Avaya Products Security Handbook555-025-600Comcode 108074378Issue 7June 2001
Contentsx Issue 7 June 2001 Call Traffic Report 6-13Trunk Group Report 6-13SAT, Manager I, and G3-MT Reporting 6-13ARS Measurement Selection 6-14Auto
Large Business Communications Systems4-42 Issue 7 June 2001For DEFINITY G2.2: Use PROC103 WORD1 FIELD15 to suppress WCR dial tone for that trunk gro
Security MeasuresIssue 7 June 20014-43Disable Transfer Outgoing Trunk to Outgoing TrunkThe outgoing trunk to outgoing trunk transfer (OTTOTT) (G3r an
Large Business Communications Systems4-44 Issue 7 June 2001Disallow Outgoing Calls from Tie TrunksIf your tie trunks are used solely for office-to-of
Security MeasuresIssue 7 June 20014-45 Set the default FRL to a low value with PROC103 WORD1 FIELD2.NOTE:ETN trunks pass along the originating stati
Large Business Communications Systems4-46 Issue 7 June 2001For DEFINITY ECS, DEFINITY G1, G3, and System 75 R1V3: Use change system-parameters featu
Security MeasuresIssue 7 June 20014-47Disable Distinctive Audible AlertDistinctive Audible Alert on a 2500 set has the potential of returning stutter
Large Business Communications Systems4-48 Issue 7 June 2001 Use change ars analysis to display the ARS Toll Analysis screen. Limit long distance and
Detecting Toll FraudIssue 7 June 20014-49Change Override Restrictions on 3-way COR CheckFor G3V2 and later releases, the Restriction Override feature
Large Business Communications Systems4-50 Issue 7 June 2001Administration SecurityLogins for INADS PortFor DEFINITY G3V4 and later, which includes DE
Detecting Toll FraudIssue 7 June 20014-51Forced Password Aging and AdministrableLoginsDEFINITY G3V3 and later releases, which includes DEFINITY ECS,
ContentsIssue 7 June 2001 xiProtecting the MERLIN MAIL, MERLINMAIL-ML, MERLIN MAIL R3, and MERLINLEGEND Mail Voice Messaging Systems 6-44Protecting A
Large Business Communications Systems4-52 Issue 7 June 2001Commands for the DEFINITY G3V3 or later, which includes DEFINITY ECS, are grouped into thr
Detecting Toll FraudIssue 7 June 20014-53Review CDR/SMDR records for the following symptoms of abuse: Short holding times on one trunk group Patter
Large Business Communications Systems4-54 Issue 7 June 2001Monitor IFor DEFINITY G2 and System 85, the optional Monitor I tracks call volume and aler
Detecting Toll FraudIssue 7 June 20014-55ARS Measurement SelectionThe ARS Measurement Selection feature can monitor up to 20 routing patterns (25 for
Large Business Communications Systems4-56 Issue 7 June 2001 To review and verify the entries, enter list aca-parameters. Enter change trunk group t
Detecting Toll FraudIssue 7 June 20014-57CMS MeasurementsThis monitoring technique measures traffic patterns and times on calls and compares them to
Large Business Communications Systems4-58 Issue 7 June 2001The SVN time interval selected, in conjunction with the threshold, specifies when a referr
Detecting Toll FraudIssue 7 June 20014-59 Enter the extension number of the person who will monitor violations in the Referral Destination field(s).
Large Business Communications Systems4-60 Issue 7 June 2001In addition to those SVN features already discussed (SVN Authorization Code Violation Noti
Detecting Toll FraudIssue 7 June 20014-61For DEFINITY ECS and DEFINITY G3, the report is divided into two sub-reports, a Summary report and a Detail
Contentsxii Issue 7 June 2001 Class of Service 7-3Toll Analysis 7-5Security Measures 7-5Limit Transfers to Internal Destinations 7-5Prevent Calls to
Large Business Communications Systems4-62 Issue 7 June 2001— Login Forced Disconnects: The total number of login processes that were disconnected aut
Detecting Toll FraudIssue 7 June 20014-63For DEFINITY ECS and DEFINITY G3: Use monitor security-violations for a real-time report of invalid attempt
Large Business Communications Systems4-64 Issue 7 June 2001 INADS: The INADS (Initialization and Administration System) port EIA: Other EIA portsTh
Detecting Toll FraudIssue 7 June 20014-65— Auth Code: The invalid authorization code entered— TG No: The trunk group number associated with the trunk
Large Business Communications Systems4-66 Issue 7 June 2001Remote Access Barrier Code Aging/Access Limits(DEFINITY G3V3 and Later)For DEFINITY G3V3 a
Detecting Toll FraudIssue 7 June 20014-67Recent Change History Report (DEFINITY ECSand DEFINITY G1 and G3 only)The latest administration changes are
Large Business Communications Systems4-68 Issue 7 June 2001 If the call originates outside the system, the incoming trunk equipment location is disp
Detecting Toll FraudIssue 7 June 20014-69For DEFINITY G2 and System 85:NOTE:This feature is available only with an ACD split. Use PROC054 WORD2 FIEL
Large Business Communications Systems4-70 Issue 7 June 2001
Issue 7 June 2001 5-15Small Business Communications SystemsThis chapter provides information on protecting the following communications systems: MER
ContentsIssue 7 June 2001 xiii PARTNER II Communications System 7-21PARTNER MAIL and PARTNER MAIL VS Systems 7-21PARTNER Attendant 7-21 PARTNER Plu
Small Business Communications Systems5-2 Issue 7 June 2001Features for the MERLIN SystemsThe following table indicates MERLIN II and MERLIN LEGEND se
Features for the MERLIN SystemsIssue 7 June 20015-3Forced Entry of Account Codesx x x x x x Affects only outgoing callsNight Service x x x x x Whenev
Small Business Communications Systems5-4 Issue 7 June 2001Station Message Detail Recording (SMDR)x x x x x x For ML R3 w/ Call ID, remote access numb
MERLIN II Communications SystemIssue 7 June 20015-5MERLIN II Communications SystemThis section provides information on protecting the MERLIN II Commu
Small Business Communications Systems5-6 Issue 7 June 2001— With a MERLIN II Communications System display console:1. From the administration menu, p
MERLIN LEGEND Communications SystemIssue 7 June 20015-7MERLIN LEGEND Communications SystemThis section provides information on protecting the MERLIN
Small Business Communications Systems5-8 Issue 7 June 2001Unlike the MERLIN II Communications System R3, the MERLIN LEGEND Communications System does
MERLIN LEGEND Communications SystemIssue 7 June 20015-9Protection Via Star Codes andAllowed/Disallowed ListsStarting with MERLIN LEGEND Release 3.1,
Small Business Communications Systems5-10 Issue 7 June 2001Default Disallowed ListBy default, Disallowed List #7 contains the following entries, whic
MERLIN LEGEND Communications SystemIssue 7 June 20015-11Security Defaults and TipsThe following list identifies features and components that can be r
Contentsxiv Issue 7 June 2001 10 Blocking Calls 10-1 Country Codes 10-1 Blocking Toll Fraud Destinations 10-9Blocking ARS Calls on DEFINITY G1 an
Small Business Communications Systems5-12 Issue 7 June 2001Protecting Remote AccessThe Remote Access feature allows users to call into the MERLIN LEG
MERLIN LEGEND Communications SystemIssue 7 June 20015-13 Program the Remote Access feature to require the caller to enter a barrier code before the
Small Business Communications Systems5-14 Issue 7 June 2001Protecting Remote System ProgrammingThe Remote System Programming feature allows your syst
MERLIN LEGEND/MAGIX Toll FraudIssue 7 June 20015-15Protecting Remote Call ForwardingThe Remote Call Forwarding feature allows a customer to forward a
Small Business Communications Systems5-16 Issue 7 June 2001 Employees receive calls requesting the be transferred for outside “operator assistance”
MERLIN LEGEND/MAGIX Toll FraudIssue 7 June 20015-17 Have only system administrator transfer calls to “*10.” The customer’s long distance carrier ma
Small Business Communications Systems5-18 Issue 7 June 2001The Remote Access features of your system, if you choose to use them, permit off-premises
MERLIN LEGEND/MAGIX Toll FraudIssue 7 June 20015-19 Frequently monitor system call detail reports for quicker detection of any unauthorized or abnor
Small Business Communications Systems5-20 Issue 7 June 2001Preventive MeasuresTake the following preventive measures to limit the risk of unauthorize
MERLIN LEGEND/MAGIX Toll FraudIssue 7 June 20015-21Security Risks Associated with Transferringthrough Voice Messaging SystemsToll fraud hackers try t
ContentsIssue 7 June 2001 xvChanging a Login’s Attributes 12-15Administering Login Command Permissions 12-16Display a Specified Login 12-17List Login
Small Business Communications Systems5-22 Issue 7 June 2001WARNING:Each extension should be assigned the appropriate FRL to match its calling require
MERLIN LEGEND/MAGIX Toll FraudIssue 7 June 20015-23 If the Automated Attendant prompts callers to use Remote Call Forwarding (RCF) to reach an outsi
