Security Enhancements - Nortel BCM50 2.0 System Overview Manual
Business communications manager
Hide thumbs
Also See for BCM50 2.0:
- Configuration manual (316 pages) ,
- Installation manual (86 pages) ,
- User manual (16 pages)
Table of Contents
Advertisement
26
Chapter 2 System Overview
In enterprise network systems, the SIP feature provides the ability to support private numbering
plans, optimizes the use of network traffic (TAT/TRO/ICCL), and provides support for centralized
voice mail applications (NCRI, MWI) using the SIP messaging protocol. By making these
capabilities available using the SIP protocol, you can begin to transition your network to the latest
standard.
Security enhancements
The following sections describe the security enhancements with BCM50 2.0:
•
"User account access management" on page 26
•
"Secure interface and audit logging" on page 27
User account access management
This feature significantly improves BCM user-account access management by enhancing
password, session and account authentication, and access-management enhancements. These
improvements bring the BCM in alignment with the security enhancements being introduced with
BCM50 and add incremental capabilities.
Password Management and Policy Enhancements include:
•
Minimize the vulnerability of passwords
— Password characteristics are now more stringent (length, criteria)
— Password aging, history and change notification added
— Forced password change on initial login
— Password storage hashing with Secure Hashing Algorithm 1 (SHA1)
Session Management Enhancements minimizes the vulnerability of logged-in sessions for idle
session time-outs.
Account Management includes:
•
Minimize the vulnerability of User IDs
— Automatic disabling of unused accounts
— Set-based admin requires user ID and password
Account User ID Access Privilege Management includes the logged-in user ID session/access
display.
These enhancements to user-account access management provide a secure BCM access
environment, making it difficult for a malicious user to gain access to a BCM. Also, they allow
owners of BCM to enforce secure account-access controls to the BCM to ensure secure BCM
management and increase protection against potential vulnerabilities.
NN40020-200
NN40020-200
Advertisement
Table of Contents
