Manualshelf

Technical information

ManualsBrandsAT&T ManualsNetwork RouterDEFINITY Remote Port Security Device
351352353354355356357358359360
Special Security Product and Service Offers
15-4 Issue 7 June 2001
Securing DEFINITY Systems
(Release 7.2 and Later) with Access
Security Gateway (ASG)
The Access Security Gateway (ASG) integrates challenge/response technology
into Avaya products and is available, beginning with the DEFINITY ECS Release
7.2 (that is, DEFINITY G3V7.2), to secure the DEFINITY switch administration
and maintenance ports and logins and thus reduce the possibility of unauthorized
access to the system.
The challenge/response negotiation starts after you have established an RS-232
session and have entered a valid DEFINITY ECS login ID. The authentication
transaction consists of a challenge, issued by DEFINITY ECS based on the login
ID that you have just entered, followed by the expected response, which you must
enter. The core of this transaction is a secret key, which is information-possessed
by both the lock (ASG) and the key. Interception of either the challenge or
response during transmission does not compromise the security of the system.
The relevance of the authentication token used to perform the challenge/response
is limited to the current challenge/response exchange (session).
Currently supported keys consist of a hand-held token generating device
(ASG Key). The ASG Key (response generator) device is pre-programmed with
the appropriate secret key to communicate with corresponding Access Security
Gateway protected login IDs on DEFINITY ECS.
For more information on using the ASG Key, see the Access Security Gateway
Key Users Guide, 555-212-012.
Access Security Gateway administration parameters specify whether access to
the system administration or maintenance interface requires ASG authentication.
This security software can be assigned to all system administration maintenance
ports or to a sub-set of those ports. If the port being accessed is not protected by
ASG, the standard DEFINITY login and password procedure will be satisfactory
for the user to enter the system.
For more information about Access Security Gateway and required ASG forms,
see the DEFINITY Enterprise Communications Server (ECS) Release 6.3
Administration and Feature Description manual, 555-230-522.
NOTE:
ASG does not protect login access to a Multiple Application Platform for
DEFINITY (MAPD).