Nortel Networks – Metro & Enterprise Networks
Symposium Call Center Server 5.0 Security Guide for Windows 2000 Issue 1.00 May 13, 2004 ABSTRACT This guide describes the Symposium Call Center Server R5.0 security model and architecture, and the minimum security settings in Windows 2000 Server for a successful R5.0 installation and operation. The guide also provides security recommendations that customers can adopt to their own security policies and configurations.
NOTICE TO HOLDERS OF PAPER COPIES: Upon receipt of a new issue, destroy the previous issue or mark it “OBSOLETE”.
CONFIDENTIAL INFORMATION: The information contained in this document is the property of Nortel Networks. Except as specifically authorized in writing by Nortel Networks, the holder of this document shall keep all information contained herein confidential and shall protect same in whole or in part from disclosure and dissemination to all third parties.
Trademarks
Nortel Networks Proprietary
Trademarks The following are trademarks of Nortel Networks: Nortel Networks, BNR, ACD, BCS, CallPilot, DMS, DMS-100, DMS-250, DMS-MTX, DMS-SCP, DNC, DPN-100, DVS, DualMode, FastView, Helmsman, M2317, MAP, Symposium, Meridian Digital Centrex (MDC), Meridian, Meridian 1, Meridian Link, Meridian MAX, Meridian NAC, Meridian CCR, Meridian IVR, Meridian Terminal Emulator, MFA, Norstar, PowerTouch, SL-1, SL-100, SuperNode, Telesis, Unity. Action Request System and AR System are trademarks of Remedy Corporation. AMDEK is a trademark of Amdek Corporation. ANSI is a trademark of the American National Standards Institute. ClearCase is a registered trademark and ClearCase MultiSite is a trademark of Rational Software Corporation. Continuus, continuus/CM, and Continuus/PT are trademarks of Continuus Software Corporation. CaseWare/CM, CaseWare/PT, CaseWare, ACCENT, and Amplify Control are registered trademarks of Continuus Software Corporation. Courier is a trademark of Smith-Corona Corporation. CT Connect, CT Media is a registered trademark of Dialogic. Frame, FrameBuilder and FrameMaker are trademarks of Adobe Systems Incorporated. Helvetica and Times are trademarks of Linotype AG or its subsidiaries. InstallShield is a registered trademark of InstallShield Software Corporation. Interleaf is a trademark of Interleaf, Inc. Macintosh, Power Macintosh, and Apple are registered trademarks of Apple Computer, Inc. Mac OS is a trademark of Apple Computer, Inc. Microsoft Windows, Microsoft Word, Microsoft Excel, PowerPoint, Microsoft Project, Microsoft File Extension, and MS-DOS are trademarks of Microsoft Corporation. Novell is a trademark of Novell, Inc. Olecera Chart is a trademark of KL Group Inc. Portable Document Format is a trademark of Adobe Systems Incorporated. PostScript is a trademark of Adobe Systems Incorporated. SYBASE is a trademark of Sybase, Inc. UNIX is a trademark of UNIX System Laboratories. Versatility, Versatility Administrator, Versatility Call Blending, Versatility Campaign Plus, Versatility Insight, Versatility Predictive, Versatility Telesales / Teleservice are trademarks of Versatility Inc. WinRunner, TSL and Context Sensitive are trademarks of Mercury Interactive Corporation.
