(A1, A2, B1, and B2). Avoid placing M1 IP address on a PBX core network. For more
information about this recommendation, see
• Avaya: Security Best Practices Checklist, in the Network section at
https://
downloads.avaya.com/css/P8/documents/100070101
• Network Security Agency: Recommended IP Telephony Architecture, at http://
www.nsa.gov/ia/_files/voip/I332-009R-2006.pdf
• National Institute of Standards and Technology (NIST): Security Considerations for Voice
Over IP Systems at http://csrc.nist.gov/publications/nistpubs/800-58/SP800-58-final.pdf
Console and SSH passwords complexity
The Console and SSH passwords must fulfill the following norms:
• Contain at least eight characters.
• Contain at least two uppercase characters, not including the first character of the password.
• Contain at least one lowercase character.
• Contain at least one special character.
• Contain at least two digits, not including the last character of the password.
The Console and SSH passwords do not have a limit on the maximum length and are hashed by
MD5 hash algorithm.
Note:
Password Authentication Module (PAM) enforces password security, and hashes are stored
in: /etc/shadow
Remote access
Secure Access Link
Use Secure Access Link (SAL) for remote access to Avaya SBCE systems in non-IP Office
environments. Register Avaya SBCE for remote access with the customer SAL. For information
about configuring SAL, see Implementing Secure Access Link Gateway.
SSL VPN
When sold with IP Office, use remote access to SSL VPN into IP Office and then use Avaya SBCE.
Register and configure Avaya SBCE and IP Office. For more information, see the job aid titled
ASBCE GRT Registration and Remote Connectivity via IP Office SSL/VPN NAPT, which is available
on
http://support.avaya.com.
Avaya SBCE configuration
66 Deploying Avaya SBCE August 2015
Comments on this document? infodev@avaya.com
To Next Page
Loading...
Need help?
General