Lucent Technologies Definity Enterprise Communication Server 8.2 Manual Do Utilizador
DEFINITY ECS Release 8.2
Administrator’s Guide
Administrator’s Guide
555-233-506
Issue 1
April 2000
Features and technical reference
1479
Security violations notification
20
Security violations notification
When a security violation occurs, security violations notification (SVN) notifies a
designated referral point. This can be an attendant console, a display-equipped
phone, or a phone without display for SVN referral calls with announcements.
designated referral point. This can be an attendant console, a display-equipped
phone, or a phone without display for SVN referral calls with announcements.
The system monitors and reports on the following types of security violations:
■
Login violations
■
Remote access barrier code violations
■
Authorization code violations
■
Station security code violations
DEFINITY ECS provides the option to log a major alarm if a security violation
occurs involving a Lucent Technologies services login ID. Lucent Technologies is
responsible for retiring the alarm.
occurs involving a Lucent Technologies services login ID. Lucent Technologies is
responsible for retiring the alarm.
Refer to DEFINITY ECS Reports for more information on how to run reports, and
respond to security violations.
respond to security violations.
To effectively monitor the security of your system, you need to know how often
both valid and invalid attempts at system entry are normally made. Then you will
know if the number of invalid attempts is unusually high. A significant increase in
such attempts can mean the system is being compromised.
both valid and invalid attempts at system entry are normally made. Then you will
know if the number of invalid attempts is unusually high. A significant increase in
such attempts can mean the system is being compromised.
NOTE:
It is recommended that you print and clear the security-violation
measurement reports at least once a month. In a busy system, once a week is
not too frequent.
measurement reports at least once a month. In a busy system, once a week is
not too frequent.
Security violation thresholds and notification
As an example, you may determine that during a forty-hour week, it’s normal for
users to submit about 1,000 valid barrier codes and 150 invalid barrier codes; that
is, about 3.75 invalid barrier codes are submitted per hour.
users to submit about 1,000 valid barrier codes and 150 invalid barrier codes; that
is, about 3.75 invalid barrier codes are submitted per hour.
With this information, you may decide to declare that a security violation occurs
during any hour in which 8 invalid barrier codes are submitted. If you know that
during an 8-hour period, about 30 invalid codes are submitted, you might set the
threshold to count a security violation when 40 invalid codes are submitted within
eight hours.
during any hour in which 8 invalid barrier codes are submitted. If you know that
during an 8-hour period, about 30 invalid codes are submitted, you might set the
threshold to count a security violation when 40 invalid codes are submitted within
eight hours.
You can administer SVN to place a referral call to the location of your choice
whenever the established thresholds are reached. All SVN referral calls are
priority calls.
whenever the established thresholds are reached. All SVN referral calls are
priority calls.