© 2004 Nortel Networks Corporation
ii
Symposium Call Center Server 5.0 Security Guide for Windows 2000
Issue 1.00
Approvals
Nortel Networks Proprietary
Approvals Prepared By Ronald Chan Support Engineer, Contact Center Technology Support Enterprise Networks, Call Center Technology & Solutions Nortel Networks Corporation
Date
Reviewed and Approved By Rick Medeiros Manager, Contact Center Technology & Dev Support Enterprise Networks, Call Center Technology & Solutions Nortel Networks Corporation
Date
Eugene Garvin Senior Manager, Contact Center Server R&D Enterprise Networks, Call Center Technology & Solutions Nortel Networks Corporation
Date
Issue 1.00
Symposium Call Center Server 5.0 Security Guide for Windows 2000
iii
Revision history
Nortel Networks Proprietary
Revision history Issue Number Issue Date
Type of Review Reason(s) for Issue
Author(s)
0.01 March 16, 2004
Draft copy
Ronald Chan
Initial draft for internal review 0.02 April 27, 2004
Draft copy
Ronald Chan
Updates from internal review 1.00 May 13, 2004
Approval copy
Ronald Chan
Updates from external review Section 2.1 Clarify Windows 2000 Server including both Standard and Advanced Edition Section 4.2 Change web link to SCCS 5.0 product information page
iv
Symposium Call Center Server 5.0 Security Guide for Windows 2000
Issue 1.00
Table of contents
Nortel Networks Proprietary
Table of contents 1
Introduction ........................................................................................................ 1 1.1 1.2 1.3
2
Security Models.................................................................................................. 3 2.1
3
Symposium Call Center Server security architecture ......................................................... 3 2.1.1 Symposium Call Center Server network security layer ......................................... 3 2.1.1.1 Standalone server ........................................................................................... 5 2.1.1.2 Embedded LAN configuration ......................................................................... 5 2.1.1.3 Customer LAN configuration ........................................................................... 5 2.1.1.3.1 Default network binding protocols ............................................................ 5 2.1.1.3.2 Static IP address....................................................................................... 6 2.1.1.3.3 DNS consideration.................................................................................... 6 2.1.1.4 Firewall ............................................................................................................ 6 2.1.2 Symposium Call Center Server server security layer ............................................ 8 2.1.2.1 Windows 2000 Server configuration ............................................................... 8 2.1.2.2 Windows 2000 security settings...................................................................... 9 2.1.2.3 Server configuration ........................................................................................ 9 2.1.3 Symposium Call Center Server application security layer..................................... 9 2.1.3.1 Database access security ............................................................................... 9 2.1.3.2 MAS security server ...................................................................................... 10 2.1.3.3 Remote backup and restore security ............................................................ 10
Default R5.0 server security settings and configuration .............................. 11 3.1
3.2
3.3
4
Purpose............................................................................................................................... 1 Scope.................................................................................................................................. 1 Intended audience .............................................................................................................. 2
Default Windows 2000 Server configuration .................................................................... 11 3.1.1 Default installed Windows 2000 Server components .......................................... 12 3.1.2 Default Windows 2000 services .......................................................................... 16 Default Windows 2000 security settings........................................................................... 26 3.2.1 Default password policy....................................................................................... 27 3.2.2 Default account lockout policy ............................................................................. 28 3.2.3 Default user rights assignments .......................................................................... 28 3.2.4 Default security setting ........................................................................................ 36 3.2.5 Default IP security policy ..................................................................................... 40 3.2.6 Default audit policy .............................................................................................. 41 Default Symposium Call Center Server server configuration ........................................... 42 3.3.1 Default disk partitioning type ............................................................................... 42 3.3.2 Default Windows local users ............................................................................... 42 3.3.3 Default print server and file sharing configuration ............................................... 44 3.3.4 Default Internet access ........................................................................................ 44
Security recommendations ............................................................................. 45 4.1
4.2 4.3 4.4 4.5 4.6 4.7 4.8 4.9 Issue 1.00