Small Business Communications Systems5-24 Issue 7 June 2001Security Risks Associated with the RemoteAccess FeatureRemote Access allows the MERLIN MAG
MERLIN LEGEND/MAGIX Toll FraudIssue 7 June 20015-25Educating UsersEveryone in your company who uses the telephone system is responsible for system se
Small Business Communications Systems5-26 Issue 7 June 2001Detecting Toll FraudTo detect toll fraud, users and operators should look for the followin
MERLIN LEGEND/MAGIX Toll FraudIssue 7 June 20015-27 Regularly back up your MERLIN MAGIX Integrated System files to ensure a timely recovery should i
Small Business Communications Systems5-28 Issue 7 June 2001Limiting OutcallingWhen Outcalling is used to contact subscribers who are off-site, use th
MERLIN LEGEND/MAGIX Toll FraudIssue 7 June 20015-29Consider the following when you use wild card characters in Allowed and Disallowed Lists: Disallo
Small Business Communications Systems5-30 Issue 7 June 2001For example: *67 and 420 are two entries in an Allowed List. If someone at an Outward Rest
MERLIN LEGEND/MAGIX Toll FraudIssue 7 June 20015-31If you program the route in the 6-Digit table to absorb N digits, the actual number of digits abso
Contentsxvi Issue 7 June 2001 15 Special Security Product and Service Offers 15-1 Remote Port Security Device (RPSD) 15-1Key and Lock Features 15-
Small Business Communications Systems5-32 Issue 7 June 2001If you program the route in the 6-Digit table to absorb N digits, the actual number of dig
MERLIN LEGEND/MAGIX Toll FraudIssue 7 June 20015-33****SECURITY ALERT****The MERLIN MAGIX Integrated System ships with ARS activated with all extensi
Small Business Communications Systems5-34 Issue 7 June 2001Additional general security for voice messaging systems: Use a secure password for the Ge
MERLIN LEGEND/MAGIX Toll FraudIssue 7 June 20015-35Magix R1.5: Disallowed Lists EnhancementsConsider the following when you use wild card characters
Small Business Communications Systems5-36 Issue 7 June 2001For example: *67 and 420 are two entries in an Allowed List. If someone at an Outward Rest
MERLIN LEGEND/MAGIX Toll FraudIssue 7 June 20015-37Disconnect Signaling Reliability 3Use this procedure to classify the disconnect signal sent by the
Small Business Communications Systems5-38 Issue 7 June 2001 Outside lines can be assigned to Night Service groups in order for calls received on the
MERLIN LEGEND/MAGIX Toll FraudIssue 7 June 20015-39Remote AccessDescriptionThe Remote Access feature allows people to use the system by dialing the n
Small Business Communications Systems5-40 Issue 7 June 2001access code and then publish the information to other hackers. Enormous charges can be run
MERLIN LEGEND/MAGIX Toll FraudIssue 7 June 20015-41 Whether or not the dialed digits are correct, an inter-digit time-out occurs during the first at
ContentsIssue 7 June 2001 xvii16 Product Security Checklists 16-1 General Security Procedures 16-2 AUDIX, DEFINITY AUDIX andINTUITY AUDIX Voice M
Small Business Communications Systems5-42 Issue 7 June 2001“ * “ : Up to R3.1, was not permitted in the disallow lists. (it has always been permitte
MERLIN LEGEND/MAGIX Toll FraudIssue 7 June 20015-431ppp900 Pay per minute toll call with wild cards.976 Pay per minute toll call.1976 Pay per minute
Small Business Communications Systems5-44 Issue 7 June 20013. Can the remote access password, be changed? From “craftr4” to something else.4. Does
MERLIN LEGEND/MAGIX Toll FraudIssue 7 June 20015-45System Directory. (Print) Check for marked system speed dials.Calling Groups. (Print) Identify
Small Business Communications Systems5-46 Issue 7 June 2001Allow Lists When outcalling is used.Night Service Exclusion list: Are voice mail ports l
MERLIN LEGEND/MAGIX Toll FraudIssue 7 June 20015-47Check lines for remote call forwarding. 1. Remove if not needed.2. If needed: instruct customer o
Small Business Communications Systems5-48 Issue 7 June 2001d. Make allowed list for outcalling numbers.e. Make sure no other ARS tables have FRL of 2
MERLIN LEGEND/MAGIX Toll FraudIssue 7 June 20015-496. Assign all unused auto attendant selector codes to go to either the operator or the general mai
Small Business Communications Systems5-50 Issue 7 June 2001DS1 – T1 and/or PRI.1. WATTS: Customers may restrict 011 and 809 (the Dominican Republic)
MERLIN LEGEND/MAGIX Toll FraudIssue 7 June 20015-51Extension restrictions.1. Outward restrict MFM extensions not used for calling outside.2. Outward
Contentsxviii Issue 7 June 2001 17 Large Business Communications Systems Security Tools by Release 17-118 Non-supported Products 18-1 Products No
Small Business Communications Systems5-52 Issue 7 June 2001LEGEND TOLL FRAUD INTERVENTION FORM7DATE: ______________ TIME: _________________ IL#: __
MERLIN LEGEND/MAGIX Toll FraudIssue 7 June 20015-53REMOTE CALL FORWARDING EXTS:_____________________________________________DISALLOW LIST INT’L : __
Small Business Communications Systems5-54 Issue 7 June 2001EXHIBIT 1 8/16/00 Toll Fraud Incident ReportBusiness Name:Business Address:
MERLIN LEGEND/MAGIX Toll FraudIssue 7 June 20015-55 You may contact your 800 carrier and restrict access to your 800#’s from locations you do not wi
Small Business Communications Systems5-56 Issue 7 June 2001EXHIBIT 2 8/16/00Toll Fraud Incident ReportBusiness Name:Business Address: Contact Name: M
MERLIN LEGEND/MAGIX Toll FraudIssue 7 June 20015-572: Created Disallow list 5 when encompasses the Caribbean countries:Puerto RicoPuerto RicoBahamas
Small Business Communications Systems5-58 Issue 7 June 2001All voice mail ports, extensions 563, 564, 565, 566, 567, 568, are accessing this list. C
MERLIN LEGEND/MAGIX Toll FraudIssue 7 June 20015-59Revised 8/17/00EXHIBIT 3: Letter from AvayaDear ,At your request, Avaya has conducted a toll fraud
Small Business Communications Systems5-60 Issue 7 June 2001MERLIN Plus Communications SystemThis section provides information on protecting the MERLI
MERLIN Plus Communications SystemIssue 7 June 20015-61 Monitor your SMDR records and/or your Call Accounting System reports regularly for signs of i
Issue 7 June 2001 1-11About This DocumentScope of this HandbookThis handbook discusses security risks and measures that can help prevent external tel
Small Business Communications Systems5-62 Issue 7 June 2001PARTNER II Communications SystemThis section provides information on protecting the PARTNE
System 25Issue 7 June 20015-63System 25This section provides information on protecting the System 25.Additional security measures are required to pro
Small Business Communications Systems5-64 Issue 7 June 2001Security Tips Evaluate the necessity for Remote Access. If this feature is not vital to y
System 25Issue 7 June 20015-65Security Tips The System Administration capability of the system is protected by a password. Passwords can be up to ei
Small Business Communications Systems5-66 Issue 7 June 2001
Issue 7 June 2001 6-16Voice Messaging SystemsThe information in this chapter helps prevent unauthorized users from finding pathways through the voice
Voice Messaging Systems6-2 Issue 7 June 2001Protecting Voice Messaging SystemsVoice messaging toll fraud has risen dramatically in recent years. Now
Protecting Voice Messaging SystemsIssue 7 June 20016-3All security restrictions that prevent transfer to these codes should be implemented. The only
Voice Messaging Systems6-4 Issue 7 June 2001 If you receive any strange messages on the voice mail system, if your greeting has been changed, or if
DEFINITY ECS, DEFINITY Communications Systems, System 75, and System 85Issue 7 June 20016-5Tools that Prevent Unauthorized CallsYou can help prevent
NoticeWhile reasonable efforts were made to ensure that the information in this document was complete and accurate at the time of printing, Avaya can
About This Document1-2 Issue 7 June 2001 MERLIN MAIL®-ML Voice Messaging System MERLIN MAIL® R3 Voice Messaging System PARTNER MAIL® System PARTN
Voice Messaging Systems6-6 Issue 7 June 2001The higher the FRL number, the greater the calling privileges. For example, if a station is not permitted
DEFINITY ECS, DEFINITY Communications Systems, System 75, and System 85Issue 7 June 20016-7Class of ServiceFor DEFINITY G2 and System 85, a voice mai
Voice Messaging Systems6-8 Issue 7 June 2001Limit Voice Mail to Internal CallingIf outcalling is not activated in the voice mail system, you can rest
DEFINITY ECS, DEFINITY Communications Systems, System 75, and System 85Issue 7 June 20016-9NOTE:In Table 6-2, FRLs 1 through 7 include the capabiliti
Voice Messaging Systems6-10 Issue 7 June 2001Allow Calling Only to Specified NumbersA reverse strategy to preventing calls is to allow outbound calls
