Technical information
MERLIN LEGEND Communications System
Issue 7 June 2001
5-7
MERLIN LEGEND Communications
System
This section provides information on protecting the MERLIN LEGEND
Communications System.
Unauthorized persons concentrate their activities in the following two areas with
the MERLIN LEGEND Communications System:
Transfer out of the MERLIN LEGEND Communications System to gain
access to an outgoing trunk and make long distance calls.
Locate unused or unprotected mailboxes and use them as drop-off points
for their own messages.
Additional security measures are required to protect adjunct equipment.
Chapter 6 contains security measures to protect the attached voice
messaging system. For general security measures, refer to ‘‘Protecting
Voice Messaging Systems’’ on page 6-2. For product-specific security
measures, refer to ‘‘MERLIN LEGEND Communications System’’ on page
6-37.
Chapter 7 contains security measures to protect the Automated Attendant
feature of your communications system. See ‘‘MERLIN LEGEND
Communications System’’ on page 7-20.
The MERLIN LEGEND Communications System permits trunk-to-trunk transfers
from Voice Mail Integrated (VMI) ports starting with Release 2.1. Starting with
Release 3.1, the following are in effect:
VMI ports are assigned outward restrictions by default
Trunk-to-trunk transfer can be allowed or disallowed on a per-station basis,
and the default setting for all stations is restricted. Trunk-to-trunk transfer is
the transferring of an outside call to another outside number. Whenever
trunk-to-trunk transfer is disabled, users cannot transfer an outside call to
an outside line.
NOTE:
The ability to transfer internal calls to outside numbers cannot be
blocked for an individual extension. However, Calling Restrictions or
Disallowed Lists can be assigned to individual extensions to prevent
outward or toll calls. Also, a call transfer to an outside destination is
disconnected if the original call is on a trunk that does not have
reliable disconnect, or if another user joined the call, and the call is
now a conference call (which cannot be transferred).
Pool dial-out codes are restricted for all extensions by default. No
extension or remote access user with a barrier code has access to pools
until the restriction is removed by the system manager.