Network Requirements

Security

For information about toll fraud, see the DEFINITY®, Avaya Aura Communication Manager, or Avaya Aura Communication Manager Branch documents on the Avaya support Web site. The 1600 Series IP Telephones cannot guarantee resistance to all Denial of Service attacks.

However, there are checks and protections to resist such attacks while maintaining appropriate service to legitimate users.

You also have a variety of optional capabilities to restrict or remove how crucial network information is displayed or used. These capabilities are covered in more detail in Chapter 5: Server Administration.

Support signaling channel encryption while registering, and when registered, with appropriately administered Avaya Media Servers.

Note:

Signaling and audio are not encrypted when unnamed registration is effective.

Restricting the response of the 1600 Series IP Telephones to SNMP queries to only IP addresses on a list you specify.

Specifying an SNMP community string for all SNMP messages the telephone sends.

Restricting dialpad access to Local Administration Procedures, such as specifying IP addresses, with a password.

Removing dialpad access to most Local Administration Procedures.

Restricting the end user’s ability to use a telephone Options application to view network data.

As of Release 1.1, three existing security-related parameters can be administered on the call server and downloaded with encrypted signaling, in addition to unencrypted HTTP or encrypted HTTPS. Those parameters are SNMP community string, SNMP Source IP Addresses, and Craft Access Code (PROCPSWD).

Registration and Authentication

The Avaya Media Server supports using the extension and password to register and authenticate 1600 Series IP Telephones. For more information, see the current version of your call server administration manual.

30 Avaya 1600 Series IP Deskphones Administrator Guide

Page 30
Image 30
Avaya 16-601443, 1600 Series manual Security, Registration and Authentication