Security risk management and policy............................................................................... 45 4.1.1 Risk management................................................................................................ 45 4.1.2 Security policy...................................................................................................... 46 Windows 2000 security patches and hot fixes.................................................................. 46 Windows 2000 user accounts and passwords ................................................................. 47 Anonymous logon ............................................................................................................. 48 Third-party applications .................................................................................................... 48 Anti-virus scanning ........................................................................................................... 50 Internet access ................................................................................................................. 53 E-mail access ................................................................................................................... 53 File and folder sharing ...................................................................................................... 53 Symposium Call Center Server 5.0 Security Guide for Windows 2000
v
Table of contents 4.10 4.11 4.12 4.13 4.14 4.15
Nortel Networks Proprietary
File and folder permission................................................................................................. 53 Encryption ......................................................................................................................... 54 Microsoft Baseline Security Advisor ................................................................................. 55 SNMP Configuration ......................................................................................................... 58 Remote support access .................................................................................................... 58 Symposium Call Center Server backup and restore strategy .......................................... 59
5
Glossary ............................................................................................................ 61
6
References ........................................................................................................ 63
vi
Symposium Call Center Server 5.0 Security Guide for Windows 2000
Issue 1.00
List of figure
Nortel Networks Proprietary
List of figure Figure 1 Symposium Call Center Server Security Architecture.................................................................... 3 Figure 2 Symposium Call Center Server Network Security Layer................................................................ 4
Issue 1.00
Symposium Call Center Server 5.0 Security Guide for Windows 2000
vii
List of tables
Nortel Networks Proprietary
List of tables Table 1 Symposium Call Center Server Default Network Protocols ............................................................ 6 Table 2 Symposium Call Center Server Ports Usage .................................................................................. 7 Table 3 Default Installed Windows 2000 Server Components ................................................................... 12 Table 4 Default Windows 2000 services .................................................................................................... 16 Table 5 Default Password Policy ................................................................................................................ 27 Table 6 Default Account Lockout Policy ..................................................................................................... 28 Table 7 Default User Rights Assignments .................................................................................................. 29 Table 8 Default Security Setting ................................................................................................................. 37 Table 9 Default IP Security Policy .............................................................................................................. 40 Table 10 Default Audit Policy...................................................................................................................... 41 Table 11 Default Symposium Call Center Server Windows Local Users ................................................... 43 Table 12 Symposium Call Center Server File and Folder Permission ....................................................... 54 Table 13 MBSA scanning items and Symposium Call Center Server recommendations .......................... 55
viii
Symposium Call Center Server 5.0 Security Guide for Windows 2000
Issue 1.00
Introduction
1
Introduction
1.1
Purpose
Nortel Networks Proprietary
Server security has become a critical issue in the software industry. It is important for customers to protect all the servers in their network environment (including Symposium Call Center Server) from various security attacks, threats, and vulnerabilities. Since each customer has their own security policies and requirements, it is impossible to present a single Symposium Call Center Server security configuration that will meet all customer needs. This guide describes the basic Symposium Call Center Server R5.0 security model and default security configuration for a successful Symposium Call Center Server R5.0 installation and operation. In addition, this guide includes a set of recommendations for security policies and configuration. Customers can adopt the default and recommended security policies and integrate them with their own security policy for the Symposium Call Center Server R5.0 server.
1.2
Scope This guide covers the security model and guidelines for Symposium Call Center Server R5.0 (both nodal and NCC servers) running the Windows 2000 Server (Standard and Advanced Edition) operating system. It is not intended to be a comprehensive security guide for Windows 2000 Server, nor for the customer network itself. This guide is only applicable to Symposium Call Center Server R5.0 running on Windows 2000 Server (Standard and Advanced Server edition) platform and does not include earlier releases or other Symposium products, such as the regular Symposium Call Center Server Client application R4.0, Symposium Web Client 4.5, Symposium Express Call Center, or Symposium Web Center Portal. The security settings and recommendations in this guide only cover the Symposium Call Center Server R5.0 server running with Windows 2000 Server (or Windows 2000 Advance Server) and do not include other components on the same network (for example, the M1 switch, desktop PC, Symposium Web Client application server etc.), or the actual customer network itself (for example, routers, firewalls etc.) This guide does not include any actual procedures on how to show or change the Windows 2000 Server security settings. It assumes that the reader is familiar with security administration tools, either those supplied by Microsoft (for example, the Microsoft Management Console with appropriate plug-ins), or third-party software that is used to manage the listed security settings for Symposium Call Center Server.
