NEC Guardian An Open Application Interface Operations Manual
Have a look at the manual NEC Guardian An Open Application Interface Operations Manual online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 1168 NEC manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.
NDA-30008 Revision 2.0Page 1 Guardian Operations Manual General Information Chapter 1 General Information System Overview Guardian, an Open Application Interface (OAI) application, supports both the telephone user and those who administer the telephone system within an organization or institution. As an OAI application, Guardian is supported by the Applications Manager (APM), particularly in the area of database administration and application configuration. Guardian is a two-pronged system that provides continuous control of real-time call processing functions as well as a menu-driven terminal interface for system administration. This dual design is illustrated in Figure 1-1 below. . Figure 1-1 Guardian Dual System The system is designed to support the management of multiple tenants (e.g., a university with four separate campuses or a business housed in several buildings). Each tenant has its own real-time call processing, configuration, and databases, but all tenants are managed by the centralized System Administrator. Password Password Password APM Guardian Admin (Operator Access to * options Operator/Adm Access to + options) Ext. Code Group Group Code Ext. HistoryStatusCalls Id Clear Reports *+ Batch Modify + Time RecordQuery *+ Log Name OA I NEAXUAP Console B Menu-Driven Administration Processes A Real-Time Call Authorizing/ Restricting Processes
Page 2NDA-30008 Revision 2.0 General Information Guardian Operations Manual System Overview (Continued) The Guardian system monitors access to telephone extensions in the system, detects invalid attempts to place calls, and restricts service, when necessary. In the Guardian system, each telephone user is assigned an authorization code that corresponds to an individual extension or to a whole group of extensions, as in a college dormitory or a corporate department. Authorization codes, extensions, and groups are administratively assigned defined time periods during which access is prohibited (e.g., weekends or daily after 6:00 p.m.). Any calls attempted during prohibited periods are considered invalid and are not processed. If an extension has an excessive number of invalid calls, Guardian restricts or disables the extension. Calls that are attempted on extensions or with authorization codes that are already disabled are also considered invalid. Guardian uses one of the following methods to restrict or disable telephone access: •System Disable – Guardian monitors real-time call processing for a frequency of invalid call attempts on any extension that exceeds the designated maximum frequency (e.g., 7 invalid call attempts within a 15-minute period). When an extension exceeds the maximum number of invalid calls, Guardian automatically disables the extension temporarily. Both the maximum frequency and the length of time that the extension is temporarily disabled are configured limits specified by extension group. However, the administrator can override a System Disable at any time. Admin Disable – Guardian enables the administrator to disable any extension, authorization code, or group of extensions in one of the following ways: Routinely – The disablement of any or all extensions, authorization codes, or groups of extensions during specified, regularly occurring time periods, such as weekends or the late night hours Unconditionally – The disablement of an extension, authorization code, or group at any time, for as long as desired Guardian logs information about invalid call attempts and modifications to the status of extensions, authorization codes, and groups. From this log and the databases, Guardian provides a variety of reports in support of system management. Security Guardian is a password-protected system. You can enter the system with either an Administrator, an Operator, or the Adm/Operator password. The Administrator password provides unlimited access to all of the Guardian administrative functions that appear on the monitor in menu form. The Operator password enables you to generate reports and to view, but not change, the status of individual extensions, authorization codes, and groups of extensions. The Adm/Operator password provides access to all Operator functions as well as access to the modify menu. The Guardian main menu includes a Maintain Password option through which the Administrator can specify or change the Administrator, Operator or Adm/Operator passwords.
NDA-30008 Revision 2.0Page 3 Guardian Operations Manual General Information User Procedure You can use one of the following procedures to place a call from an extension using an authorization code, depending upon the NEAX features that are available and the data assignments that are configured on the NEAX System. During call processing, Guardian verifies the disable status of the code and the extension and either restricts the call or permits it with the routing and service feature privileges assigned to the code. Procedure No. 1: (Using a Service Access Code) Step 1: The caller enters the service access code to initiate Guardian. Step 2: At the tone, the caller enters an authorization code. Step 3: When the dial tone sounds, the caller enters the destination telephone number. Step 4: If the authorization code and the extension are valid and enabled, the call is placed, and the caller hears the telephone ringing at the destination. If the authorization code is disabled or unknown to the system, or if the extension is disabled, the call is not be placed, and the caller hears a busy tone. Procedure No. 2: Step 1: The caller enters the destination telephone number. Step 2: If the special dial tone sounds, the call is restricted and requires an authorization code. Step 3: The caller enters the authorization code. Step 4: If the authorization code and the extension are valid and enabled, the call is placed, and the caller hears the telephone ringing at the destination. If the authorization code is disabled or unknown to the system, or if the extension is disabled, the call is not be placed, and the caller hears a busy tone.
