Technical information

ManualsBrandsAT&T ManualsNetwork RouterDEFINITY Remote Port Security Device

191

192

193

194

195

196

197

198

199

200

Small Business Communications Systems

5-64 Issue 7 June 2001

Security Tips

 Evaluate the necessity for Remote Access. If this feature is not vital to your

organization, consider not using it or limiting its use. If you need the

feature, use as many of the security measures presented in this section as

you can.

 Program the Remote Access feature to require the caller to enter a

password (barrier access code) before the system will allow the caller

access.

 Use the system’s toll restriction capabilities to restrict the long distance

calling ability of Remote Access users as much as possible, consistent with

the needs of your business. For example, allow users to make calls only to

certain area codes, or do not allow international calls.

 Protect your Remote Access telephone number and password (barrier

access code). Only give them to people who need them, and impress upon

these people the need to keep the telephone number and password

(barrier access code) secret.

 Monitor your SMDR records and/or your Call Accounting System reports

regularly for signs of irregular calls. Review these records and reports for

the following symptoms of abuse:

— Short holding times on one trunk group

— Calls to international locations not normal for your business

— Calls to suspicious destinations

— High numbers of “ineffective call attempts” indicating attempts at

entering invalid barrier codes or authorization codes

— Numerous calls to the same number

— Undefined account codes

Protecting Remote System Administration

The Remote System Administration feature allows your telephone system

administrator to make changes to your System 25 system programming from

another location by dialing into the system. The feature also may be used, at your

request, by Avaya personnel to do troubleshooting or system maintenance.

However, unauthorized persons could disrupt your business by altering your

system programming. In addition, they could activate features (such as Remote

Access) that would permit them to make long distance calls through your system.

The following security measures assist you in managing the Remote System

Administration feature to help prevent unauthorized use.