Issue 1.00
Symposium Call Center Server 5.0 Security Guide for Windows 2000
1
Introduction
1.3
Nortel Networks Proprietary
Intended audience
Caution This guide contains sensitive security and configuration settings that a potential hacker can use to exploit the security risks of Symposium Call Center Server. Therefore, you must exercise caution and only release security settings information to people on a need-to-know basis.
This guide is intended to be used by anyone wishing to setup a security policy and configure Symposium Call Center Server R5.0 running on Windows 2000 Server within their own security environment. It assumes that the reader is familiar with all security subjects and features in Windows 2000 Server and in the customer network environment.
2
Symposium Call Center Server 5.0 Security Guide for Windows 2000
Issue 1.00
Security Models
Nortel Networks Proprietary
2
Security Models
2.1
Symposium Call Center Server security architecture The Symposium Call Center Server design incorporates various security features. Different security layers within the customer network, server PC, and the Symposium Call Center Server application provide overall system security. The Symposium Call Center Server security architecture can be divided into the following three major security layers: •
Network security
•
Server security
•
Application security
The relationship between the three security layers is shown in Figure 1.
Symposium Call Center Server network security (customer networks)
Symposium Call Center Server R5.0 server security
Symposium Call Center Server application security
Figure 1 Symposium Call Center Server Security Architecture
2.1.1 Symposium Call Center Server network security layer The Symposium Call Center Server network security layer defines the network environment in which the Symposium Call Center Server R5.0 server should be configured. It also defines where the customer-supplied network firewall should be placed within the customer network to allow the server in Symposium Call Center Server and the Client (Standard Client and Web Client) to operate Issue 1.00
Symposium Call Center Server 5.0 Security Guide for Windows 2000
3
Security Models
Nortel Networks Proprietary
properly. The network security layer protects Symposium Call Center Server from possible security attacks through the customer or external networks. Figure 2 shows an overall Symposium Call Center Server network security layer within a typical customer network environment, including both the regular Symposium Call Center Server Client PC and Symposium Web Client. ELAN Subnet VPN connection for remote support access
Symposium Call Center Server Server
SCCS Standby Server
no rth er te lec on m
Nortel Contivity 1100
Telephone Switch
Nortel Networks Servers Subnet (CLAN)
Firewall/Router Symposium Call Center Server Clients
SCCS Replication Server
NCC Server
Web Client Application Server
Corporate LAN
Web Client Desktops
Figure 2 Symposium Call Center Server Network Security Layer
Since each customer provides their own network and can have different configurations and requirements, it is impossible to provide a single network configuration for Symposium Call Center Server that meets all customer requirements. Therefore, Nortel Networks recommends you review and consider the following Symposium Call Center Server network and configuration settings when implementing your own network security and configuration settings.
4
Symposium Call Center Server 5.0 Security Guide for Windows 2000
Issue 1.00
Security Models
2.1.1.1
Nortel Networks Proprietary
Standalone server
Symposium Call Center Server (nodal and NCC server) is designed as a standalone server (Windows Workgroup) within the network instead of integrating with a Windows Domain. Symposium Call Center Server can coexist with and be located within a Windows Domain, but should not be registered in the domain. By configuring Symposium Call Center Server as a standalone server instead of integrating it with a Windows Domain, you minimize any exposure of the Symposium Call Center Server resources to the network and prevent domain users seeing and logging on to the server. Symposium Call Center Server R5.0 does not require that any Windows Domain users log on to the server and does not need Windows 2000 Active Directory to operate, even though it runs within a Windows 2000 network environment. 2.1.1.2
Embedded LAN configuration
