Security

Secure access

Typical server access methods include telnet, Web browser (HTTP), and FTP for file transfers. Each of these mechanisms can support login authentication, but suffer a common weakness. The password that you type during login is sent in clear text, which allows someone with a network monitor/sniffer to capture the password and to gain access. These mechanisms also transmit all the session information in clear text. Some of this information might contain data such as account codes, authorization codes, or other data that might be useful to an attacker.

To overcome these problems, Avaya servers support:

Secure Shell Access (SSH) and Secure Copy (SCP). Provide an access mechanism for terminal access and file copy that encrypt the entire session, including the login sequence, and subsequent data transfer. SCP is the preferred method of transferring files.

Secure WEB access using the Secure Sockets Layer (SSL) with HTTPS. All Web access to an Avaya S8700 and S8300 servers is through a secure connection. Unencrypted Web access is not supported. The Avaya servers also support one-time-passwords for logins through these mechanisms, even though the exchange is already encrypted.

FTP service that is disabled by default. Each time a file is to be transferred to the Avaya server, an administrator must log in and enable the FTP server. The file is then transferred using anonymous FTP, and the FTP server can then be disabled. Using anonymous FTP in this manner avoids the problem of sending passwords in clear text.

Monitoring and alarming

Avaya servers support the following security monitoring and alarming features:

Sessions are automatically disconnected after a period of inactivity.

Accounts are automatically locked out for a period of time as a consequence of consecutive failed login attempts.

Files and directories are monitored and audited by Tripwire, which maintains a cryptographically encoded signature of the files on the system, and generates alarms if any changes occur.

All login sessions, whether successful or not, are logged.

User activity logging.

Security events are alarmable and reported by sending an SNMP trap to one or more destinations.

232 Avaya Application Solutions IP Telephony Deployment Guide

Page 231 Page 233
Page 232
Image 232
Avaya 555-245-600 manual Secure access, Monitoring and alarming
Page 231 Page 233
Top Page Image Contents