Filter
Top Products
Avaya Communication Manager and Servers
Issue 6 January 2008 231
Root access
On a Linux system, the highest administrative-access level is called root. Direct logins to
root-level accounts are not permitted on Avaya servers. Administrative access, which requires
root-level permissions, is handled through “proxy” programs that grant specific access to
specific accounts. The ability to obtain full, root-level access is granted only in very special
circumstances. By tightly restricting the root password, Avaya systems are less susceptible to
accidental or malicious system access.
Remote access
Avaya servers have a modem port for remote maintenance access, and for sending
maintenance alarms calls. The server logins that establish this remote connection are separate
from other logins that allow administrative functions. One login account can establish a
connection, and once the link is established, a second login is necessary to administer the
system. The dial-in line can also be restricted to:
● Disallow all incoming calls.
● Allow only one incoming call.
● Allow all incoming calls.
When the interface is set to “allow one incoming call only,” the line is enabled to answer a single
call. As soon as a call arrives, the line is disabled, and must be re-enabled through
administration before another call will be accepted. This feature does not inhibit outgoing alarm
calls, which are needed for maintenance. Normally, the line is disabled for all calls. When a
maintenance activity is needed, the maintenance technician must contact the server
administrator and request that the line be activated. The server administrator must then log in to
the server, and enable the line for one call only. The maintenance technician then calls the
server, performs the necessary maintenance, and disconnects. At this point the line is
automatically disabled again. Enabling the data line for one call only is a good example of a
feature that illustrates the trade-off that is required between security and convenience. Having
the data line disabled provides better security, but during diagnostic activity, when multiple calls
must be made, the server administrator must be called to manually re-enable the line for each
call. In addition, Avaya employs Expert systems technology to contact systems automatically for
monitoring and diagnostics. Disabling the data line disables this technology, which results in
higher maintenance costs, and possibly longer times out of service when a failure does occur.