DEFINITY ECS, DEFINITY Communications Systems, System 75, and System 85Issue 7 June 20016-11For DEFINITY ECS and DEFINITY G3: Use change ars analysi
Voice Messaging Systems6-12 Issue 7 June 2001See ‘‘Security Tips’’ on page 6-3 for additional ways to detect voice mail fraud.NOTE:The System Adminis
DEFINITY ECS, DEFINITY Communications Systems, System 75, and System 85Issue 7 June 20016-13 Administer the appropriate format to collect the most i
Voice Messaging Systems6-14 Issue 7 June 2001 To review the traffic measurements, use list measurements followed by one of the measurement types (tr
DEFINITY ECS, DEFINITY Communications Systems, System 75, and System 85Issue 7 June 20016-15 Establish short and long holding times. The defaults ar
Reason for ReissueIssue 7 June 20011-3Reason for ReissueThis issue, Issue 7 of the Avaya Security Handbook, updates information to include the follow
Voice Messaging Systems6-16 Issue 7 June 2001Unauthorized System UseYou can minimize the risk of unauthorized people gaining access to your system by
DEFINITY ECS, DEFINITY Communications Systems, System 75, and System 85Issue 7 June 20016-17Trusted Server SecurityA trusted server is a computer or
Voice Messaging Systems6-18 Issue 7 June 2001Internal Security. INTUITY AUDIX R4 allows the transmission between domains of two new message component
DEFINITY ECS, DEFINITY Communications Systems, System 75, and System 85Issue 7 June 20016-19The record reveals the routing of the call, including the
Voice Messaging Systems6-20 Issue 7 June 2001Outgoing Voice Call Detail Record (AUDIX Voice Mail System Only)An outgoing call record is also created
DEFINITY ECS, DEFINITY Communications Systems, System 75, and System 85Issue 7 June 20016-21Protecting PasswordsThe AUDIX, DEFINITY AUDIX, and Avaya
Voice Messaging Systems6-22 Issue 7 June 2001Security FeaturesBefore implementing any security measures to protect the voice mail system, it is impor
DEFINITY ECS, DEFINITY Communications Systems, System 75, and System 85Issue 7 June 20016-23Enhanced Call TransferWith Enhanced Call Transfer, the vo
Voice Messaging Systems6-24 Issue 7 June 2001This restriction may not be acceptable where it is desirable to have the call follow the coverage path o
DEFINITY ECS, DEFINITY Communications Systems, System 75, and System 85Issue 7 June 20016-25AMIS NetworkingAMIS Networking (the DEFINITY AUDIX System
About This Document1-4 Issue 7 June 2001How this Guide is OrganizedThe Avaya Security Handbook has the following chapters:Chapter 1: About This Docum
Voice Messaging Systems6-26 Issue 7 June 2001For ALL systems (DEFINITY ECS, DEFINITY G1, G2, G3, System 75, and System 85 R2V4):1. On the AUDIX Voice
DEFINITY ECS, DEFINITY Communications Systems, System 75, and System 85Issue 7 June 20016-27After you activate Enhanced Call Transfer, test it by fol
Voice Messaging Systems6-28 Issue 7 June 2001Limit OutcallingThe measures you can take to minimize the security risk of outcalling depend on how it i
DEFINITY ECS, DEFINITY Communications Systems, System 75, and System 85Issue 7 June 20016-29Security Tips Require callers to use passwords. Have th
Voice Messaging Systems6-30 Issue 7 June 2001Protecting PasswordsThe AUDIX Voice Power System offers password protection to help restrict unauthorize
DEFINITY ECS, DEFINITY Communications Systems, System 75, and System 85Issue 7 June 20016-31Security MeasuresThe security measures described in this
Voice Messaging Systems6-32 Issue 7 June 2001NOTE:On AUDIX Voice Power System 2.1.1, mailboxes can be set individually to “1 minute,” reducing the cl
DEFINITY ECS, DEFINITY Communications Systems, System 75, and System 85Issue 7 June 20016-33Security MeasuresDesign applications with toll fraud in m
Voice Messaging Systems6-34 Issue 7 June 2001Security TipsToll fraud is possible when the application allows the incoming caller to make a network co
MERLIN II Communications SystemIssue 7 June 20016-35The MERLIN MAIL Voice Messaging System provides automated attendant, call answer, and voice mail
Avaya’s Statement of DirectionIssue 7 June 20011-5Avaya’s Statement of DirectionThe telecommunications industry is faced with a significant and growi
Voice Messaging Systems6-36 Issue 7 June 2001To reduce the risk of unauthorized access through your voice messaging system, observe the following pro
MERLIN LEGEND Communications SystemIssue 7 June 20016-37MERLIN LEGEND Communications SystemThe MERLIN LEGEND Communications System may be used with t
Voice Messaging Systems6-38 Issue 7 June 2001Protecting the AUDIX Voice Power SystemThe AUDIX Voice Power System provides both automated attendant an
MERLIN LEGEND Communications SystemIssue 7 June 20016-39 Set up auto attendant selection codes so that they do not permit outside line selection. A
Voice Messaging Systems6-40 Issue 7 June 2001 Enter # in the Subscriber Password field to prevent access to the corresponding voice mail. Enter yes
MERLIN LEGEND Communications SystemIssue 7 June 20016-41Security Tips At the switch, assign toll restrictions to voice message system and automated
Voice Messaging Systems6-42 Issue 7 June 2001Basic Call TransferWith Basic Call Transfer, after a voice mail system caller enters *T, the system perf
MERLIN LEGEND Communications SystemIssue 7 June 20016-43 Avoid or closely monitor the use of “guest” mailboxes (mailboxes without a physical extensi
Voice Messaging Systems6-44 Issue 7 June 2001Protecting the MERLIN MAIL, MERLINMAIL-ML, MERLIN MAIL R3, and MERLINLEGEND Mail Voice Messaging Systems
MERLIN LEGEND Communications SystemIssue 7 June 20016-45Take the following preventative measures to limit the risk of unauthorized use of the automat
About This Document1-6 Issue 7 June 2001To help customers use and manage their systems in light of the trade-off decisions they make and to ensure th
Voice Messaging Systems6-46 Issue 7 June 2001Hackers may also use a computer to dial an access code and then publish the information for other hacker
MERLIN LEGEND Communications SystemIssue 7 June 20016-47 Set the maximum number of digits in an extension parameter appropriate to your dial plan. T
Voice Messaging Systems6-48 Issue 7 June 2001Additional MERLIN MAIL R3 and MERLIN LEGEND Mail Voice Messaging System Security FeaturesThe MERLIN MAIL
Messaging 2000 Voice Mail SystemIssue 7 June 20016-49Messaging 2000 Voice Mail SystemThe Messaging 2000 (M2000) System provides Voice Mail services f
Voice Messaging Systems6-50 Issue 7 June 2001When Quick Assist is run in Recover Mode from the Quick Assist icon in the Lucent folder, use the “Mailb
Messaging 2000 Voice Mail SystemIssue 7 June 20016-51The Uninitialized Mailbox report lists all mailboxes for which the password has not yet been cha
Voice Messaging Systems6-52 Issue 7 June 2001Mailbox Lock-Out Option on the Class of Service dialog box determines whether this feature is enabled. T
Messaging 2000 Voice Mail SystemIssue 7 June 20016-53 Securing the M2000 System PCIt is imperative that the M2000 system PC be protected from unauth
Voice Messaging Systems6-54 Issue 7 June 2001Security Recommendations for Remote AccessRemote access to the system should be secured via the followin
PARTNER II Communications SystemIssue 7 June 20016-55Protecting PasswordsFor PARTNER MAIL Release 1 and all releases of PARTNER MAIL VS, passwords ca
Avaya/Customer Security Roles and ResponsibilitiesIssue 7 June 20011-7Avaya/Customer Security Roles and ResponsibilitiesThe purchase of a telecommuni
Voice Messaging Systems6-56 Issue 7 June 2001 Instruct employees not to make a statement, in their recorded greeting, indicating that they will acce
PARTNER Plus Communications SystemIssue 7 June 20016-57Protecting the PARTNER MAIL and PARTNERMAIL VS SystemsThe PARTNER MAIL and PARTNER MAIL VS Sys
Voice Messaging Systems6-58 Issue 7 June 2001 Require the System Administrator and all voice mailbox owners to change their password from the defaul
System 25Issue 7 June 20016-59System 25System 25 may be used with the AUDIX Voice Power System. (For information on this system, see ‘‘Protecting the
Voice Messaging Systems6-60 Issue 7 June 2001Protecting PasswordsThe AUDIX Voice Power System offers password protection to help restrict unauthorize
System 25Issue 7 June 20016-61Security MeasuresThe security measures described in this section do not apply if you are using Release 1.0 of the AUDIX
Voice Messaging Systems6-62 Issue 7 June 2001
Issue 7 June 2001 7-17Automated AttendantDEFINITY ECS, DEFINITYCommunications Systems, System 75,and System 85Automated attendant is a service that c
