Next Lev el option in V-Trees, see Chapter 17, ”W orking with V-Trees.” Securing the System PC It is v ery important the system PC be protected from unauthorized system management access. Unauthorized access to the system PC could result in system setup changes, loss of mailboxes and messages, and database corruption. The best way to prev ent unauthorized system management access to the system PC is to store the PC in a secure area, such as a locked room. If you cannot store the system PC in a secure area, consider using security features of the PC, such as passwords, to prov ide a degree of protection. See the PC documentation for information on av ailable security features. Before implementing security features on the PC, contact a technical support representativ e to rev iew the security features you intend to use to ensure they will not disrupt system performance in any way. Utilizing Phone System Security Features Most phone systems hav e security features that help prev ent unauthorized access to system ports. Contact your phone system representativ e to determine what security features are av ailable and how to implement them. Before implementing security features on the phone system, contact a technical support representativ e to rev iew the security features you intend to use to ensure they will not disrupt system performance in any way.
23. Maintaining the System Implementation and Service ManualProtecting Your System23-27 Using Supervisor Passwords to Restrict System Management Access Access to system management features is password-protected. There are two lev els of system manager passwords. Lev el 2 access allows a system manager to create, edit, and delete mailboxes; to access reports and system statistics; to create and specify prompts; maintain network nodes; and to create V-Trees. Lev el 3 access allows a system manager to perform all Lev el 2 tasks, to set system parameters using the System Setup utility, to configure greeting by port, to modify classes of service, and to configure multilingual systems. It is recommended that you use at least a six-digit password for both the Lev el 2 and Lev el 3 passwords. The longer the Lev el 2 and Lev el 3 passwords, the more difficult it is for someone to guess them. It is also recommended that the superv isor passwords be changed on a regular basis to further protect against unauthorized system manager access. W hen giv ing the Lev el 2 or Lev el 3 password to system managers, keep in mind that the more people who hav e a password, the greater the possibility for problems to occur. There should be more than one indiv idual who knows the passwords for the system, howev er, so when one system manager is away from the office, another is av ailable to maintain the system. For additional information on superv isor passwords, see Chapter 20, “Starting, Logging Into, and Shutting Down the System.” Using the Auto Logoff Feature to Restrict System Management Access The system’s Auto Logoff feature allows you to specify the maximum amount of onscreen superv isor inactiv ity allowed before the security lev el automatically returns to Lev el 1. This feature helps prev ent unauthorized access to system manager functions. To set the Auto Logoff, enter the number of minutes of onscreen inactiv ity allowed before logoff in the Logoff In__ Minutes field on the Superv isor Password dialog box. For additional information on logging into the system, see Chapter 20, “Starting, Logging Into, and Shutting Down the System.” Remote Access Use the following guidelines to secure remote access to the system: · The RSM client should be configured to require a password to gain access to the system. · The passwords should be periodically changed. Make sure you notify the appropriate indiv iduals or organizations each time you change the passwords. · The modem connected to the system should be disabled when it is not required for use by authorized personnel. The connection should be enabled only by the system administrator on an “as needed” basis.
23. Maintaining the System Implementation and Service ManualProtecting Your System23-28 Security Checklist It is recommended that the following checklist to be used to ensure that the security measures listed below are implemented, as appropriate, on the messaging system. _____1. (Required) Store the messaging system PC in a secure area. _____2. (Required - Toll Fraud) Disable the Transfer Inv alid Mailboxes During Hours and Transfer Inv alid Mailboxes After Hours parameters on the Inv alid Mailbox tab in System Setup. _____3. (Recommended) W hen Quick Assist is run in recov er mode from the Quick Assist icon in the program folder, specify a Mailbox to Receiv e Unattached Messages on the Recov er Files dialog box. _____4. (Recommended) W hen Quick Assist is run in recov er mode from the \CVR prompt in an OS/2 window, or run it automatically as part of system maintenance, include the -M n parameter to specify a mailbox to receiv e unattached messages. _____5. (Recommended) Use the Randomly Generated method of assigning passwords to new mailboxes. _____6. (Required) Set the Minimum Length of Password parameter on the Subscriber tab in System Setup at least 1 digit higher than the number of digits system mailboxes. _____7. (Required) Set the Days Before Forced Password Change parameter on the Subscriber tab in System Setup to require subscribers to regularly change their mailbox passwords. Recommended setting is a v alue from 182 to 365. _____8. (Recommended) Regularly monitor the Uninitialized Mailbox report to determine if subscribers hav e changed their mailboxes passwords. Remind subscribers that hav e not initialized their mailboxes that they should change their passwords immediately to prev ent unauthorized access to their mailboxes. _____9. (Recommended) Activ ate the Enable Password Security parameter on the Subscriber tab in System Setup to require subscribers to press after they finish entering their passwords. _____10. (Required) Enable the Failed Login Notification in subscribers’ classes of serv ice and the Failed Login Notify option on the Subscriber Settings dialog box so the system notifies subscribers when one or more unsuccessful login attempts are made to their mailboxes. _____11. (Required) Set the Consecutiv e Login Failures Before Lock-Out parameter on the Subscriber tab in System Setup to specify how many unsuccessful login attempts are allowed before mailboxes are locked. _____12. (Required) Enable the Mailbox Lock-Out Option in subscribers’ classes of serv ice and the Mailbox Lock-Out option on the Subscriber Settings dialog box to lock subscriber mailboxes after the number of unsuccessful login attempts specified in the Consecutiv e Login Failures Before Lock-Out parameter hav e occurred. _____13. (Recommended) Regularly monitor the Login Failure report to determine if a high number of unsuccessful login attempts are occurring on a mailbox or if the login attempts are occurring after business hours. _____14. (Recommended) Require that subscribers record their Name prompts so that the system v oices the mailbox owner’s name to callers sending messages to messaging system mailboxes. _____15. (Recommended) Use the Require Password to Proceed to Next Lev el option to secure V-Trees that prov ide sensitiv e information such as pricing data and customer data. _____16. (Required) Use at least 6-digit level 2 and level 3 superv isor passwords to prev ent unauthorized system manager access. _____17. (Recommended) W rite down lev el 2 and lev el 3 passwords and keep them in a secure place.
