Security Violations Summary field descriptions

Last Updated : Apr 23, 2013 |

The table describes the data presented in the Security Violations Summary report.

Name

Description

Counted Since

The last time you cleared the counts and the counts started accumulating again or the time when the system is initialized.

Barrier Codes

The total number of times a user entered a valid or invalid remote access barrier code, and the number of resulting security violations. Barrier codes are used with remote access trunks.

An inexplicable, significant increase in valid barrier code use could indicate the barrier code has been compromised.

A marked increase in this number of invalid codes may indicate someone is attempting to break into your system. If you have just administered a new barrier code, or if a barrier code has expired recently, the barrier code may indicate people are making honest mistakes.

Delete or change the barrier code if you suspect it has been compromised.

Station Security Code Origination/ Total

The number of calls originating from either stations or trunks that generated valid or invalid station security codes, the total number of such calls, and the number of resulting security violations.

A dramatic increase in the number of either valid or invalid attempts may be cause for alarm. The history log displays these alarms if you do not turn off the recording of TTI/PSA events. If usage does not seem legitimate, change the security codes or classes of service or both.

AuthorizationCodes

The number of calls, by origination, that generated valid or invalid authorization codes, the total number of such calls, and the number of resulting security violations. Calls are monitored based on the following origination types:

  • Station

  • Trunk (other than remote access)

  • Remote Access

  • Attd (Attendant)

If valid authorization code usage increases dramatically, the reason might be: Someone obtained valid codes. A number of new, legitimate users have come onto the system.

If invalid authorization code usage increases dramatically, the reason might be : Someone tried breaking into your system. However, a legitimate explanation may be that authorization codes have recently been changed and users are making some honest mistakes. If you suspect authorization codes have been compromised, change them.

Total

Measurements totaled for all the above port types.
Related information
Security Violations Summary report