Filter
Top Products
Security and Configuration
Issue 1 — December 2002
DEFNETM.PDF — Avaya CT 1.2
2-2
Restricting Administration Permissions
To ensure your environment’s security, it is recommended that you use
multiple-level administration permission to control which users are allowed to
grant administration permissions. For details, see “Controlling SDB Administration
Access” in Chapter 4 of Avaya Computer Telephony, Telephony Services
Administration and Maintenance (NETMANGD.PDF).
Configuring the Tserver for a Secure
LAN Gateway Connection
Although the Avaya CT server can be configured using a single NIC, it is
recommended that you configure the Avaya CT server with dual NICs, as follows.
■ Configure one NIC to communicate with the client LAN (or WAN). This NIC
can be Ethernet (10BaseT, 100BaseT, or 1000BaseT), Token Ring, or Fiber
Distributed Data Interface (FDDI).
■ Configure the second NIC to communicate with the DLG (which could be
either Co-Resident on the MultiVantage server or on the MAPD). The
Co-Resident DLG can use Ethernet 10BaseT or 100BaseT and the MAPD
DLG uses Ethernet 10baseT. This NIC should be on a private isolated
segment.
There should be no IP forwarding on the Avaya CT server — that is, there should
be no IP forwarding between the Network Interface Card (NIC) used for the
DEFINITY LAN Gateway and the NIC used for client access.
Requirements for Dual NIC Configurations
Follow these requirements for the MAPD based DLG or the Co-Resident DLG.
When Connecting via the MAPD DLG
In a dual NIC configuration, the NIC used by the G3PD must be configured as
follows:
■ Ethernet 10BaseT
■ Half duplex
■ IP forwarding disabled
When Connecting via the Co-Resident DLG
In a dual NIC configuration, the NIC card used by the G3PD must be administered
as follows:
■ Ethernet 10BaseT or 100BaseT
■ Half duplex
■ IP forwarding disabled