Chapter 6: Security configurations
Security overview
SIP-based Avaya J100 Series IP Phones provides several updated security features. When the
phone is in a locked state, a user can only receive calls or make emergency calls. User logs and
data are protected with the user account.
The following security features are available:
• Supports X509v3–compliant certificates.
• Supports Identity certificate installation using the following methods:
- Enrollment using Simple Certificate Enrollment Protocol (SCEP): Creates a private key
and Certificate Signing Request (CSR) using the SCEP interface.
- Importing key and certificate: Uses an encrypted PKCS#12 file format to import the private
key and certificate.
• Supports Online Certificate Status Protocol (OCSP) for public key management.
• Supports Public Key Infrastructure (PKI) for users that use third-party certificates for all
Avaya services including database.
• Supports VLAN separation mode using system parameter.
• Supports synchronization of system clock at configured intervals using system parameter.
• Supports display of SSH fingerprint in the ADMIN menu.
• Displays version of OpenSSH and OpenSSL in the ADMIN menu.
• Maintains the integrity and goes to out-of-service mode under Denial of Service (DoS) attack.
Important:
The ADMIN menu provides access to certain administrative procedures from the phone. You
must change the default password for the ADMIN menu to restrict users from using the
administrative procedures to change the phone configuration.
Access control and security
Phones provide several security features for control and access. These include:
August 2018
Installing and Administering Avaya J100 series IP Phones in third-party call control
setup
Comments on this document? infodev@avaya.com
87