Technical information

ManualsBrandsAT&T ManualsNetwork RouterDEFINITY Remote Port Security Device

161

162

163

164

165

166

167

168

169

170

MERLIN LEGEND/MAGIX Toll Fraud

Issue 7 June 2001

5-33

****SECURITY ALERT****

The MERLIN MAGIX Integrated System ships with ARS activated with all

extensions set to Facility Restriction Level 3, allowing all international calling. To

prevent toll fraud, ARS Facility Restriction Levels (FRLs) should be established

using:



FRL 0 for restriction to internal dialing only.

 FRL 2 for restriction to local network calling only.

 FRL 3 for restriction to domestic long-distance (excluding area code 809

for the Dominican Republic as this is part of the North American Numbering

Plan, unless 809 is required).

 FRL 4 for international calling.

WARNING:

Default local and default toll tables are factory-assigned an FRL of 2. This

simplifies the task of restricting extensions: the FRL for an extension merely

needs to be changed from the default of 3.

WARNING:

Each extension should be assigned the appropriate FRL to match its calling

requirements. All voice mail port extensions not used for Outcalling should be

assigned to FRL 0 (the factory setting).

 Deny access to pooled facility codes by removing pool dial-out codes 70,

890 899, or any others on your system.

 Create a Disallowed List or use the pre-prepared Disallowed List number 7

to disallow dialing 0, 11, 10, 1700, 1809, 1900, and 976 or 1 (wildcard) 976.

Disallowed List number 7 does not include 800, 1800, 411, and 1411, but

Avaya recommends that you add them. Assign all voice mail port

extensions to this Disallowed List. Avaya recommends assigning

Disallowed List number 7. This is an added layer of security, in case

outward restriction is inadvertently removed. (Voice messaging ports are

assigned, by default, to Disallowed List number 7.)

If Outcalling is required by voice messaging system extensions:

 Program an ARS Facility Restriction Level (FRL) of 2 on voice mail port

extensions used for Outcalling.

 If 800 and 411 numbers are used, remove 1800, 800, 411, and 1411 from

Disallowed List number 7.

 If Outcalling is allowed to long-distance numbers, build an Allowed List for

the voice mail port extensions used for Outcalling. This list should contain

the area code and the first three digits of the local exchange telephone

numbers to be allowed.