The number (1–15), displayed in the Error Type field, corresponds to the location of the login in the internal login data structure.

The Alt Name field on the alarm report indicates the login ID associated with the security violation and major alarm.

These errors/alarms are associated with a number of failed attempts to access the system management/maintenance interface using an Avaya services login ID that meet or exceed the customer administered threshold parameters. The associated alarm is immediately raised as a major alarm.

The affected login ID will be disabled as a result of detection of the security violation, unless it is the system’s last enabled INADS-type login. The provision to disable a login ID following detection of a security violation involving that login ID is administrable on a login ID basis.

Use enable login to enable a login that has been disabled, and to retire any login security violation alarms associated with the login ID.

To use enable login to enable a login and/or retire alarms, use a login ID with greater service level hierarchy permissions.

Access to enable login is controlled through the Administer Permissions field on the Command Permission Categories screen. Set the Administer Permissions field to y to access enable login.

The Port alarm report field identifies the port where the final invalid login attempt, involving the alarmed login ID, was detected.

The Svc State alarm report field will be set to OUT if the login ID is in the disabled state as a result of detection of a security violation involving the login ID. Once the login ID has been enabled, the field will be set to IN.

The source or reason of the failed login attempts should be identified and the cause corrected prior to re-enabling a login ID and/or retiring any alarms associated with the login ID. The cause may be something as innocuous as the failure of Avaya services automatic login software, to something as insidious as a hacker attempting to gain access to the switch system management interface.