Automated Attendant7-2 Issue 7 June 2001Tools that Prevent Unauthorized CallsYou can help prevent unauthorized callers who enter the automated attend
DEFINITY ECS, DEFINITY Communications Systems, System 75, and System 85Issue 7 June 20017-3For example, when automated attendant ports are assigned t
About This Document1-8 Issue 7 June 2001Avaya’s Roles and Responsibilities1. Avaya, as a manufacturer, has the responsibility to PROVIDE the customer
Automated Attendant7-4 Issue 7 June 2001 Outward Restriction: restricts the user from placing calls over CO, FX, or WATS trunks using dial access co
DEFINITY ECS, DEFINITY Communications Systems, System 75, and System 85Issue 7 June 20017-5Toll Analysis When an automated attendant system transfers
Automated Attendant7-6 Issue 7 June 2001Prevent Calls to Certain NumbersIf some menu options transfer to locations off-premises, you can still protec
DEFINITY ECS, DEFINITY Communications Systems, System 75, and System 85Issue 7 June 20017-7For DEFINITY G2 and System 85: Use PROC311 WORD2 to estab
Automated Attendant7-8 Issue 7 June 2001Detecting Automated Attendant Toll FraudTable 7-2 shows the reports that help determine if your automated att
DEFINITY ECS, DEFINITY Communications Systems, System 75, and System 85Issue 7 June 20017-9Call Detail Recording (CDR) / Station MessageDetail Record
Automated Attendant7-10 Issue 7 June 2001Call Traffic ReportThis report provides hourly port usage data and counts the number of calls originated by
DEFINITY ECS, DEFINITY Communications Systems, System 75, and System 85Issue 7 June 20017-11ARS Measurement SelectionThe ARS Measurement Selection ca
Automated Attendant7-12 Issue 7 June 2001 Assign an aca referral button on that station (or the attendant station). Use change trunk group to displ
DEFINITY ECS, DEFINITY Communications Systems, System 75, and System 85Issue 7 June 20017-13Call Traffic ReportThis report provides hourly port usage
Avaya Security OfferingsIssue 7 June 20011-9Avaya Security OfferingsAvaya has developed a variety of offerings to assist in maximizing the security o
Automated Attendant7-14 Issue 7 June 2001Also reported is the session termination method. Each possible termination method is assigned a value as sho
DEFINITY ECS, DEFINITY Communications Systems, System 75, and System 85Issue 7 June 20017-15Unsuccessful call transfer attempts can result in multipl
Automated Attendant7-16 Issue 7 June 2001Protecting Automated Attendant on the AUDIX Voice Mail System This section discusses security measures imple
DEFINITY ECS, DEFINITY Communications Systems, System 75, and System 85Issue 7 June 20017-17For DEFINITY G2 and System 85:1. On the AUDIX Voice Mail
Automated Attendant7-18 Issue 7 June 2001Protecting Automated Attendant on theCONVERSANT Voice Information System The CONVERSANT Voice Information Sy
MERLIN II Communications System R3Issue 7 June 20017-19MERLIN II Communications System R3MERLIN MAIL Voice Messaging SystemThe MERLIN MAIL Voice Mess
Automated Attendant7-20 Issue 7 June 2001MERLIN LEGEND Communications SystemAUDIX Voice Power SystemThe MERLIN LEGEND Communications System supports
PARTNER II Communications SystemIssue 7 June 20017-21PARTNER II Communications SystemThe PARTNER II Communications System supports the PARTNER MAIL S
Automated Attendant7-22 Issue 7 June 2001PARTNER Plus Communications SystemThe PARTNER Plus Communications System R3.1 and later releases, supports t
Issue 7 June 2001 8-18Other Products and ServicesThis chapter contains security information for Avaya products other than PBXs and adjuncts that have
About This Document1-10 Issue 7 June 2001Avaya Toll Fraud Crisis InterventionIf you suspect you are being victimized by toll fraud or theft of servic
Other Products and Services8-2 Issue 7 June 2001For additional information on administering CMS, refer to the following documents: Call Management S
CallMaster PCIssue 7 June 20018-3CallMaster PCCallMaster PC, a software application used with the DEFINITY ECS, gives Call Center agents and supervis
Other Products and Services8-4 Issue 7 June 2001Multipoint Conferencing Unit(MCU)/Conference Reservation andControl System (CRCS)The MCU has a DEFINI
PassageWay® Telephony Services for NetWare® and Windows NT®Issue 7 June 20018-5PassageWay® Telephony Services forNetWare® and Windows NT®NOTE:The fol
Other Products and Services8-6 Issue 7 June 2001Security TipsThe following tips are for the PassageWay Telephony Server administrator. When the pro
PassageWay® Telephony Services for NetWare® and Windows NT®Issue 7 June 20018-7 PassageWay Telephony Server administrators should be aware of switch
Other Products and Services8-8 Issue 7 June 2001 Set a maximum number of login attempts per call Allow time to enter the complete login Disconnect
TransTalk 9000 Digital Wireless SystemIssue 7 June 20018-9TransTalk 9000 Digital Wireless SystemThe TransTalk 9000 Digital Wireless System is a flexi
Other Products and Services8-10 Issue 7 June 2001
Issue 7 June 2001 9-19Call RoutingCall Routing Call FlowThe following is the basic call flow through the DEFINITY ECS, DEFINITY G1 and G3, or System
Related DocumentationIssue 7 June 20011-11Helplines For technical assistance or support with DEFINITY ECS, DEFINITY Communications System, System 75
Call Routing9-2 Issue 7 June 2001The system checks the calling permissions of the originator’s COR to see if the COR of the originator is allowed to
Issue 7 June 2001 10-110Blocking CallsCountry CodesThe following is a list of international country codes for direct dialing. In developing your ARS
Blocking Calls10-2 Issue 7 June 2001Azerbaijan 994Bahamas 1-242*Bahrain 973Bangladesh 880Barbados 1-246*Barbuda 1-268*Belarus 375Belgium 32Belize 501
Country CodesIssue 7 June 200110-3Cocos-Keeling Islands 61Colombia 57Comoros 269Congo 242Cook Islands 682Costa Rica 506Croatia 385Cuba 53Cuba (Guanta
Blocking Calls10-4 Issue 7 June 2001French Polynesia 689Gabon 241Gambia 220Georgia 995Germany 49Ghana 233Gibraltar 350Global Mobile Satellite System
Country CodesIssue 7 June 200110-5Iraq 964Ireland 353Iridium (under deactivation) 8816, 8817Israel 972Italy 39Ivory Coast 225Jamaica 1-876*Japan 81Jo
Blocking Calls10-6 Issue 7 June 2001Marshall Islands 692Martinique 596Mauritania 222Mauritius 230Maayotte Island 269Mexico 52Micronesia (Federal Stat
Country CodesIssue 7 June 200110-7Palau 680Palestine 970Panama 507Papua New Guinea 675Paraguay 595Peru 51Philippines 63Poland 48Portugal 351Puerto Ri
Blocking Calls10-8 Issue 7 June 2001Spain 34Sri Lanka 94Sudan 249Suriname 597Swaziland 268Sweden 46Switzerland 41Syria 963Taiwan 886Tajikistan 992Tan
Blocking Toll Fraud DestinationsIssue 7 June 200110-9Blocking Toll Fraud DestinationsToll fraud calls are placed to locations all over the world. Tab
ContentsIssue 7 June 2001 iii1 About This Document 1-1 Scope of this Handbook 1-1 Reason for Reissue 1-3 Intended Audience 1-3 How this Guide i
About This Document1-12 Issue 7 June 2001
Blocking Calls10-10 Issue 7 June 2001Blocking ARS Calls on DEFINITY G1 and System 75Use the following procedure to block calls to the destinations li
Blocking Toll Fraud DestinationsIssue 7 June 200110-114. Enter the routing pattern changes to ARS FNPA tables 500 to 599 and 900 to 999 as shown in t
Blocking Calls10-12 Issue 7 June 20015. Use change rhnpa table 31 to display the RHNPA Table 31 screen.6. Enter the routing pattern changes to RHNPA
Blocking Toll Fraud DestinationsIssue 7 June 200110-13ARS RHNPA TABLE: 31OFFICE CODES: 500-599Pattern Choices01:2 03: 05: 07: 09: 11:02: 04: 06: 08:
Blocking Calls10-14 Issue 7 June 2001Blocking ARS Calls on G2.1 and System 85Use the following procedure to block calls to the destinations listed in
Blocking Toll Fraud DestinationsIssue 7 June 200110-15Blocking WCR Calls on DEFINITY G2.2Use the following procedure to block calls to the destinatio
Blocking Calls10-16 Issue 7 June 2001Blocking ARS Calls on G3This section contains a sample ARS Digit Analysis Table for G3. In the example, internat
Blocking Toll Fraud DestinationsIssue 7 June 200110-1701198 10 23 int0700 11 11 op101xxxx 5 5 op101xxxx 12 12 hnpa101xxxx0 6 6 1 op101xxxx0 16 16 1 o
Blocking Calls10-18 Issue 7 June 2001Blocking ARS Calls on System 25 R3V3The Toll Call Allowed/Disallowed Lists, available in System 25 R3V3, permit
Issue 7 June 2001 11-111Remote Access Example (DEFINITY ECS, DEFINITY G1, G3, and System 75)This chapter provides procedures for setting up and disab
Issue 7 June 2001 2-12IntroductionBackgroundTelecommunications fraud is the unauthorized use of a company’s telecommunications service. This type of
Remote Access Example (DEFINITY ECS, DEFINITY G1, G3, and System 75)11-2 Issue 7 June 200111. Select a PGN (1 through 8) that is not in use in any ot
