Avaya

Modular Messaging Help

Home | Search | Site Index
Print | Back | Fwd | Legal | Close

 Getting Started 
 Installation 
 Administration 
 Maintenance 
 Reference 
Home > Getting started > Modular Messaging and security > Private branch exchange security

Private branch exchange security

Private branch exchange (PBX) is an essential component that supports the critical functions of your organization. PBXs provide a wide range of communication features that present opportunities for unauthorized people to exploit. Failure to protect your PBX can expose your organization to toll fraud, theft of proprietary and confidential information, and loss of revenue.

Threats to PBXs include:

  • Theft of service, such as toll fraud

  • Unauthorized disclosure of critical information, such as routing and address data

  • Unauthorized data modification, such as modified billing information or system tables to gain additional services

  • Denial of service (DOS) attacks that prevent the system from performing as intended

  • Traffic analysis by an unauthorized user to observe and misuse call information

Security measures in the PBX must prevent unauthorized users from making fraudulent calls after they access the system. If security restrictions are improperly implemented, incoming calls to your system can be transferred to outgoing facilities. For example, the intruder can configure the system to place a telephone call to a domestic or foreign telephone number.

Topics in this section include:

Improving outbound calling security

When the outcalling feature is enabled, the system notifies subscribers of new messages. Subscribers may want the system to call a long-distance number or a pager number where they can receive this notification. Consider the following options to minimize toll fraud related to outbound calling:

  • Assign the voice ports to a toll-restricted Class of Restriction (COR) that allows calling only within a local area.

  • Add outbound calling numbers to an unrestricted calling list for either Automatic Route Selection (ARS) or Toll Analysis.

  • Do not allow callers to dial specified digits as the initial digits of an invalid mailbox. For example, 9 is configured to request an external line from the PBX, and the caller does not select 9. If the caller dials the invalid mailbox 9004, the caller does not get an external line. By default, all digits must be selected as the initial digits of an invalid mailbox.

  • Enable the Call Me Allowed field for selected subscribers only. Set up or change a Class of Service (COS) for the selected subscribers. Next, assign the COS to individual subscribers.

Fraudulent transfers

After users transfer to a dial tone, they can dial a trunk access code (TAC), feature access code (FAC), or extension number. On unsecured systems, unauthorized users can make fraudulent long-distance calls or request a company employee to transfer them to a long-distance number.

This topic discusses the following types of transfers:

Basic Call Transfer

With Basic Call Transfer, a caller can dial any number that matches the length of a valid extension. For example: An unauthorized caller dials a transfer code and then the first digits of a long-distance telephone number, such as 91809 in a 5-digit plan. The voice mail system passes the numbers to the switch. The switch interprets the first digit (9) as an access code and the following digits as the prefix digit and area code. At this point, the caller enters the remaining digits of the telephone number to complete the call.

You can restrict call transfer to subscribers. The caller cannot make a transfer to an off-premises destination unless the digits entered match an administered subscriber mailbox identifier, for example, 91809.

To maintain the subscriber restriction, do not administer mailboxes that start with the same digits as a valid switch trunk access code. Avaya recommends that all transfers be restricted to subscribers when Basic Call Transfer is used.

Enhanced Call Transfer

With Enhanced Call Transfer, the voice mail system uses a digital control link message to start the transfer. The switch verifies that the requested destination is a valid station in the dial plan. When a caller dials in, the system verifies that the digits entered contain the same number of digits as administered for extension lengths. If call transfer is restricted to subscribers, the voice mail system also verifies that the digits entered match the extension number of an administered subscriber.

With Enhanced Call Transfer, the reason for a transfer is included in the control link message that the voice mail system sends to the switch. A Call Answer call is a call that is redirected to the voice mail system when an extension is busy or does not answer. During a Call Answer call, the voice mail system usually reports the transfer to the switch as redirected. When a caller enters 0, zero, to Escape to Attendant, the switch uses this reason to determine how to proceed with the call. If the reason for the transfer is redirected, the call does not follow the destination coverage path or the call forwarding path. The switch does not redirect a previously redirected call. This restriction might not be acceptable when you want the call to follow the coverage path of the transferred-to station. You can administer Enhanced Call Transfer to allow this type of transfer.

General recommendations

Following are some general security recommendations for PBX configuration, data, and maintenance and administration functions.

Implement the following PBX precautions to enhance the security of the entire system:

  • Route all calls only to their intended authorized destinations.

  • Prevent unauthorized access to, or tampering with, existing connections or conversations.

  • Prevent unauthorized disconnection of calls.

  • Prevent unauthorized observation or manipulation of the subscriber database within the PBX memory.

  • Restrict the use of PBX resources and features to authorized users and subscribers. Permit only authorized users to modify PBX database attributes. The PBX should log all unauthorized and authorized user attempts to do unauthorized functions.

  • Implement identification and authentication procedures for physical access to PBX hardware and software.

  • Maintain an audit trail of all security-related incidents that occur in the switch. Protect the audit information from unauthorized access, changes, or destruction.

  • Control privileged user access to switch functions. Give users access to only the specific functions necessary to perform their duties.

  • Define and control access to system objects, such as software modules, routing tables, and configuration tables.

  • Ensure that the security enforcement software is protected from external interference or tampering.

To protect the security of the PBX, perform the following activities:

  • Ensure that there is a confirmation process for the authorized disclosure or use of the PBX documents. The confirmation process can issue and verify permits and receipts before giving access to the PBX documents.

  • Ensure that the PBX is placed in a physically secure location to ensure protection from damage and unauthorized access.

  • Log all activity that starts on the PBX, and keep a record of this log. The log can include normal daily operational routines, maintenance, and troubleshooting procedures.

  • Perform backups of the system configuration and database regularly. Store the backup files in a secure area. Permit access only to authorized personnel.

  • When you plan to make changes in the PBX switch database or operating system, review the changes. Ensure that the changes are necessary and do not compromise controls and integrity of the switch.

  • Activate exception reports on a periodic basis. The system report identifies any deviations from the normal activity that can indicate errors or unauthorized acts.

  • Block remote maintenance access if you do not need unattended access. Restrict dial-up access to the PBX for maintenance and administration. Password protect the dial-up modem access. Permit users who have access to the PBX to modify only the data that is pertinent to their job functions.

  • Provide strong physical security for the PBX software. Ensure that PBX audit reports are shredded and destroyed properly.

  • Scrutinize and validate all software upgrades. Utility upgrades from remote contractors can give hackers unlimited access.

Emergency tasks

In an emergency such as a fire or natural disaster, complete the following tasks:

  • Shut down the PBX or voice mail system immediately.

  • Change all passwords.

  • Report the problem immediately to your telephony company and your equipment supplier.

  • Advise all staff of the situation.

  • Contact the police or authorities. Prosecutions can deter thieves.

  • Gather evidence about the emergency and its impact on your system.

Top of page

Home | Search | Site Index | Print | Back | Fwd | Legal | Close

©2007 Avaya Inc. All rights reserved. Last modified: