Registration And Authentication - Avaya one-X 9600 Series Administrator's Manual

Network Requirements
HTTP authentication is supported for backup and restore operations. The authentication
credentials and the realm are stored in reprogrammable non-volatile memory that is not
overwritten if new telephone software is downloaded. The default value of the credentials and
the realm are null, set at manufacture and at any other time that user-specific data is removed
from the telephone or by the local administrative (Craft) CLEAR procedure. If an HTTP backup
or restore operation requires authentication and the realm in the challenge matches the stored
realm, the stored credentials are used to respond to the challenge without prompting the user.
However, if the realms do not match, or if an authentication attempt using the stored credentials
fails, the user is then prompted to input new values for backup/restore credentials. If an HTTP
authentication for a backup or restore operation is successful and if the userid, password or
realm used is different than those currently stored in the telephone, the new value(s) will replace
the currently stored value(s).
You also have a variety of optional capabilities to restrict or remove how crucial network
information is displayed or used. These capabilities are covered in more detail in
Chapter 5: Server
Support signaling channel encryption.
●
Note:
Signaling and audio are not encrypted when unnamed registration is effective.
Note:
Restricting the response of the 9600 Series IP Deskphones to SNMP queries to only IP
●
Addresses on a list you specify.
Specifying an SNMP community string for all SNMP messages the telephone sends.
●
Restricting dialpad access to Local Administration Procedures, such as specifying IP
●
Addresses, with a password.
Restricting dialpad access to Craft Local Procedures to experienced installers and
●
technicians.
Restricting the end user's ability to use a telephone Options application to view network
●
data.
As of Release 2.0, 9600 Series IP Telephones can download and use third-party trusted
●
certificates.
As of Release 1.5, 9600 Series IP Telephones are fully compliant with IETF RFC 1948
●
Defending Against Sequence Number Attacks, May 1996, by S. Bellovin.
As of Release 1.5, three existing security-related parameters can be administered on the
●
call server and downloaded with encrypted signaling, in addition to unencrypted HTTP or
encrypted HTTPS. Those parameters are SNMP community string (SNMPSTRING),
SNMP Source IP Addresses (SNMPADD), and Craft Access Code (PROCPSWD).

Registration and Authentication

Avaya call servers support using the extension and password to register and authenticate 9600
Series IP Deskphones. For more information, see the current version of your call server
administration manual.
34 9600 Series IP Deskphone Administrator Guide Release 6.0
Administration.