Chapter 5: Security configuration
Avaya Vantage
™
provides lock and logout functionality for the protection of user privacy. Each user
has their own login and password, so when a user locks Avaya Vantage
™
, other users cannot unlock
the device. When Avaya Vantage
™
is in a locked state, you can receive calls or make emergency
calls. Avaya Vantage
™
restricts access to any user data while in the locked state. As an
administrator, you can enable or disable the locked state using the ENABLE_PHONE_LOCK
Settings file parameter as described in
Phone lock parameters on page 143. The locked state can
also be manually set using Screen lock in the Settings > Security menu.
When a user logs out from Avaya Vantage
™
, the station is available for other users. However, when
another user logs in to the same station, that user cannot access previous user’s data. When a new
user logs in, Avaya Vantage
™
clears the previous user’s personal data and uninstalls all applications
installed by the previous user. However, applications that are installed by the administrator through
the PUSH_APPLICATION parameter in the settings file do not get affected. When the user logs in
again, Avaya Vantage
™
restores the following information:
• User-defined device configuration, such as language settings.
• Application data that is backed up using a personal account, such as a Google
™
account.
For troubleshooting, Avaya Vantage
™
supports the Secure Shell Protocol (SSH) and a secure
mechanism for personnel to log in to the device remotely and perform the required operations in a
secure environment. By default, SSH users do not have root access or access to private user data,
such as:
• Private keys of digital certificates.
• Authentication credentials for SIP, HTTP, 802.1X, and Exchange.
• Contact and call log information.
• Personal browser information, such as bookmarks, URL history, and cookies.
To enable SSH, Avaya Vantage
™
uses the SSH_ALLOWED parameter.
Avaya Vantage
™
does not support non-secure protocols and services, such as FTP, Telnet, TFTP,
rlogin, and rsh. The only exception is support of Android Debug Bridge (ADB). By default, ADB
remains disabled on Avaya Vantage
™
. If ADB is required for Android application development, the
user can enable ADB through the Settings menu on the device. When not required, you may
completely disable the ADB support by setting the ADBSTAT parameter to 0. When ADBSTAT is 0,
users do not get the option to enable ADB through the Settings menu.
To enhance security, Avaya Breeze
™
CSDK applications, such as Avaya Vantage
™
Basic or Avaya
Equinox
®
, support Secure Real-time Transport Protocol (SRTP), which provides confidentiality and
message authentication to media traffic going over the LAN infrastructure. This allows Avaya
May 2018 Installing and Administering Avaya Vantage
™
37
Comments on this document? infodev@avaya.com
To Next Page
Loading...
