User's Manual

ManualsBrandsLucent Technologies ManualsserversLucent Technologies DEFINITY Enterprise Communications Server Release 8.2

421

422

423

424

425

426

427

428

429

430

Table Of Contents

===============================
MAIN MENU
MASTER INDEX
GLOSSARY
===============================
DEFINITY® ECS Release 8.2 Administration for Network Connectivity
Contents
Preface
- Purpose
- Audience
- Issue Status
- Organization
- Terminology
- How to access this book from the web
- How to order more copies
- Tell us what you think
- How to Order Books
- How to Comment on This Book
- Where to Call for Technical Support
- Trademarks
1 Networking Overview
- DEFINITY Switch Connectivity
- IP Softphones
- IP Addressing
2 H.323 Trunks
- Overview
- H.323 Trunk Administration
- Troubleshooting IP Solutions
  - H.323 Trunk Problem Solving
  - IP Softphone Problem Solving
3 C-LAN Administration
- Overview
- Configuration 1: R8r <—ppp—> R8si
- Configuration 2: R7r (+CMS) <—ethernet—> R7csi
- Configuration 3:R8si<—x.25 —> R8r Gateway <—ethernet—> R8si
- Configuration 4: R8csi <—ISDN—> R8si Gateway <—ppp—> R8csi
- Configuration 5A: R8csi <—ppp—> R8r (one C-LAN) <—ethernet—> R8si
- Configuration 5B:R8csi <—ppp—> R8r (2 C-LANs) <—ethernet—> R8si
4 Networking Example
- Overview
  - Network Diagram
  - Task Summary
- Link/Channel/TSC Map
- Network Map
- Switch-Node 1 Administration
- Switch-Node 2 Administration
- Switch-Node 3 Administration
- Switch-Node 4 Administration
- Intuity Translations for DCS AUDIX
- CMS Administration
A Screens Reference
- Networking Screens
- Other Network-Related DEFINITY Screens
- Networking Screens
- Other Networking-Related DEFINITY Screens
B Private Networking
- Contents of this Appendix
- Distributed Communications System
- ISDN Feature Plus
- QSIG
- Centralized Voice Mail Via Mode Code
- Japan TTC Q931-a Private Networking Protocols
C Security Issues
- Network Security Issues
  - Overview
D Capacities and Performance
- Capacities and Resource Requirements
- Performance
E C-LAN Installation
- Overview
- Install the C-LAN Circuit Pack
- Other Hardware Upgrades
F IP Trunk Installation and Administration
- IP Trunk Installation
- IP Trunk Administration
- Procedures for Extension Dialing Between Sites
  - Non-DCS Configuration
- DCS over IP Trunk
- IP Trunk Worksheets
G References
- Basic DEFINITY ECS documents
- Call center documents
- Application-specific documents
Glossary
- A
- B
- C
- D
- E
- F
- G
- H
- I
- L
- M
- N
- O
- P
- Q
- R
- S
- T
- U
- V
- W
- Z
Index
- A
- B
- C
- D
- E
- F
- G
- H
- I
- L
- M
- N
- O
- P
- Q
- R
- S
- T
- U
- V
- W
- Z

403

Administration for Network Connectivity

555-233-504 — Issue 1 — April 2000 CID: 77730

C Security Issues

This Appendix briefly discusses issues related to system security for DEFINITY ECS in a TCP/IP

network environment.

Network Security Issues

This section describes a strategy to ensure the security of an intranet that is connected to DEFINITY

ECS R7 or later systems.

Overview

The TCP/IP connectivity available with Release 7 and later of DEFINITY

ECS makes it possible to connect one or more DEFINITY ECS systems in a

network that includes connections to a company’s existing data network

(LAN or intranet). This integration of networks introduces the possibility of

unauthorized access — to the DEFINITY network through the LAN/intranet

and to the LAN/intranet through the DEFINITY network.

Security concerns

Security can mean many different things. The strategy described here focuses

on three key concerns from a customer perspective:

1 How can a customer network be protected from unauthorized outside access

through a DEFINITY ECS? That is, how can a hacker be prevented from dialing

into a DEFINITY ECS and getting on the customer LAN?

2 How can a customer network be protected from unauthorized access by Lucent

services personnel?

3 How can a DEFINITY ECS be protected from unauthorized access through the

customer LAN?

Security solutions

The first and most important line of defense in any security strategy is access

control. Damage to the network or theft of proprietary information by hackers

can be prevented by completely denying access to unauthorized users.

Access control can be provided by three means:

• network topology

• network administration

• authentication