Technical information

ManualsBrandsAT&T ManualsNetwork RouterDEFINITY Remote Port Security Device

311

312

313

314

315

316

317

318

319

320

Administering the SVN Feature

Issue 7 June 2001

12-7

If the Remote Access feature is to be dormant for a period of time, the feature can

be disabled using the

disable remote-access command. Entry of this command

will disable the Remote Access feature until it is re-enabled using the

enable

remote-access

command.

Administering Login ID Kill After N Attempts

Following is an example of how to administer this feature.

1. Enter the

change system-parameters features command to assign

Security Violation Notification (SVN) parameters. When the

system-parameters features screen appears, complete the following fields:

 SVN Login Violation Notification Enabled field — Enter y in this field

to enable the login component of the SVN feature.

 Originating Extension field — Enter an unassigned extension that

conforms to the switch dial plan.

 Referral Destination field — Enter an extension that is assigned to a

station equipped with a display module.

 Login Threshold field — Enter the number of times entry of an

invalid login ID, or valid login ID/invalid password combination will

be permitted before a security violation is detected.

 Time Interval field — Enter the duration of time that the invalid login

attempts must occur within.

2. Enter the add/change login <login ID> command to access the login

administration form.

 Disable Following A Security Violation field — If not already

assigned, enter

y in this field to disable the login ID following a

security violation involving the login ID.

In the event a security violation involving the login ID is detected, a referral call is

generated, alerting the switch administrator of the violation. When a login violation

is detected for a valid login ID, the login ID is disabled, prohibiting any further use

until the security violation is investigated and the login ID is re-enabled.

Consult the monitor security-violation report and security measurements report to

determine the nature and source of the security violation. If the attempts to access

the switch administration originated from a remote source, the local exchange and

long distance carriers may provide assistance in tracing the source of the invalid

access attempts. The affected login ID should not be re-enabled until the source

of the violation is identified and you are confident that the switch administration

maintenance interface is secure.