Page 4NDA-30008 Revision 2.0 General Information Guardian Operations Manual Database Organization Guardian requires the five databases described below for each tenant: Group – Contains definitions for up to 1,000 groups of extensions such as corporate departments or student dormitories. Each group is assigned information that is used to detect and prevent access violation on any of its extensions by group members. If all extensions in the organization are assigned to only one group, that group is assigned the default value of zero in the application configuration during installation. However, if there is more than one group, group 0 is defined in the application configuration, and all other groups are defined in this group database. Groups 1-9 have access to all extensions and authorization codes. Groups 10-1000 have access only to those extensions and authorization codes assigned to them. Extension – Contains extension numbers that are up to five digits in length with information relating to their verification. Each extension is mutually cross- referenced with its group definition. If an extension used in a call attempt does not appear in this database, the system assumes that it belongs to the default group 0, and the extension is marked as unknown for reporting purposes. Authorization Code – Contains user-defined authorization codes that are up to ten digits in length with information necessary for their verification. Forced account codes may be substituted for authorization codes. Guardian can work with either forced account or authorization codes but not with both at the same time. Each authorization code is assigned Route Restriction Class (RSC) and Service Feature Class (SFC) values that indicate levels of privileges granted to the code holder. Time Interval – Contains up to 15 predetermined time intervals used to specify periods during which authorization codes, extensions, and groups can be turned off by the system administrator. These intervals are user-defined and might include weekends, holidays, or evenings. ID – Contains telephone user identification numbers and the authorization codes that are assigned to them. The ID numbers may consist of seven to ten characters. Guardian initially creates this database from the authorization code database. You can access the database by ID number through the Guardian System Administrator Query Database option and modify it by authorization code through the APM Database Administration option. These databases are created and maintained through the Database Administration option in the Applications Manager (APM). The Guardian system administrator must have access to the APM at the system administrator security level in order to create the databases. The Applications Manager Operations Manual provides step- by-step procedures for creating and changing the database definitions and records. Installation Introduction on page 7 of this manual provides information about the specific fields necessary for each of the databases.
NDA-30008 Revision 2.0Page 5 Guardian Operations Manual General Information Database Organization (Continued) Once a database is created or changes are made to it in the APM, it is installed for active use by Guardian. While this installation is taking place, Guardian briefly suspends its real-time control and restriction of PBX call processing. During this period, the PBX reverts to its internal tables that do not reflect the status of extensions, groups, and authorization codes in the databases. The amount of time required to load the database(s) is brief enough that it should not significantly affect the level of control exercised by Guardian. Menu Organization The system administrator interacts with Guardian through a series of menu-driven screens. The organization of these screens is illustrated in Figure 1-2. Boldfaced options appear on the Administration Main Menu, the asterisked options (*) appear on the Operator Main Menu and the options indicated by a ‘+’ appear on the Adm/ Operator Menu. Chapter 3, “Administration” on page 27 of this manual describes the use of these options and their data entry screens in detail. Figure 1-2 Main Menu Organization System Administration Modify Status + Group Authorization Extension Query Database* + Group Authorization Extension Time Interval Initialize Batch Control Initialize Record FileGenerate Reports* + Maintain Call Attempts Database Status Database History Set OAI App Clear StatusUser ID * Accessed through the Operator security level Logical Name Values PasswordCode Code + Accessed through the Adm/Operator security level
General Information Guardian Operations Manual Page 6NDA-30008 Revision 2.0 This Page Left Blank.
