Avaya 16-601443, 1600 Series Security

Network Requirements

30 Avaya 1600 Series IP Deskphones Administrator Guide

Security

For information about toll fraud, see the DEFINITY®, Avaya Aura Communication Manager, or

Avaya Aura Communication Manager Branch documents on the Avaya support Web site. The

1600 Series IP Telephones cannot guarantee resistance to all Denial of Service attacks.

However, there are checks and protections to resist such attacks while maintaining appropriate

service to legitimate users.

You also have a variety of optional capabilities to restrict or remove how crucial network

information is displayed or used. These capabilities are covered in more detail in

Chapter 5: Server Administration.

●Support signaling channel encryption while registering, and when registered, with

appropriately administered Avaya Media Servers.

Note:

Note: Signaling and audio are not encrypted when unnamed registration is effective.

●Restricting the response of the 1600 Series IP Telephones to SNMP queries to only IP

addresses on a list you specify.

●Specifying an SNMP community string for all SNMP messages the telephone sends.

●Restricting dialpad access to Local Administration Procedures, such as specifying IP

addresses, with a password.

●Removing dialpad access to most Local Administration Procedures.

●Restricting the end user’s ability to use a telephone Options application to view network

data.

As of Release 1.1, three existing security-related parameters can be administered on the call

server and downloaded with encrypted signaling, in addition to unencrypted HTTP or encrypted

HTTPS. Those parameters are SNMP community string, SNMP Source IP Addresses, and

Craft Access Code (PROCPSWD).

Registration and Authentication

The Avaya Media Server supports using the extension and password to register and

authenticate 1600 Series IP Telephones. For more information, see the current version of your

call server administration manual.

Contents

Main Page Contents Chapter 2: Administration Overview and Requirements . . . . . . . . . 11 Chapter 3: Network Requirements . . . . . . . . . . . . . . . . . . . . . 21 Chapter 4: Avaya Aura Communication Manager Administration . . . . 31 Chapter 5: Server Administration . . . . . . . . . . . . . . . . . . . . . 43 Chapter 6: Telephone Software and Application Files . . . . . . . . . . 61 Chapter 7: Administering Telephone Options. . . . . . . . . . . . . . . 67 Page Chapter 1: Introduction About This Guide Document Organization Other Documentation Page Chapter 2: Administration Overview and Requirements 1600 Series IP Telephones Page Page Page Parameter Data Precedence The Administrative Process Administrative Checklist Telephone Initialization Process Step 1: Telephone to Network Step 2: DHCP Server to Telephone Step 3: Telephone and File Server Step 4: Telephone and the Call Server Error Conditions Page Chapter 3: Network Requirements Network Assessment Hardware Requirements Server Requirements DHCP Server HTTP/HTTPS Server Required Network Information Other Network Considerations SNMP Reliability and Performance QoS IEEE 802.1P and 802.1Q Network Audio Quality Display on 1600 Series IP Telephones IP Address Lists and Station Number Portability TCP/UDP Port Utilization Page Page Security Registration and Authentication Chapter 4: Avaya Aura Communication Manager Administration Call Server Requirements Switch Compatibility and Aliasing IP Telephones Page Media Server (Switch) Administration IP Interface and Addresses UDP Port Selection RSVP and RTCP QoS IEEE 802.1P and 802.1Q NAT DIFFSERV Voice Mail Integration 1600 Series IP Telephones with Avaya Aura Communication Manager 5.2 Native Support 1600 Series IP Telephones Aliased as 4600 Series IP Telephones Telephone Administration System-Wide Administration Feature-Related System Parameters Administering Stations Aliasing 1600 Series IP Telephones Administering Features Feature Buttons and Call Appearances For the 1603/1603SW/1603-I/1603SW-I and 1608/1608-I IP Telephones For the 1616/1616-I IP Telephones Conference Details Screen for Ad-Hoc Conferences To enable Conference Details capabilities: Shuffling Printing Button Labels Chapter 5: Server Administration Software Checklist DHCP and File Servers DHCP Server Administration DHCP Generic Setup Page Page Page Windows NT 4.0 DHCP Server Verifying the Installation of the DHCP Server Creating a DHCP Scope for the IP Telephones Editing Custom Options Adding the DHCP Option Activating the Leases Verifying Your Configuration Verify the Default Option, 242 1600OPTION Verify the Scope Option, 242 1600OPTION Verify the Global Option, 242 1600OPTION Windows 2000 DHCP Server Verifying the Installation of the DHCP Server Creating and Configuring a DHCP Scope Page Adding DHCP Options Activating the New Scope HTTP Generic Setup HTTP Configuration for Backup/Restore For IIS Web Servers Page Web Configuration Tool Page Page Chapter 6: Telephone Software and Application Files General Download Process Software 1600 Series IP Telephone Scripts and Application Files Choosing the Right Application File and Upgrade Script File Upgrade Script File Settings File Contents of the Settings File The GROUP System Value Page Chapter 7: Administering Telephone Options Administering Options for the 1600 Series IP Telephones Page Page Page Page Page VLAN Considerations VLAN Tagging VLAN Default Value and Priority Tagging VLAN Separation DNS Addressing IEEE 802.1X 802.1X Pass-Through and Proxy Logoff 802.1X Supplicant Operation Link Layer Discovery Protocol (LLDP) Page Page Page Page Local Administrative Options Using the Telephone Dialpad Clear Procedure Disable/Enable Debug Mode Group Identifier Reset System Values Restart the Telephone Interface Control Page The View Administrative Option Page Page Static Addressing Installation Page Page Disable/Enable Event Logging Logoff Self-Test Procedure Language Selection 1600 Series Global Telephones Page 1600 Series International Telephones Page Page Enhanced Local Dialing Backup/Restore Backup Restore Page Page Chapter 8: Administering Applications and Options Customizing 1600 Series IP Telephone Applications and Options Page Page The Application Status Flag (APPSTAT) Variable parameters for improving audio quality Page Page Page Page Page Page Page Appendix A: Glossary of Terms Page Appendix B: Related Documentation IETF Documents ITU Documents ISO/IEC, ANSI/IEEE Documents Page Page Page Page Page Page Page Page Page Page Page Index Numerical A B C E F G H I P Q R S T V W