Справочник Пользователя для Lucent Technologies Release 8.2
403
Administration for Network Connectivity
555-233-504 — Issue 1 — April 2000
CID: 77730
C
Security Issues
This Appendix briefly discusses issues related to system security for DEFINITY ECS in a TCP/IP
network environment.
network environment.
Network Security Issues
This section describes a strategy to ensure the security of an intranet that is connected to DEFINITY
ECS R7 or later systems.
ECS R7 or later systems.
Overview
The TCP/IP connectivity available with Release 7 and later of DEFINITY
ECS makes it possible to connect one or more DEFINITY ECS systems in a
network that includes connections to a company’s existing data network
(LAN or intranet). This integration of networks introduces the possibility of
unauthorized access — to the DEFINITY network through the LAN/intranet
and to the LAN/intranet through the DEFINITY network.
ECS makes it possible to connect one or more DEFINITY ECS systems in a
network that includes connections to a company’s existing data network
(LAN or intranet). This integration of networks introduces the possibility of
unauthorized access — to the DEFINITY network through the LAN/intranet
and to the LAN/intranet through the DEFINITY network.
Security concerns
Security can mean many different things. The strategy described here focuses
on three key concerns from a customer perspective:
on three key concerns from a customer perspective:
1
How can a customer network be protected from unauthorized outside access
through a DEFINITY ECS? That is, how can a hacker be prevented from dialing
into a DEFINITY ECS and getting on the customer LAN?
through a DEFINITY ECS? That is, how can a hacker be prevented from dialing
into a DEFINITY ECS and getting on the customer LAN?
2
How can a customer network be protected from unauthorized access by Lucent
services personnel?
services personnel?
3
How can a DEFINITY ECS be protected from unauthorized access through the
customer LAN?
customer LAN?
Security solutions
The first and most important line of defense in any security strategy is access
control. Damage to the network or theft of proprietary information by hackers
can be prevented by completely denying access to unauthorized users.
control. Damage to the network or theft of proprietary information by hackers
can be prevented by completely denying access to unauthorized users.
Access control can be provided by three means:
•
network topology
•
network administration
•
authentication