23. Maintaining the System Implementation and Service ManualProtecting Your System23-29 _____18. (Recommended) Notify the local serv ice prov ider of any changes to lev el 2 or lev el 3 superv isor passwords in case remote maintenance is required. _____19. (Required) Contact the system representativ e to determine what security features are av ailable for the phone system and how to implement them. Before implementing any security features on the phone system, contact a technical support representativ e to ensure that the features you want to implement will not disrupt messaging system performance in any way. _____20. (Required) Set the Auto Logoff feature to a low v alue to ensure that the messaging system returns to security lev el 1 after a short period of inactiv ity. _____21. (Required) All remote access logins to the system must be administered to require the use of a secondary password. _____22. (Required) The end-user must periodically/frequently change all secondary passwords. After changing the secondary passwords, the end-user should notify the appropriate support organization(s) that the passwords hav e been changed. _____23. (Required) The modem connection to the system should be “disabled” when it is not required for use by authorized personnel. This connection should be enabled only by the system administrator on an “as needed” basis.
23. Maintaining the System Implementation and Service ManualProtecting Your System23-30 Notes:
Implementation and Service Manual Testing and Troubleshooting the System24-1 CHAPTER 24 Testing and Troubleshooting the System After you install and set up the messaging system, you should test the integration with the phone system and the software features to ensure that the entire system works properly. The topics included in this chapter will help you to: · Test the messaging system to ensure that it is correctly installed and configured · Troubleshoot possible program problems you may encounter · Determine a switchs disconnect signal · Display the features enabled on the sentinel · View the PLUS.LOG file · Verify that the appropriate prompts are v oiced by the system under certain Call Handling conditions Some information prov ided in this chapter is highly technical. Your lev el of knowledge on general telephony and the switch being used, as well as your access to tools such as digit grabbers will dictate how effectively you can interpret some of this information. If you hav e any questions, be sure to contact a technical support representativ e.
24. Testing and Troubleshooting the System Implementation and Service Manual Testing and Troubleshooting the System24-2 Testing and Troubleshooting the System After you install and set up the messaging system and optional add-on modules at the customer site, it is essential that you test the software to ensure that it is correctly configured and functioning as intended. To thoroughly test the software, you must exercise all Automated Attendant and Voice/Fax Mail features to confirm that all calls handled by the messaging system are properly answered, routed, and messaged. This chapter prov ides a test plan you can use to help you exercise the messaging system features and options to confirm they are functioning appropriately. Depending on the features used for indiv idual applications of the system, you may not need to complete ev ery part of the test plan. For your conv enience, the test plan is separated into two parts. The first part cov ers basic integration, system greeting, and messaging functionality. The second part cov ers the special features av ailable on the system, such as Call Queuing, Call Screening, and V-Trees. If, while performing the steps outlined in this test plan, you encounter unexpected results, refer to the System Troubleshooting Table in this chapter for information that may help you resolv e the issue. The System Troubleshooting Table is organized alphabetically by problem area in a format that describes possible problems and potential resolutions. This chapter also includes troubleshooting procedures to help you to confirm that the messaging system is configured to recognize the appropriate switch disconnect signal and that the sentinel attached to the messaging system permits features in question, and to identify system errors written to the PLUS.LOG file. If, after referring to this information, you are unable to resolv e specific issues, contact a technical support representativ e. Understanding Prompts Voiced Under Specific Call Handling Conditions The prompts v oiced and keypress options av ailable to callers when they are transferred to a mailbox depend on the type of system integration and Call Handling settings that are selected for the mailbox. Four tables are included in this chapter, located after the troubleshooting table, to help you determine the prompts and options the system v oices under v arious integrations and Call Handling conditions. You can use these tables in conjunction with the test plan to v erify that calls are greeted with the expected prompts under specific Call Handling conditions. Installation Test Plan To prepare to use the test plan: 1. Record the personal greetings to be used for at least three test mailboxes on the messaging system. You will place calls to and from these mailboxes during these tests. 2. Attach a digit grabber to the messaging system. 3. Activ ate the Activ ate Digit Grabber (DIGRAB) parameter on the Inband Page 1 tab in System Setup.