HP Media Gateways G250 manual Network security features, Alarms and troubleshooting features

Page 55

Network security features

●ASG authentication for remote service logins. ASG is a challenge-response authentication method that is more secure than password authentication and does not require a static password.

Network security features

The Avaya G250/G350 Media Gateway provides the following network security features:

●Private secure connections can be configured between the G250/G350 and a remote peer, using VPN (Virtual Private Network). VPN at the IP level is deployed using a standards-based set of protocols defined by the IETF called IPSec. IPSec provides privacy, integrity, and authenticity to information transferred across IP networks.

●Access to the G250/G350’s LAN ports is authenticated using the 802.1x protocol. On the G350, you can enable 802.1x on the MM314 and MM316 media modules’ 10/100 Ethernet ports. On the G250, you can enable 802.1x on the eight Ethernet LAN PoE ports located on the G250’s front panel. The 802.1x protocol standard is extended to support an optional mode for authenticating multiple supplicants.

●Protection against DoS (Denial of Service) attacks via:

-MSS notifications. The G250/G350 identifies predefined or custom-defined traffic patterns as suspected DoS attacks and generates SNMP notifications, referred to as Managed Security Services (MSS) notifications. MSS notifications are intercepted and, if certain conditions are met, may be forwarded to the Avaya Security Operations Center (SOC) as INADS alarms. The SOC is an Avaya service group that handles DoS alerts, responding as necessary to any DoS attack or related security issue.

-SYN cookies, which protect against a well-known TCP/IP attack in which a malicious attacker targets a vulnerable device and effectively prevents it from establishing new TCP connections.

Alarms and troubleshooting features

The Avaya G250 and Avaya G350 Media Gateways have extensive features for error detection, alarms, and troubleshooting. Detailed diagnostic information and troubleshooting are provided by software-based solutions accessible by laptops in the field or remotely from an administrator’s computer. Administration for the Avaya G250 and Avaya G350 Media Gateways, 03-300436, provides a comprehensive guide to configuring and using these solutions.

Issue 5 June 2008 55

Image 55

Contents Overview for the Avaya G250 and Avaya G350 Media Gateways Issue 5 JuneAvaya Inc All Rights Reserved About this book Management, Security, Alarms and Troubleshooting Appendix D G350 technical specifications Page Downloading this book Downloading this book and updates from the webAbout this book AudienceTitle Number Related resourcesTechnical assistance Within the USInternational Sending us commentsPage Introduction Avaya G350 Media Gateway Overview FeaturesAvaya G250 Media Gateway Overview WAN Introduction Avaya G250-Analog Media Gateway Chassis G250 physical descriptionAvaya G250-DCP Media Gateway Chassis Console RST Avaya G350 Media Gateway Chassis G350 physical descriptionETH LAN Permitted slots for media modules Media Description Module G350 front panel ports and slotsPermitted slots for media modules Media Description Module Telephony media modules Optional componentsSupported media modules in the G350 Supported media modules Media module DescriptionLAN media modules S8300 serverMM711 analog media module Telephony media modulesMM711 media module MM714 analog media moduleMM714 media module MM716 analog media moduleMM712 DCP media module MM312 DCP media moduleMM717 DCP media module MM720 BRI media module MM710 E1/T1 media moduleMM720 media module MM722 BRI media moduleMM340 E1/T1 WAN media module WAN media modulesMM342 universal serial data WAN media module MM314 LAN media module LAN media modulesMM316 media module MM316 LAN media modulePermitted slots Media module slot configurations in the G350Permitted slots for media modules Media module Combination limitations in the G350 Supported media modules in the G250Page Media gateway services Summary of servicesVoice over IP VoIP Telephones Physical media G350Voice software Outside telephone lines Physical media G250Media Gateway Controllers Supported S8XXX servers Configuring G250/G350 optionsSummary of services MGC management Avaya CM featuresAvaya CM software applications Call center capabilities Additional featuresEmergency Transfer Relay ETR Fax, modem, TTY over IP LAN servicesPhysical media Contact closureVLANs Power over Ethernet PoEPort redundancy WAN servicesRapid Spanning Tree Protocol Rstp Port mirroringMedia modules necessary for each WAN line Avaya G250 and G350 supportWAN features VPN Routing featuresRIP Ospf Page Avaya G250 and Avaya G350 Command Line Interfaces CLI Management, Security, Alarms and TroubleshootingManagement applications Avaya QoS Manager Management access security featuresAvaya G250/G350 Manager and Embedded Web Manager Avaya Integrated ManagementAlarms and troubleshooting features Network security featuresFront panel LEDs Automatic error detectionPacket sniffing Link Layer Discovery Protocol Lldp VoIP debugging using RTP-MIBObject tracking Converged Network Analyzer CNA test plugPage Documentation Page G250 maximum media gateway capacities Appendix a G250 and G350 capacitiesG250 media gateway capacities Description Capacity Comments Miscellaneous G350 maximum media gateway capacities Simultaneous fax transmissions S8300 capacities Quantity Supported S8300 maximum capacitiesPage Avaya IP telephones Appendix B Supported Avaya telephonesAvaya DCP digital telephones Avaya analog telephones G250 specifications Appendix C G250 technical specificationsAvaya G250 Media Gateway specifications Description Value G250 media module specifications G250 power cord specificationsMedia modules Description Value G350 specifications Appendix D G350 technical specificationsAvaya G350 Media Gateway specifications Description Value G350 media module specifications G350 power cord specificationsOther media modules Index DCP WAN WAN features Access control lists