Permanently Disabling Remote AccessIssue 7 June 200111-319. For all the Route Patterns assigned to ARS/AAR Partition 8, use change route-pattern to a
Remote Access Example (DEFINITY ECS, DEFINITY G1, G3, and System 75)11-4 Issue 7 June 2001
Issue 7 June 2001 12-112Administering Features of the DEFINITY G3V3 and Later, Including DEFINITY ECSThis chapter provides information on administeri
Administering Features of the DEFINITY G3V3 and Later, Including DEFINITY ECS12-2 Issue 7 June 2001Administering the SVN FeatureThis section contains
Administering the SVN FeatureIssue 7 June 200112-3 Time IntervalEnter the time interval within which a login security violation must occur. The rang
Administering Features of the DEFINITY G3V3 and Later, Including DEFINITY ECS12-4 Issue 7 June 2001List the Status of a Login IDTo list the status of
Administering the SVN FeatureIssue 7 June 200112-5 Login ThresholdEnter the minimum number of login attempts that will be permitted before a referra
Administering Features of the DEFINITY G3V3 and Later, Including DEFINITY ECS12-6 Issue 7 June 2001Administering Remote Access Kill After N AttemptsF
Administering the SVN FeatureIssue 7 June 200112-7If the Remote Access feature is to be dormant for a period of time, the feature can be disabled usi
Introduction2-2 Issue 7 June 2001Who is the Enemy?Hackers and PhreakersHackers and “phreakers” (phone freaks) use personal computers, random number g
Administering Features of the DEFINITY G3V3 and Later, Including DEFINITY ECS12-8 Issue 7 June 2001Enter the enable login <login ID> command to
Administering the SVN FeatureIssue 7 June 200112-9 Time IntervalEnter the time interval within which the authorization code security violations must
Administering Features of the DEFINITY G3V3 and Later, Including DEFINITY ECS12-10 Issue 7 June 2001 Originating ExtensionThis is a dynamic field th
Administering Barrier Code AgingIssue 7 June 200112-11 Announcement ExtensionThis field contains an extension corresponding to a recorded announceme
Administering Features of the DEFINITY G3V3 and Later, Including DEFINITY ECS12-12 Issue 7 June 2001 Barrier CodeAssign a barrier code that conforms
Administering Customer Logins and Forced Password AgingIssue 7 June 200112-13 Calls UsedThis field is a display-only field that specifies the number
Administering Features of the DEFINITY G3V3 and Later, Including DEFINITY ECS12-14 Issue 7 June 2001To add a customer login you must be a superuser,
Administering Customer Logins and Forced Password AgingIssue 7 June 200112-159. In the Password Aging Cycle Length field, enter the number of days (f
Administering Features of the DEFINITY G3V3 and Later, Including DEFINITY ECS12-16 Issue 7 June 20016. Enter a password for the new login in the Logi
Administering Customer Logins and Forced Password AgingIssue 7 June 200112-17If the Maintenance option is set to y on the Customer Options form, the
What is in a Loss?Issue 7 June 20012-3Call sell operations are dependent on calling card numbers or other means to fraudulently use a customer premis
Administering Features of the DEFINITY G3V3 and Later, Including DEFINITY ECS12-18 Issue 7 June 2001Administering the Security Violations ReportsThe
Issue 7 June 2001 13-113Changing Your PasswordThis chapter provides steps for changing passwords for systems listed in this handbook, where applicabl
Changing Your Password13-2 Issue 7 June 2001AUDIX Voice Power System System administrators:1. Access the AUDIX Voice Power System main menu.2. Selec
CONVERSANT Voice Information SystemIssue 7 June 200113-36. When prompted to repeat the new password (re-enter new password), enter the new password a
Changing Your Password13-4 Issue 7 June 2001DEFINITY AUDIX System System administrators:You can change two passwords: 1) that of the currently logge
DEFINITY ECS and DEFINITY G1 and G3Issue 7 June 200113-5DEFINITY ECS and DEFINITY G1 and G3 System administrators:Use the Change Password form to ch
Changing Your Password13-6 Issue 7 June 2001DEFINITY G2For DEFINITY G2, passwords are shared between the customer and Avaya. Contact the Database Adm
MERLIN MAIL or MERLIN MAIL-ML Voice Messaging SystemIssue 7 June 200113-7MERLIN MAIL or MERLIN MAIL-MLVoice Messaging SystemNOTE:No default password
Changing Your Password13-8 Issue 7 June 2001MERLIN MAIL R3, MERLIN LEGENDMail, or PARTNER MAIL R3 VoiceMessaging System System administrators:You ca
PARTNER MAIL SystemIssue 7 June 200113-9PARTNER MAIL System System administrators:Change your password by means of the Voice Mail Menu.1. To access
Introduction2-4 Issue 7 June 2001Known Toll Fraud ActivityUnderstanding how hackers penetrate your system is the first step in learning what to do to
Changing Your Password13-10 Issue 7 June 2001System 25 System administrators:1. From the Main Menu prompt, enter 4.2. At Action = enter 75.3. At Dat
System 85Issue 7 June 200113-11 End users:Use the Change Password form to change the login password.1. Verify that the screen displays:command:2. En
Changing Your Password13-12 Issue 7 June 2001
Issue 7 June 2001 14-114Toll Fraud Job AidsThe job aids in this appendix are tools for your organization to use in securing your system against toll
Toll Fraud Job Aids14-2 Issue 7 June 2001 An upsurge in use on DISA or other trunks. Unusual increase in customer premises equipment-based system m
System Security Action PlanIssue 7 June 200114-3System Security Action PlanFigure 14-1. System Security Action PlanEducate End Users Establish Port S
Toll Fraud Job Aids14-4 Issue 7 June 2001Top 10 Tips to Help Prevent Phone “Phraud”1. Protect System Administration AccessInsure secure passwords exi
Top 10 Tips to Help Prevent Phone “Phraud”Issue 7 June 200114-59. Monitor Traffic and System Activity for Abnormal PatternsActivate features that “Tu
Toll Fraud Job Aids14-6 Issue 7 June 2001
Issue 7 June 2001 15-115Special Security Product and Service OffersRemote Port Security Device (RPSD)The Remote Port Security Device (RPSD)1 offers e
Known Toll Fraud ActivityIssue 7 June 20012-5— Voice MailThere are two types of voice mail fraud. The first type, which is responsible for the bulk o
Special Security Product and Service Offers15-2 Issue 7 June 2001The Key and Lock use a sophisticated dynamic challenge/response technique to assist
Remote Port Security Device (RPSD)Issue 7 June 200115-3Securing DEFINITY Systems (Prior to Release 7.2)with the Remote Port Security Device (RPSD)If
Special Security Product and Service Offers15-4 Issue 7 June 2001Securing DEFINITY Systems (Release 7.2 and Later) with AccessSecurity Gateway (ASG)T
Securing DEFINITY Systems (Release 7.2 and Later) with Access Security Gateway (ASG)Issue 7 June 200115-5Administering Access Security GatewayUse the
Special Security Product and Service Offers15-6 Issue 7 June 2001Logging in via Access Security Gateway (Session Establishment)Use the following proc
Securing DEFINITY Systems (Release 7.2 and Later) with Access Security Gateway (ASG)Issue 7 June 200115-7Maintaining Login IDsTemporarily Disabling A
Special Security Product and Service Offers15-8 Issue 7 June 2001Loss of an ASG KeyIf a user loses their ASG Key, he/she must notify the system admin
Securing DEFINITY Systems (Release 7.2 and Later) with Access Security Gateway (ASG)Issue 7 June 200115-9 Security MeasurementsAccess Security Gatew
Special Security Product and Service Offers15-10 Issue 7 June 2001Logging In With ASGWhen you begin a remote session with an Intuity AUDIX system tha
Securing DEFINITY Systems (Release 7.2 and Later) with Access Security Gateway (ASG)Issue 7 June 200115-11Adding an ASG Login You must be logged in a
Introduction2-6 Issue 7 June 2001If the system allows uninterrupted, continuous access, a war dialer can crack a 6-digit code within 6 hours. The cod
Special Security Product and Service Offers15-12 Issue 7 June 2001Blocking or Reinstating Access Privileges for anASG LoginIf a user will not need ac
Securing DEFINITY Systems (Release 7.2 and Later) with Access Security Gateway (ASG)Issue 7 June 200115-13Displaying ASG Login InformationIf you need
Special Security Product and Service Offers15-14 Issue 7 June 20012. Type a new value in the Number of failed login attempts: field, if needed.(This
Avaya SupportIssue 7 June 200115-15Avaya SupportAvaya provides RPSD Keys to their maintenance centers to accommodate access to systems you secure wit
Special Security Product and Service Offers15-16 Issue 7 June 2001Toll Fraud Contact ListContact: For:Your Avaya Account Executive or Design Speciali
