Front-ending remote access

Last Updated : Sep 08, 2012 |

This method gives authorized external callers a VDN extension to call instead of the remote access extension, which is kept private. The corresponding call vector can then implement a number of security checks before routing callers to the remote access extension. Routing can be done using a route-to number or route-to digits step.

The following advantages are possible using this method:

  • Call Vectoring can introduce a delay before the dial-tone is provided to the caller. Immediate dial-tone is often one criterion searched for by a hacker’s programs when the hacker is trying to break into a system.

  • A recorded announcement declaring that the use of Communication Manager services by unauthorized callers is illegal and that the call is subject to monitoring or recording can be played for the caller.

  • Call Prompting can be used to prompt for a password. In such a case, the call is routed only if there is a match on the password.

  • Use of the remote access extension can be limited to certain times of the day or certain days of the week.

  • Real-time and historical reports on the use of the remote access feature can be accessed from CMS or from BCMS.

  • Different passwords can be used on different days of the week or at different times during the day.

  • Many VDNs that call the remote access extension can be identified. Accordingly, individuals or groups can be given their own VDN with unique passwords, permissions and reports. Any abuse of the system or security leak can then be attributed to an individual or a group.

  • The caller can be routed to a VRU using the converse-on step where more sophisticated security checking, such as speaker recognition, can take place.

  • Anyone failing any of the security checks can be routed to a security VDN that routes the caller to security personnel with a display set or to a VRU. Such a call shows the attempted password on the display. If the call is passed to a VRU, the VDN, the ANI or the prompted digits can be captured. CMS and BCMS reports on this security violation VDN gives information on how often and when security violations occur.