Instruction manual

ManualsBrandsBetter Music Builder ManualsMicrophones and systemsVM-82U G3

211

212

213

214

215

216

217

218

219

220

Voice messaging systems

7-18 Issue 9 May 2003

Trusted server security

A trusted server is a computer or a software application in a domain outside of

NTUITY AUDIX that uses its own login and password to launch a Avaya INTUITY

Messaging Applications Programming Interface (IMAPI) LAN session and access

AUDIX mailboxes. Two examples of trusted servers are:

■ Synchronizer software running on an e-mail server

■ Enhanced List Application (ELA) software running as a server on the

Avaya INTUITY

Trusted servers can access and manipulate an AUDIX message just as the

AUDIX application can do. (See Avaya INTUITY Messaging Solutions

Administration for in-depth discussions and definitions of trusted servers,

domains, and integration of e-mail and other trusted server software with AUDIX.)

Securing a system that allows access from another domain involves a

two-pronged approach. You must consider security from both an internal and an

external perspective. External security involves administration to prevent access

from an unauthorized source, such as a trusted server or trusted server

administrator. Internal security focuses on preventing, or recovering from, damage

if a breach occurs (for example, a virus is transmitted in a message component,

such as an attached software file).

External security for trusted servers. The trusted server is empowered to do

everything to a user mailbox that an AUDIX user can do. You must administer a

password that the trusted server application uses to request a connection to the

AUDIX server. Additionally, to prevent unauthorized access through IMAPI into

your system from an external source, such as a trusted server, you can administer

an IMAPI password that the trusted server must also use when connecting to

AUDIX. This IMAPI password prevents an unauthorized source from starting an

IMAPI session and is used as a secondary layer of security in addition to the

required trusted server password.

While administration of the IMAPI password is optional, it is strongly

recommended. If you choose to administer this password, it is further

recommended that you change it on a regular basis (for example, monthly). (If you

have your administrator’s password set to age automatically, you could use the

system prompt telling you that your password must be changed as a reminder to

change the IMAPI password, as well.)

The two new trusted server screens that have been added for Release 4 are

Trusted-Server Profile and IMAPI-Password. Instructions for their administration

are in the Avaya INTUITY Messaging Solutions Administration manual.