Security
192 Avaya Application Solutions IP Telephony Deployment Guide
Secure access
Typical server access methods include telnet, Web browser (HTTP), and FTP for file transfers.
Each of these mechanisms can support login authentication, but suffer a common weakness.
The password that you type during login is sent in clear text, which allows someone with a
network monitor/sniffer to capture the password and to gain access. These mechanisms also
transmit all the session information in clear text. Some of this information might contain data
such as account codes, authorization codes, or other data that might be useful to an attacker.
To overcome these problems, Avaya S8700 and S8300 servers support:
●
Secure Shell Access (SSH) and Secure Copy (SCP). Provide an access mechanism for
terminal access and file copy that encrypt the entire session, including the login sequence,
and subsequent data transfer. SCP is the preferred method of transferring files.
●
Secure WEB access using the Secure Sockets Layer (SSL) with HTTPS. All Web access
to an Avaya S8700 and S8300 servers is through a secure connection. Unencrypted Web
access is not supported. The Avaya servers also support one-time-passwords for logins
through these mechanisms, even though the exchange is already encrypted.
●
FTP service that is disabled by default. Each time a file is to be transferred to the Avaya
server, an administrator must log in and enable the FTP server. The file is then transferred
using anonymous FTP, and the FTP server can then be disabled. Using anonymous FTP
in this manner avoids the problem of sending passwords in clear text.
Monitoring and alarming
Avaya S8700/S8300 Media Servers support the following security monitoring and alarming
features:
●
Sessions are automatically disconnected after a period of inactivity.
●
Accounts are automatically locked out for a period of time as a consequence of
consecutive failed login attempts.
●
Files and directories are monitored and audited by Tripwire, which maintains a
cryptographically encoded signature of the files on the system, and generates alarms if
any changes occur.
●
All login sessions, whether successful or not, are logged.
●
User activity logging.
●
Security events are alarmable and reported by sending an SNMP trap to one or more
destinations.
Содержание Application Solutions
Страница 1: ...Avaya Application Solutions IP Telephony Deployment Guide 555 245 600 Issue 3 4 1 June 2005 ...
Страница 20: ...About This Book 20 Avaya Application Solutions IP Telephony Deployment Guide ...
Страница 21: ...Issue 3 4 1 June 2005 21 Section 1 Avaya Application Solutions product guide ...
Страница 22: ...22 Avaya Application Solutions IP Telephony Deployment Guide ...
Страница 74: ...Avaya Application Solutions platforms 74 Avaya Application Solutions IP Telephony Deployment Guide ...
Страница 106: ...Call processing 106 Avaya Application Solutions IP Telephony Deployment Guide ...
Страница 124: ...Avaya LAN switching products 124 Avaya Application Solutions IP Telephony Deployment Guide ...
Страница 139: ...Issue 3 4 1 June 2005 139 Section 2 Deploying IP Telephony ...
Страница 140: ...140 Avaya Application Solutions IP Telephony Deployment Guide ...
Страница 186: ...Traffic engineering 186 Avaya Application Solutions IP Telephony Deployment Guide ...
Страница 204: ...Security 204 Avaya Application Solutions IP Telephony Deployment Guide ...
Страница 214: ...Voice quality network requirements 214 Avaya Application Solutions IP Telephony Deployment Guide ...
Страница 228: ...Avaya Integrated Management 228 Avaya Application Solutions IP Telephony Deployment Guide ...
Страница 239: ...Reliability Issue 3 4 1 June 2005 239 Figure 69 S8700 Media Server in a high reliability configuration ...
Страница 274: ...Reliability and Recovery 274 Avaya Application Solutions IP Telephony Deployment Guide ...
Страница 275: ...Issue 3 4 1 June 2005 275 Section 3 Getting the IP network ready for telephony ...
Страница 276: ...276 Avaya Application Solutions IP Telephony Deployment Guide ...
Страница 350: ...Implementing Communication Manager on a data network 350 Avaya Application Solutions IP Telephony Deployment Guide ...
Страница 356: ...Network recovery 356 Avaya Application Solutions IP Telephony Deployment Guide ...
Страница 366: ...Network assessment offer 366 Avaya Application Solutions IP Telephony Deployment Guide ...
Страница 367: ...Issue 3 4 1 June 2005 367 Appendixes ...
Страница 368: ...Appendixes 368 Avaya Application Solutions IP Telephony Deployment Guide ...
Страница 394: ...Access list 394 Avaya Application Solutions IP Telephony Deployment Guide ...
Страница 414: ...DHCP TFTP 414 Avaya Application Solutions IP Telephony Deployment Guide ...