Network Security Issues
405
Administration for Network Connectivity
555-233-504 — Issue 1 — April 2000 CID: 77730
C Security Issues
Damage control —
application restrictions
Release 7 provides damage control by what can be termed application restrictions.
This simply means that DEFINITY ECS R7 has been designed to support only
specific applications; that is, DCS and adjuncts. Other applications that could present
security risks have been deliberately disabled. Specifically, there is no support for
telnet or rlogin into or out of a DEFINITY ECS, making it difficult for anyone to
maneuver between the DEFINITY ECS network and the customer network.
Additionally, because of the application restrictions, little damage can be done by
someone attempting to hack into a DEFINITY ECS from the customer network
(concern #3). It would be very difficult, via the network, to modify administration or
perpetrate toll fraud. At worst, a hacker could cause a temporary interruption of DCS,
CMS, or Intuity connections.
In Summary All three security concerns presented above can be addressed by a combination of one
or more of the security methods described here. Probably the two most important
methods to prevent unauthorized access to a network are:
1 Choose a network topology for the DEFINITY ECS network that satisfies
security needs.
2 Carefully administer the DEFINITY ECS network to minimize the possibility of
the LAN or intranet being accessed by unauthorized personnel.