NDA-30008 Revision 2.0Page 7 Guardian Operations Manual Installation Introduction Chapter 2 Installation Introduction This chapter provides you with specific information and field entries that you need to install and configure Guardian. In addition to this chapter, use the following manuals for installation information: Applications Manager (APM) Installation Manual – Contains step-by-step instructions for installing the software from the release media. Applications Manager (APM) Operations Manual – Explains how applications like Guardian are configured in the APM environment and how Guardian’s databases are created, using the entries and values provided in this chapter. NEAX System Manuals - Give very detailed explanations about the assignments that need to be made with the NEAX2400 Maintenance Administration Terminal (MAT) commands, the NEAX2000 Customer Administration Terminal (CAT), or the NEAX2000 Maintenance Operations Console (MOC). The installation and set up of Guardian involves the following steps. Each of these steps is described in more detail within this chapter: Software Installation – Load the Guardian software from the release media using the instructions provided in the APM Installation Manual. After you install the software, you must assign the Guardian login name, guardadm so that users can log in to Guardian from the UNIX prompt. For more information, refer to this section on page 9. Application Configuration – Guardian is internally supported by the APM and must be configured in the APM environment. This section that begins on page 11 provides the information that must be entered into this APM configuration file. Use the instructions provided in the APM Operations Manual for the entries contained in this section. Database Requirements – Guardian uses five databases which are constructed through the APM Database Administration option. To build the databases, the system creates master definition files and their related master databases. Then, the system creates the application definition files to enable the processing of the master files into application databases. This section defines the information that you must enter to these definition and database files. Use the instructions provided in the APM Operations Manual for the entries contained in this section. NEAX Command Assignments – Before Guardian will function, specific data settings must be assigned at the NEAX2400 Maintenance Administration Terminal (MAT), the NEAX2000 Customer Administration Terminal (CAT), or the NEAX2000 Maintenance Operations Console (MOC). “NEAX Command Assignments” on page 22 specifies the necessary commands and the values at which they are to be set. Use the instructions provided in the appropriate NEAX System Manuals to make the entries contained in this section. Initialization – Initialize Guardian from the APM Operations Menu using the instructions provided in the APM Operations Manual. A password is assigned to the login ID. This section describes the password assignment process.
Page 8NDA-30008 Revision 2.0 Installation Introduction Guardian Operations Manual The installation process, including its presentation in this manual and reference to other manuals, is illustrated below: Software Installation Software Login ID Protected Databases Update Application Configuration Application Characteristics Primary Parameter Configuration OAI Facilities (Optional) OAI Configuration Parameters (Optional) User-Defined Parameters Database Requirements Master Definition File Master Database File Application Definition File Application Database Initialization APM Initialization Password Assignment NEAX2400 MAT Commands NEAX2000 CAT/MOC CommandsGUARDIAN INSTALLATION REQUIREMENTSSoftware Installation InitializationNEAX Command Assignments Database Requirements Application Configuration Discussed in section: Instructions in: APM Installation Manual APM Operations Manual NEAX2400 IMS System Manuals NEAX2000 IVS System Manuals APM Installation Manual APM Installation Manual
NDA-30008 Revision 2.0Page 9 Guardian Operations Manual Installation Introduction Software Installation Use the following steps to complete software installation. Step 1: Software InstallationTo load the Guardian software from the release media, log on to the APM Platform Management Menu, select the Installation of Applications/Packages option, and follow the instructions provided in the APM Installation Manual. Step 2: Login IDIf the Guardian login ID, guardadm, already has a password, this software installation is considered an upgrade, and the cursor returns to the APM Platform Management Menu so that you can complete the steps detailed in section Application Configuration on page 11 through section Initialization on page 26. If the Guardian login ID, guardadm, does not already have a password, respond to the following series of prompts that are displayed on the screen: Prompt:To ensure correct installation, all administrative type files should be closed – – please ensure that all such files are closed at this time. Response:Make sure that no one is currently performing administrative functions in the UNIX root files. Type y to continue the installation. Prompt:If you know the root password and wish to continue, enter ‘y’; otherwise enter ‘n’ to abort the installation. Response:To continue, type y and press Enter. To cancel the installation, type n and press Enter. The installation is cancelled, and the prompt returns to the APM Platform Management Menu. Prompt:Please Enter the su/root Password: Response:Enter the root password and press Enter. If you enter the wrong root password, an error message displays, and the installation fails. Press Enter to return to the APM Platform Management Menu to start again.
Page 10NDA-30008 Revision 2.0 Installation Introduction Guardian Operations Manual Step 3: Protected Databases UpdatedBecause a new user (i.e., guardadm) has just been installed, you need to execute two commands from the command line under super-user status. The first command (authck) updates the protected database files to incorporate user guardadm, and the second command (passwd) removes any password that user guardadm may have inherited during the installation process. 1. From the UNIX login prompt, log on as super user. 2. From the command line, type /tcb/bin/authck -s and press Enter. The following message appears: “The following users have entries in the default user file but not in the protected password database: guardadm There are discrepancies between the databases. Fix them? (y/n)” 3. Enter y and press RETURN. 4. Type /bin/passwd -d guardadm at the command line and press Enter. This completes the necessary updating of the protected databases. See “Application Configuration” on page 11. to configure Guardian in the APM.