Issue 7 June 2001 16-116Product Security ChecklistsThis chapter contains the following security checklists: General Security Procedures (page 16-2)
Product Security Checklists16-2 Issue 7 June 2001 System 75 (page 16-14) System 85 (page 16-20) PassageWay Telephony Services (page 16-66)General
General Security ProceduresIssue 7 June 200116-3Customer EducationSystem manager/administrator has copy of Security Handbook/Toll Fraud OverviewSyste
Product Security Checklists16-4 Issue 7 June 2001AUDIX, DEFINITY AUDIX andINTUITY AUDIX Voice MessagingSystemsAlso see the general security checklist
AUDIX, DEFINITY AUDIX and INTUITY AUDIX Voice Messaging SystemsIssue 7 June 200116-5(Table 16-2. AUDIX, DEFINITY AUDIX and INTUITY AUDIX Voice Messag
Known Toll Fraud ActivityIssue 7 June 20012-7— LoopingLooping is a method that call sell operators use to circumvent restrictions that IXCs (Interexc
Product Security Checklists16-6 Issue 7 June 2001AUDIX Voice Power SystemAlso see the general security checklist on page 16-2, the security checklist
AUDIX Voice Power SystemIssue 7 June 200116-7Table 16-3. AUDIX Voice Power SystemY/N11. If “NO” (N), provide Note reference number and explain.Note N
Product Security Checklists16-8 Issue 7 June 2001BasicWorksAlso see the general security checklist on page 16-2.Customer: ___________________________
BasicWorksIssue 7 June 200116-9Password aging activatedLogins temporarily disabled when not needed (“disable/enable” commands)Customer access to INAD
Product Security Checklists16-10 Issue 7 June 2001COR-to-COR restrictions on dial-accessed trunksAutomatic Circuit Assurance (ACA) on trunks groupsSM
BasicWorksIssue 7 June 200116-11Authorization codes usedOperator calls restrictedSwitch-hook flash denied on FAX machines, modems, etc.COR-to-COR res
Product Security Checklists16-12 Issue 7 June 2001CONVERSANT Voice Information SystemAlso see the general security checklist on page 16-2, and the se
CONVERSANT Voice Information SystemIssue 7 June 200116-13Host PBXAnalog ports in CONVERSANT Voice Information System hunt group restricted from toll
Product Security Checklists16-14 Issue 7 June 2001DEFINITY ECS, DEFINITY G1 and G3, and System 75Also see the general security checklist on page 16-2
DEFINITY ECS, DEFINITY G1 and G3, and System 75Issue 7 June 200116-15Logins automatically disabled after security violations (G3V3 and later)Login pe
Introduction2-8 Issue 7 June 2001This same scam could also easily apply to messages left on voice mail. The person could state, “I’m John Doe calling
Product Security Checklists16-16 Issue 7 June 2001Second dial tone omitted between barrier and authorization codesAuthorization code timeout to atten
DEFINITY ECS, DEFINITY G1 and G3, and System 75Issue 7 June 200116-17SMDR/CDR activated on all trunk groupsTrunks measured by BCMS/CMSTrunk-to-Trunk
Product Security Checklists16-18 Issue 7 June 2001Station Security Code Security Violation Notification feature active Station Security Code Securit
DEFINITY ECS, DEFINITY G1 and G3, and System 75Issue 7 June 200116-19Switch-hook flash denied on FAX machines, modems, etc.COR-to-COR restrictions us
Product Security Checklists16-20 Issue 7 June 2001DEFINITY G2 and System 85Also see the general security checklist on page 16-2, and the security che
DEFINITY G2 and System 85Issue 7 June 200116-21Attendant Control of Trunk Group activated for any trunk groups with TACsVDNs have their own restricte
Product Security Checklists16-22 Issue 7 June 2001SMDR/CAS/CDR reports monitored daily, including authorization code violationsTraffic measurement re
DEFINITY G2 and System 85Issue 7 June 200116-23Administration login password changed on regular basisTransfer to Subscribers Only = y (AVP)Change pas
Product Security Checklists16-24 Issue 7 June 2001DIMENSION PBX SystemAlso see the general security checklist on page 16-2, and the security checklis
DIMENSION PBX SystemIssue 7 June 200116-25Ports for adjuncts in own restricted COSAuthorization codes usedAuthorization codes not sequential900, 976
Issue 7 June 2001 3-13Security RisksOverviewIn order for your system to be secure against toll fraud, you need to address access, egress, and system
Product Security Checklists16-26 Issue 7 June 2001Barrier code is a random 4-digit sequenceProduct MonitoringSMDR reports monitored daily, including
MERLIN II Communications SystemIssue 7 June 200116-27MERLIN II Communications SystemAlso see the general security checklist on page 16-2, and the sec
Product Security Checklists16-28 Issue 7 June 2001If outcalling enabled: All voice mail ports except last one toll restricted Last port for voice m
MERLIN LEGEND Communications SystemIssue 7 June 200116-29MERLIN LEGEND Communications SystemAlso see the general security checklist on page 16-2, and
Product Security Checklists16-30 Issue 7 June 2001Trunk groups dial access = nFRLs assigned to limit network access based on business needsRemote Acc
MERLIN LEGEND Communications SystemIssue 7 June 200116-31Disallow list created containing 0, 011, 10, 700, 800, 1800, 809, 1809, 411, 1411, 900, and
Product Security Checklists16-32 Issue 7 June 2001MERLIN MAIL Voice Messaging SystemAlso see the general security checklist on page 16-2, and the sec
MERLIN MAIL Voice Messaging SystemIssue 7 June 200116-33MERLIN LEGEND Communications System voice mail port(s) used for outcalling restricted via all
Product Security Checklists16-34 Issue 7 June 2001MERLIN MAIL-ML Voice Messaging SystemAlso see the general security checklist on page 16-2, and the
MERLIN MAIL-ML Voice Messaging SystemIssue 7 June 200116-35MERLIN LEGEND Communications System voice mail port(s) used for outcalling restricted via
Contentsiv Issue 7 June 2001 Automated Attendant 3-3 Other Port Security Risks 3-3 Voice Messaging Systems 3-4 Administration / Maintenance Acce
Security Risks3-2 Issue 7 June 2001Remote AccessRemote Access, or Direct Inward System Access (DISA), permits callers from the public network to acce
Product Security Checklists16-36 Issue 7 June 2001MERLIN MAIL R3 Voice Messaging SystemAlso see the general security checklist on page 16-2, and the
MERLIN MAIL R3 Voice Messaging SystemIssue 7 June 200116-37Transfer restricted to subscribers onlyLogin attempts before warning message < 6Login a
Product Security Checklists16-38 Issue 7 June 2001Automated AttendantNo pooled facility access codes translated on menusNo ARS codes translated on me
MERLIN Plus Communications SystemIssue 7 June 200116-39MERLIN Plus Communications SystemAlso see the general security checklist on page 16-2, and the
Product Security Checklists16-40 Issue 7 June 2001Messaging 2000 Voice Mail SystemAlso see the general security checklist on page 16-2.Customer: ____
Messaging 2000 Voice Mail SystemIssue 7 June 200116-41[Recommended] Use the Randomly Generated method of assigning passwords to new mailboxes.[Recomm
Product Security Checklists16-42 Issue 7 June 2001[Required] Set the Consecutive Login Failures Before Lock-Out parameter on the Subscriber tab in Sy
Messaging 2000 Voice Mail SystemIssue 7 June 200116-43[Recommended] When Quick Assist is run in recover mode from the \CVR prompt in an OS/2 window,
Product Security Checklists16-44 Issue 7 June 2001End-User Education[Required] The end-user must periodically/frequently change all secondary passwor
Multimedia Communications Exchange ServerIssue 7 June 200116-45Multimedia Communications Exchange ServerAlso see the general security checklist on pa
Automated AttendantIssue 7 June 20013-3Automated AttendantAutomated attendant systems direct calls to pre-designated stations by offering callers a m
Product Security Checklists16-46 Issue 7 June 2001Multipoint Conferencing Unit(MCU)/Conference Reservation andControl System (CRCS)Also see the gener
Multipoint Conferencing Unit (MCU)/Conference Reservation and Control System (CRCS)Issue 7 June 200116-47Customer EducationSystem manager/administrat
Product Security Checklists16-48 Issue 7 June 2001ESM Security ChecklistNOTE:See the appropriate security checklist for the host MSM.MCU Product Chec
Multipoint Conferencing Unit (MCU)/Conference Reservation and Control System (CRCS)Issue 7 June 200116-49Table 16-18. ESM Y/N11. If “NO” (N), provide
Product Security Checklists16-50 Issue 7 June 2001CRCS Security ChecklistCustomer: _________________________________________CRCS Type: ______________
Multipoint Conferencing Unit (MCU)/Conference Reservation and Control System (CRCS)Issue 7 June 200116-51MSM Security ChecklistSee the appropriate se
Product Security Checklists16-52 Issue 7 June 2001Table 16-20. MSM Y/N1Note N/ASystem AdministrationCustomer advised of all logins under their contro
