Filter
Top Products
Security
232 Avaya Application Solutions IP Telephony Deployment Guide
Secure access
Typical server access methods include telnet, Web browser (HTTP), and FTP for file transfers.
Each of these mechanisms can support login authentication, but suffer a common weakness.
The password that you type during login is sent in clear text, which allows someone with a
network monitor/sniffer to capture the password and to gain access. These mechanisms also
transmit all the session information in clear text. Some of this information might contain data
such as account codes, authorization codes, or other data that might be useful to an attacker.
To overcome these problems, Avaya servers support:
● Secure Shell Access (SSH) and Secure Copy (SCP). Provide an access mechanism for
terminal access and file copy that encrypt the entire session, including the login sequence,
and subsequent data transfer. SCP is the preferred method of transferring files.
● Secure WEB access using the Secure Sockets Layer (SSL) with HTTPS. All Web access
to an Avaya S8700 and S8300 servers is through a secure connection. Unencrypted Web
access is not supported. The Avaya servers also support one-time-passwords for logins
through these mechanisms, even though the exchange is already encrypted.
● FTP service that is disabled by default. Each time a file is to be transferred to the Avaya
server, an administrator must log in and enable the FTP server. The file is then transferred
using anonymous FTP, and the FTP server can then be disabled. Using anonymous FTP
in this manner avoids the problem of sending passwords in clear text.
Monitoring and alarming
Avaya servers support the following security monitoring and alarming features:
● Sessions are automatically disconnected after a period of inactivity.
● Accounts are automatically locked out for a period of time as a consequence of
consecutive failed login attempts.
● Files and directories are monitored and audited by Tripwire, which maintains a
cryptographically encoded signature of the files on the system, and generates alarms if
any changes occur.
● All login sessions, whether successful or not, are logged.
● User activity logging.
● Security events are alarmable and reported by sending an SNMP trap to one or more
destinations.