Instruction manual

ManualsBrandsBetter Music Builder ManualsMicrophones and systemsVM-82U G3

231

232

233

234

235

236

237

238

239

240

Communication Manager, MultiVantage Software,

DEFINITY ECS, DEFINITY communications systems,

System 75,and System 85

Issue 9 May 2003

7-33

NOTE:

On AUDIX Voice Power System 2.1.1, mailboxes can be set individually to

“1 minute,” reducing the clean-up that these mailboxes require.

Protecting the CONVERSANT Voice Information

System

This section addresses security issues for the CONVERSANT and INTUITY

CONVERSANT Voice Information Systems. These systems provide a platform

used to build and execute voice response applications that involve network

connections. Poor application design could allow unauthorized calls to be placed

through the VIS.

Two ways to prevent unauthorized use of the CONVERSANT Voice Information

Systems are as follows:

■ Block outbound access to the network at the switch (PBX or central office)

that provides service to the VIS. Blocking outbound access includes

blocking call origination, bridging, and transfer capabilities. This method

does not rely on a secure VIS or robust VIS application design, and can be

done by blocking all outgoing calls or transfer access (using one-way

trunks for T1 or PRI), or by limiting the codes that can be dialed.

■ Monitor the current VIS environment to determine if your application is at

risk. This method should be used when blocking outbound access is

inappropriate (for example, if the application requires outbound features, or

if access to VIS administration is not well-controlled or only provides partial

protection).

Protecting passwords

System administrator passwords follow standard UNIX password conventions.

There are no end-user passwords. See ‘‘Administration / maintenance access’’ on

page 4-4 and ‘‘General security measures’’ on page 4-8 for secure password

guidelines. Also, do the following:

■ Restrict the “root” login to a single individual or to as few individuals as

possible.

■ Do not document any passwords.

■ Always change the “root” password from the default during installation and

change it frequently after installation.

NOTE:

This information applies to remote maintenance board (RMB) access as

well.

See Chapter 14

for information on how to change system administrator

passwords.