Lucent Technologies Definity Enterprise Communication Server 8.2 Manual De Usuario
DEFINITY ECS Release 8.2
Administrator’s Guide
Administrator’s Guide
555-233-506
Issue 1
April 2000
Enhancing system security
307
Preventing toll fraud
11
Set logoff notification and forced password aging when administering
logins. You must assign passwords for these logins at setup time.
logins. You must assign passwords for these logins at setup time.
Establish well-controlled procedures for resetting passwords.
2. Prevent voice mail system transfer to dial tone
Activate “secure transfer” features in voice mail systems.
Place appropriate restrictions on voice mail access/egress ports.
Limit the number of invalid attempts to access a voice mail to five or less.
3. Deny unauthorized users direct inward system access (screen)
If you are not using the Remote Access features, deactivate or disable them.
If you are using Remote Access, require the use of barrier codes and/or
authorization codes set for maximum length. Change the codes frequently.
authorization codes set for maximum length. Change the codes frequently.
It is your responsibility to keep your own records regarding who is allowed
to use which authorization code.
to use which authorization code.
4. Place protection on systems that prompt callers to input digits
Prevent callers from dialing unintended digit combinations at prompts.
Restrict auto attendants and call vectors from allowing access to dial tone.
5. Use system software to intelligently control call routing
Create Automatic Route Selection or World Class Routing patterns to
control how each call is to be handled.
control how each call is to be handled.
Use “Time of Day” routing capabilities to limit facilities available on
nights and weekends.
nights and weekends.
Deny all end-points the ability to directly access outgoing trunks.
6. Block access to international calling capability
When international access is required, establish permission groups.
Limit access to only the specific destinations required for business.
7. Protect access to information stored as voice
Password restrict access to voice mail mailboxes.
Use non-trivial passwords and change passwords regularly.
8. Provide physical security for telecommunications assets
Restrict unauthorized access to equipment rooms and wire connection
closets.
closets.
Protect system documentation and reports data from being compromised.