Manualshelf

Technical information

ManualsBrandsAT&T ManualsNetwork RouterDEFINITY Remote Port Security Device
111112113114115116117118119120
Detecting Toll Fraud
Issue 7 June 2001
4-57
CMS Measurements
This monitoring technique measures traffic patterns and times on calls and
compares them to traffic counts and time limit thresholds. An exceptions log is
maintained whenever the traffic counts or time limits exceed the preset
thresholds.
For DEFINITY ECS and DEFINITY G1 and G3:
Use change trunk-group to display the Trunk Group screen.
In the Measured field, enter external if you have only CMS or both if you
have BCMS and CMS.
To generate reports, use cms reports.
For DEFINITY G2:
Use PROC115 WORD1 FIELD5 to specify incoming or two-way
measurements by CMS.
Set up time limits and count thresholds on CMS (Trunk Group Exceptions).
Exceptions are reported to designated CMS terminals (User Permissions:
Trunk Group Access). CMS keeps a log of exceptions (Real-Time
Exception Log, Historical Report: Trunk Group Exceptions).
Security Violation Notification Feature
(DEFINITY ECS and DEFINITY G3 only)
For DEFINITY ECS and DEFINITY G3, the Security Violation Notification Feature
(SVN) provides the capability to immediately detect a possible breach of the
System Management, Remote Access, or Authorization Code features; and to
notify a designated destination upon detection. It is intended to detect Generic 3
Management Terminal (G3-MT) or Generic 3 Management Application (G3-MA)
login failures through the INADS port, based on customer-administrable
thresholds. Once an SVN threshold is reached, (for a System Management login,
a Remote Access barrier code, and, for DEFINITY G3V3 and later, an
Authorization code), the system initiates a referral call to an assigned referral
destination.
For systems earlier than DEFINITY G3V3, the referral destination must be an
attendant console or station equipped with a display module. For DEFINITY G3V3
and later, the referral destination can be any station, if an announcement has
been administered and recorded. Also for G3V3 and later releases, including
DEFINITY ECS, the SVN Referral Call with Announcement option provides a
recorded message identifying the type of violation accompanying the SVN referral
call, such as login violation, remote access violation, or authorization code
violation. Using call forwarding, call coverage, or call vector Time of Day routing,
SVN calls with announcements can terminate to any point on or off the switch.
The Security Violation Notification feature also provides an audit trail about each
attempt to access the switch using an invalid login, remote access or (G3V3 and
later) authorization code.