The following security features and practices help guard your system against unauthorized access or privacy violations.
Users logging into the System Administration Tool for the first time are required to change the default password. The password strength and the auto logout timer which automatically terminates the current session after a period of inactivity are both configurable.
If a user fails to log in after a three consecutive attempts, the event is recorded in the maintenance log and the user is locked out of the system.
Changing IP Addresses and Names
When MiVoice Business first boots up, it automatically detects its IP Address and the name programmed into the RTC card. The name is added to the certificate the web server will use for SSL communications. There is also the name " Mitel mn3300 web server".
If the web server is accessed by an URL not matching a DNS or local host filename in the certificate, a warning that the name in the certificate does not match the name of the site is displayed.
Click Yes in the Security Alert window. Once the MiVoice Business web server detects access by a new name, it regenerates the certificate to contain the new name for all subsequent connections. The names are stored in the webs/web/my_names.txt file and preserved across system reboots.
To maintain system security while the system is unattended, leave the Attendant Console in Attendant Absent mode.
In an IP-enabled network, secure connections between IP endpoints is required and can be achieved in the following ways:
Media Signaling Security ensures all messages transmitted over IP are encrypted. For more information about Secure Sockets Layer ( SSL) security, see Media Signaling Security.
Voice Streaming Security ensures all voice packets transmitted over IP are encrypted. For more information about Secure RTP ( SRTP), see Voice Streaming Security.
Disabling/Enabling Voice Encryption
To disable/enable Voice Encryption:
System
Options form
The Voice Encryption Enabled field is set to "Yes" by default.
Click Change.
To disable voice encryption, select "No".
For more information about voice encryption, see Voice Streaming Security.
Voice mail security can be enhanced in a number of ways; for example, you can enforce a complex passcode for a voice mailbox or lock a voice mailbox after three failed login attempts. For more information about methods to enforce voice mail security, see VM Options.
You can enable authentication for Computer Telephone Integration (CTI) applications that interact with the MiVoice Business system. These include MiTAI applications, such as NuPoint VM, MiCollab, MiVCR, and MiCC (for more information, see Shared System Options).