Multipoint Conferencing Unit (MCU)/Conference Reservation and Control System (CRCS)Issue 7 June 200116-53Remote Access administered Remote access nu
Product Security Checklists16-54 Issue 7 June 2001Tie trunk groups are COR-to-COR restrictedTrunk groups have dial access = nCOR-to-COR restrictions
Multipoint Conferencing Unit (MCU)/Conference Reservation and Control System (CRCS)Issue 7 June 200116-55Data Origination feature code not translated
Security Risks3-4 Issue 7 June 2001Voice Messaging SystemsVoice messaging systems provide a variety of voice messaging applications; operating simila
Product Security Checklists16-56 Issue 7 June 2001PARTNER, PARTNER II, and PARTNER Plus Communications Systems, and PARTNER Advanced Communications S
PARTNER, PARTNER II, and PARTNER Plus Communications Systems, and PARTNER Advanced Communications System (ACS)Issue 7 June 200116-57Customer Educatio
Product Security Checklists16-58 Issue 7 June 2001Customer is aware of network-based toll fraud surveillance offerings such as netPROTECTCustomer kno
PARTNER, PARTNER II, and PARTNER Plus Communications Systems, and PARTNER Advanced Communications System (ACS)Issue 7 June 200116-59System Administra
Product Security Checklists16-60 Issue 7 June 2001Product Monitoringfor PARTNER Plus, PARTNER II, and PARTNER ACS onlySMDR/Call Accounting reports mo
PARTNER MAIL, PARTNER MAIL VS, and PARTNER Voice Mail (PVM) SystemsIssue 7 June 200116-61PARTNER MAIL, PARTNER MAIL VS, and PARTNER Voice Mail (PVM)
Product Security Checklists16-62 Issue 7 June 2001for PARTNER MAIL System onlySystem mailboxes (90 to 98 and 9999) assigned COS 7 to 9 to prevent tra
System 25Issue 7 June 200116-63System 25Also see the general security checklist on page 16-2, and the security checklist for any attached voice mail
Product Security Checklists16-64 Issue 7 June 2001Positive disconnect verified with loop start trunksRemote AccessRemote activated only if requiredUs
System 25Issue 7 June 200116-65Disable remote maintenance access when not in useProduct MonitoringSMDR/CAS reports monitored daily, administration lo
Administration / Maintenance AccessIssue 7 June 20013-5The following is a list of customer logins for systems in this handbook that provide login cap
Product Security Checklists16-66 Issue 7 June 2001PassageWay Telephony ServicesAlso see the general security checklist on page 16-2.Customer: _______
PassageWay Telephony ServicesIssue 7 June 200116-67System AdministrationGuidelines followed for logins/passwords for user accounts. (See PassageWay c
Product Security Checklists16-68 Issue 7 June 2001For NetWare only:Used the NetWare Administrator feature (NetWare 4.10 and 4.11) or SYSCON utility (
PassageWay Telephony ServicesIssue 7 June 200116-69Access ControlTo ensure protection of sensitive system files used by Tserver, only System Administ
Product Security Checklists16-70 Issue 7 June 2001 Configure the following security options:— Require login names for callers— Make passwords case s
Issue 7 June 2001 17-117Large Business Communications Systems Security Tools by ReleaseThe following tables contain page references for the available
Large Business Communications Systems Security Tools by Release17-2 Issue 7 June 2001Alternate Facility Restriction Levels‘‘Remote Access’’ on page 3
Issue 7 June 2001 17-3Barrier Code ‘‘Remote Access’’ on page 3-2‘‘Security Tips’’ on page 4-2‘‘Barrier Codes’’ on page 4-4‘‘Restrict Who Can Use Remo
Large Business Communications Systems Security Tools by Release17-4 Issue 7 June 2001Call Detail Recording (SMDR)‘‘Call Detail Recording (CDR) / Stat
Issue 7 June 2001 17-5Class of Service ‘‘Class of Service’’ on page 4-16‘‘Class of Service’’ on page 6-7‘‘Class of Service’’ on page 7-3xxxxxxxxxCMS
Security Risks3-6 Issue 7 June 2001Increasing Adjunct Access SecuritySince system adjuncts can be used to log in to otherwise “protected” systems, yo
Large Business Communications Systems Security Tools by Release17-6 Issue 7 June 2001Facility Restriction Levels‘‘Class of Restriction’’ on page 4-13
Issue 7 June 2001 17-7INADS Port Access Restrictions‘‘Adding Customer Logins and Assigning Initial Password’’ on page 12-13xxList Call Forward Comman
Large Business Communications Systems Security Tools by Release17-8 Issue 7 June 2001Recent Change History Report‘‘Recent Change History Report (DEFI
Issue 7 June 2001 17-9Security Violation Notification Feature‘‘Security Violation Notification Feature (DEFINITY ECS and DEFINITY G3 only)’’ on page
Large Business Communications Systems Security Tools by Release17-10 Issue 7 June 2001Traffic Measurements and Performance‘‘Traffic Measurements and
Issue 7 June 2001 18-118Non-supported ProductsProducts No Longer SupportedBelow are listed the products Avaya no longer supports as of the given date
Non-supported Products18-2 Issue 7 June 2001Non-supported Products as of Sept. 30, 2000As of September 30, 2000, Avaya no longer supports these produ
Issue 7 June 2001 GL-1 GLGlossaryAAARAutomatic Alternate Routing ACAAutomatic Circuit AssuranceACDAutomatic Call DistributionADAPAUDIX Data Acquisiti
GlossaryGL-2 Issue 7 June 2001 ARS Dial ToneThe dial tone callers hear after they enter the ARS feature access code.AttendantThe operator of the cons
GlossaryIssue 7 June 2001 GL-3 Call ForwardingA set of features that allow calls destined for an extension to be redirected to another extension, des
Administration / Maintenance AccessIssue 7 June 20013-7Another area that may be vulnerable to toll fraud is the System 75 and the DEFINITY ECS, DEFIN
GlossaryGL-4 Issue 7 June 2001 Class of RestrictionA number (0 through 63) that specifies the calling privileges and limitations assigned to stations
GlossaryIssue 7 June 2001 GL-5 ETNElectronic Tandem NetworkEnhanced Call TransferAn AUDIX Voice Mail System feature that provides security by interac
GlossaryGL-6 Issue 7 June 2001 Feature Access CodeA code used to access a feature, such as ARS, Data Origination, Priority Calling and Call Pickup.Fo
GlossaryIssue 7 June 2001 GL-7 LLECLocal Exchange Carrier
GlossaryGL-8 Issue 7 June 2001 MManual Terminating RestrictionPrevents the station from receiving calls other than those originated by the attendant.
GlossaryIssue 7 June 2001 GL-9 Outward RestrictedRestricts the station from placing outgoing calls over specified trunks.PPARTNER AttendantAn Avaya a
GlossaryGL-10 Issue 7 June 2001 Referral CallAn internally-generated call that terminates to a designated destination and indicates an event such as
GlossaryIssue 7 June 2001 GL-11 Service ObservingThe monitoring of actual calls in progress for security purposes.Station Message Detail RecordingCre
GlossaryGL-12 Issue 7 June 2001 UDPUniform Dial PlanUniform Dial PlanA feature that allows a unique 4- or 5-digit number assignment for each terminal
Issue 7 June 2001 IN-1 INIndexNumerics 0 calls, 4-23, 4-53 00 calls, 4-23 01 calls, 4-34 blocking, 10-14 010 calls, 4-34 011 calls, 4-34, 4-53 10xxx
Security Risks3-8 Issue 7 June 2001General Security MeasuresGeneral security measures can be taken systemwide to discourage unauthorized use.Educatin
IndexIN-2 Issue 7 June 2001authorization code, 4-3, 4-17, 4-21, 4-28, 4-29, 6-56, 6-58 invalid login attempts, 4-63 maximum allowed, 4-8 monitoring u
IndexIssue 7 June 2001 IN-3 Call Forward Off-Net, 4-16, 6-7, 7-3 Call Forwarding, 2-8, 4-69 Feature Access Code, 4-8 call list, 6-7, 7-5 free, 4-18 s
IndexIN-4 Issue 7 June 2001Data Restriction Feature Access Code, 4-8 DCS, see Distributed Communication System default passwords changing, 3-4 DEFINI
IndexIssue 7 June 2001 IN-5 Feature Access Code, 2-5 Abbreviated Dialing, 4-8 ARS/AAR, 4-8 Call Forwarding, 4-8 Data Origination, 4-8 Data Privacy, 4
IndexIN-6 Issue 7 June 2001M maintenance access, 3-7 maintenance port, 3-9 target of abuse, 2-4 Malicious Call Trace, 4-67 Manager I, 6-13 reporting,
IndexIssue 7 June 2001 IN-7 Outgoing Trunk to Outgoing Trunk Transfer disabling, 4-43 Outward Restriction, 4-14, 4-16, 6-7, 7-4 overlapped sending, 4
IndexIN-8 Issue 7 June 2001Remote Access, (continued)status report, 4-63 System 25, 5-63 System 75, 4-2 System 85, 4-2 Violations Status Report, 4-64
IndexIssue 7 June 2001 IN-9 service observing, 4-68, 4-69 shoulder surfing, 2-6 six-digit screening, 2-8 SMDR reports, 5-6, 5-13, 5-61, 5-64, 6-34, 6
IndexIN-10 Issue 7 June 2001traffic abnormal patterns, 7-10 measurements, 4-53 monitoring flow, 4-55 reports, 6-18, 6-29, 7-13 Trans Talk 9000 Digita
IndexIssue 7 June 2001 IN-11 voice terminal Public Restriction, 4-15 Termination Restriction, 4-15 voice terminal group attendant-controlled, 4-19 vo
General Security MeasuresIssue 7 June 20013-9Establishing a PolicyAs a safeguard against toll fraud, follow these guidelines: Change passwords frequ
