Filter
Top Products
Avaya Communication Manager and Servers
Issue 6 January 2008 229
Avaya Communication
Manager and Servers
This section discusses Avaya’s security designs:
● Built-in Linux security features
● One-time passwords
● Shell access
● Root access
● Remote access
● Secure access
● Monitoring and alarming
● Data encryption
Built-in Linux security features
Proprietary vs. open operating systems
Open operating systems such as Linux or a version of Microsoft Windows are often thought to
be less secure environments compared to proprietary systems. To some extent this is true, but it
is important to understand why Oryx-Pecos, Avaya’s proprietary operating system for its legacy
products, is more secure than an open operating system because it does not support the types
of network connections that converged voice and data network configurations demand. So why
not enhance Oryx-Pecos? Aside from the economic reasons, there is a security paradox: to
make an operating system secure, reveal its inner most secrets. When the operating system
software is publicly available and implemented in varying environments for a wide range of
applications, there are many more eyes looking for security holes. The expertise of the entire
technical community is brought to bear on the problem. Of the major operating systems (Unix,
Linux, Windows), one is not inherently more secure than another. Each has inherent security
flaws. All can be made secure through the application of a good security policy, which includes
proper administration and configuration, and diligent application of vendor updates when
security problems are discovered.
The Linux environment has a security advantage because
● Problems can be identified both by testing (hacking) and by reviewing the source code
itself.
● Security “holes” tend to be fixed more quickly compared to proprietary operating systems.