IndexIN-12 Issue 7 June 2001
Security Risks3-10 Issue 7 June 2001Security Goals TablesThe following tables list the security goals for each communications system, and provide an
Security Goals TablesIssue 7 June 20013-11Suppress dial tone after barrier code enteredSuppress Remote Access Dial Tone — (G1, G3 and System 75 R1V3
ContentsIssue 7 June 2001 v Tools that Restrict Unauthorized Outgoing Calls 4-12Class of Restriction 4-13Calling Party and Called Party Restrictions
Security Risks3-12 Issue 7 June 2001Limit calling permissionsCOS (G2 and System 85 only)Set COS restrictionsCOR (G1, G3, and System 75 only)Set FRLSe
Security Goals TablesIssue 7 June 20013-13Prevent exit from Voice Messaging SystemLimit calling permissionsCOR (G1, G3, and System 75 only)Set low FR
Security Risks3-14 Issue 7 June 2001Prevent exit from Automated Attendant ServiceLimit calling permissionsCOR (G1, G3, and System 75 only)Set low FRL
Security Goals TablesIssue 7 June 20013-15Prevent unauthorized outgoing callsLimit calling permissionsSwitch dial restrictionsSet outward/toll restri
Security Risks3-16 Issue 7 June 2001Protect Remote System ProgrammingRequire password to access system programmingSystem Programming password (MERLIN
Security Goals TablesIssue 7 June 20013-17Prevent exit from Voice Messaging SystemLimit calling permissionsSwitch Dial Restrictions (System 25, MERLI
Security Risks3-18 Issue 7 June 2001Prevent theft of information via Voice Messaging SystemAssign secure passwordsPasswords Encourage users to select
Security Goals TablesIssue 7 June 20013-19Table 3-3. Security Goals: PARTNER II and PARTNER Plus Communications SystemsSecurity Goal Method Security
Security Risks3-20 Issue 7 June 2001Prevent theft of information via Voice Messaging SystemAssign secure passwordsPasswords (PARTNER Plus Communicati
Issue 7 June 2001 4-14Large Business Communications SystemsThis chapter provides information on protecting the following: DEFINITY ECS Release 5 and
Contentsvi Issue 7 June 2001 Provide Individualized Calling Privileges Using FRLs 4-30Prevent After-Hours Calling Using Time of DayRouting or Alterna
Large Business Communications Systems4-2 Issue 7 June 2001Keeping Unauthorized Third Partiesfrom Entering the SystemHow Third Parties Enter the Syste
Keeping Unauthorized Third Parties from Entering the SystemIssue 7 June 20014-3 Require maximum length barrier codes and authorization codes. For Sy
Large Business Communications Systems4-4 Issue 7 June 2001*For ASAI, see the applicable product feature description.Barrier CodesFigure 4-1 illustrat
Keeping Unauthorized Third Parties from Entering the SystemIssue 7 June 20014-5Figure 4-1. Remote Access Call PathINCOMINGREMOTEACCESS CALLYESYESNOYE
Large Business Communications Systems4-6 Issue 7 June 2001For DEFINITY ECS, DEFINITY G1, G3, and System 75, you can assign up to 10 barrier codes to
Keeping Unauthorized Third Parties from Entering the SystemIssue 7 June 20014-7For DEFINITY G2 and System 85, either a barrier code or an authorizati
Large Business Communications Systems4-8 Issue 7 June 2001The authorization code option requires that the caller enter a valid authorization code to
Keeping Unauthorized Third Parties from Entering the SystemIssue 7 June 20014-9Night ServiceYou can control the time of day that Remote Access is ava
Large Business Communications Systems4-10 Issue 7 June 2001Protecting Vectors That Contain Call PromptingHackers try to enter unanticipated digit str
Keeping Unauthorized Third Parties from Entering the SystemIssue 7 June 20014-11Status Remote Access CommandFor DEFINITY G3V4 and later, which includ
ContentsIssue 7 June 2001 viiCall Detail Recording (CDR) / Station MessageDetail Recording (SMDR) 4-52Traffic Measurements and Performance 4-53Monito
Large Business Communications Systems4-12 Issue 7 June 2001Tools that Restrict Unauthorized Outgoing CallsUse the following tools to prevent fraudule
Tools that Restrict Unauthorized Outgoing CallsIssue 7 June 20014-13Class of RestrictionFor DEFINITY ECS, DEFINITY G1, G3, and System 75, the Class o
Large Business Communications Systems4-14 Issue 7 June 2001Calling Party and Called Party RestrictionsFor DEFINITY G3 systems prior to DEFINITY ECS R
Tools that Restrict Unauthorized Outgoing CallsIssue 7 June 20014-15COR-to-COR Restrictions/Calling PermissionsIf it is not practical to dial-access-
Large Business Communications Systems4-16 Issue 7 June 2001Class of ServiceFor DEFINITY G2 and System 85, station access to various switch features i
Tools that Restrict Unauthorized Outgoing CallsIssue 7 June 20014-17For DEFINITY G3V2 and later releases, which includes DEFINITY ECS, an additional
Large Business Communications Systems4-18 Issue 7 June 2001Alternate Facility Restriction LevelsFor DEFINITY G2, G3r, and System 85, this tool is use
Tools that Restrict Unauthorized Outgoing CallsIssue 7 June 20014-19ARS Dial ToneFor all switches, the dial tone after the ARS feature access code is
Large Business Communications Systems4-20 Issue 7 June 2001Restrictions — Individual and Group-Controlled(DEFINITY ECS, DEFINITY G1, G3, andSystem 75
Tools that Restrict Unauthorized Outgoing CallsIssue 7 June 20014-21Restricting Incoming Tie TrunksYou can deny access to AAR/ARS/WCR trunks when the
Contentsviii Issue 7 June 2001 Protecting Remote Access 5-12Security Tips 5-12Protecting Remote System Programming 5-14Security Tips 5-14Protecting R
Large Business Communications Systems4-22 Issue 7 June 2001DEFINITY G3V3 and later releases, including DEFINITY ECS Release 5 and later, offer three
Tools that Restrict Unauthorized Outgoing CallsIssue 7 June 20014-23World Class Routing (DEFINITY ECS andDEFINITY G2.2 and G3 only)The World Class Ro
Large Business Communications Systems4-24 Issue 7 June 2001Station Security Codes (SSCs)Station Security Codes (SSCs) are used with two features: Per
Tools that Restrict Unauthorized Outgoing CallsIssue 7 June 20014-25Security TipsPSA/TTI transactions are recorded in the history log, which can be a
Large Business Communications Systems4-26 Issue 7 June 2001For remote users, an additional security precaution for feature access is provided via the
Security MeasuresIssue 7 June 20014-27Security MeasuresThe following procedures explain how to use security tools to create restrictions that help pr
Large Business Communications Systems4-28 Issue 7 June 2001DEFINITY G3V3 and later systems, which includes DEFINITY ECS, are shipped without any cust
Security MeasuresIssue 7 June 20014-29 Enter up to 10 barrier codes (use all seven digits) and assign each a COR and COS that allow only necessary c
Large Business Communications Systems4-30 Issue 7 June 2001 Use PROC286 WORD1 FIELD16 to send calls to an intercept tone, a CAS attendant, or a loca
Security MeasuresIssue 7 June 20014-31NOTE:FRLs 1 through 7 include the capabilities of the lower FRLs.For DEFINITY ECS, DEFINITY G1, G3 and System 7
ContentsIssue 7 June 2001 ixMERLIN Mail/MERLIN LEGEND Mail/MERLINMessaging Toll Fraud at a Glance 5-46LEGEND/MAGIX Toll Fraud Check List 5-46LEGEND T
Large Business Communications Systems4-32 Issue 7 June 2001Prevent After-Hours Calling Using Time of DayRouting or Alternate FRLsYou can regulate the
Security MeasuresIssue 7 June 20014-33Block International CallingIf your company does not do business overseas, deny everyone the ability to directly
Large Business Communications Systems4-34 Issue 7 June 2001For DEFINITY ECS and DEFINITY G3: Enter change ars analysis partition to display the ARS
Security MeasuresIssue 7 June 20014-35For DEFINITY ECS and DEFINITY G3: Enter change ars analysis to display the ARS Analysis screen. Specify the t
Large Business Communications Systems4-36 Issue 7 June 2001Restrict Calls to Specified Area CodesIf your business does not make calls to certain area
Security MeasuresIssue 7 June 20014-37For DEFINITY G2.2: Use WCR with PROC314 WORD1 and WORD2 and permit only certain numbers. Consider using Networ
Large Business Communications Systems4-38 Issue 7 June 2001For DEFINITY G2 and System 85: Enter PROC000 WORDD2 FIELD5 to assign an extension to a gr
Security MeasuresIssue 7 June 20014-39Use Attendant Control of Trunk Group AccessIf direct access to trunk groups must be allowed, consider making th
Large Business Communications Systems4-40 Issue 7 June 2001 Time slot test call — Connects the voice terminal user to a specific time slot located o
Security MeasuresIssue 7 June 20014-41For DEFINITY ECS, DEFINITY G1, G3, and System 75: Use change cor to display the Class of Restriction screen.
Comments to this Manuals