The Embedded LAN (ELAN) is used for the connection between the telephone PBX switch and Symposium Call Center Server. The ELAN carries all call traffic between the Symposium Call Center Server and the telephone switch (Meridian 1, Meridian IE, or CSE 1000). Symposium Call Center Server only requires a TCP/IP connection to the switch on the ELAN. There should not be a firewall between Symposium Call Center Server and the telephone switch. For maximum ELAN call traffic performance and security, Nortel Networks recommends that the ELAN be completely isolated from other subnets, and from the external LAN or WAN within the network. Since the ELAN can also carry other telephone switch related traffic for other Nortel Networks products (for example, OTM), you must take into consideration these additional network configuration and security requirements to configure the ELAN (for example, adding a router/gateway or firewall between the ELAN and other subnets, the LAN or WAN). 2.1.1.3
Customer LAN configuration
Symposium Call Center Server (Nodal or NCC server) and the client PCs (both Symposium Call Center Server Client and Web Client) are connected through the Customer LAN (CLAN). 2.1.1.3.1
Default network binding protocols
The network connection protocol between Symposium Call Center server and the client PCs (both the Symposium Call Center Server Client and the Web Client application server) is based on TCP/IP. The Symposium Call Center Server Network Interface Card (NIC) should have the following default network protocol bindings:
Issue 1.00
Symposium Call Center Server 5.0 Security Guide for Windows 2000
5
Security Models
Nortel Networks Proprietary
Table 1 Symposium Call Center Server Default Network Protocols
Default network protocol
Function
Client for Microsoft Network
Allow Symposium Call Center Server to operate within the Microsoft network environment
File and Printer Sharing for Microsoft Network
Enabled by default. Must be enable for Symposium Call Center Server Remote Database Network Backup & Restore feature to work
Internet Protocol (TCP/IP)
Base network protocol for Symposium Call Center Server
It is the implementation personnel’s responsibility to add additional binding protocols to the NIC, as necessary. 2.1.1.3.2
Static IP address
Symposium Call Center Server operates as a standalone server with a static IP address. The Symposium Call Center Server network interface must not be configured with DHCP. 2.1.1.3.3
DNS consideration
If a Domain Name Service (DNS) is configured and available on the CLAN, then the Symposium Call Center Server network interface should be registered with the specified DNS. If no DNS is available, then disable the DNS configuration in the Symposium Call Center Server network interface to prevent errors and possible performance impacts on the Symposium Call Center Server network connection. 2.1.1.4
Firewall
Symposium Call Center Server operates on two separate Embedded LAN (ELAN) and Customer LAN (CLAN) subnet configurations. The ELAN provides critical call traffic between Symposium Call Center Server and the telephone switch. For maximum network traffic performance and security, it is recommended that the ELAN be completely isolated from other subnets, or external LANs or WANs within the network. No firewall should be placed between Symposium Call Center Server and the telephone switch.
6
Symposium Call Center Server 5.0 Security Guide for Windows 2000
Issue 1.00
Security Models
Nortel Networks Proprietary
The Symposium Call Center Server Client or the Symposium Web Client application server is connected to the Symposium Call Center Server through the CLAN. The Remote Procedure Call (RPC) communication method is used between Symposium Call Center Server and the client PCs (both the Symposium Call Center Server Client and the Web Client application server). Since this communication method requires a large range of dynamic ports, it is not practical to implement a firewall between Symposium Call Center Server and the client PCs by restricting port access. However, you can place an appropriate firewall between the Symposium Web Client application server and the Web Client desktop PCs. In spite of the requirement to open a very large range of ports in a firewall implementation, Nortel Networks acknowledge the fact that many customers have security policy that may requires knowing all ports being used by Symposium Call Center Server application. Table 2 lists all ports used between a Symposium Call Center Server and the Symposium Call Center Client, and between a Symposium Call Center Server and another Symposium Call Center Server or Symposium Call Center Web Client application server. The list does not include other base ports for Windows network connection, for example port 53 for DNS that may be needed in customer network configuration, and these ports should be known and provided by customers. Table 2 Symposium Call Center Server Ports Usage
Issue 1.00
Port Number
Functionality
Port 135
Microsoft Windows RPC Locator Service
Port 137
Microsoft NetBIOS Name Service (needed for SCCS Remote Database Backup & Restore feature if deployed)
Port 138
Microsoft NetBIOS Datagram Service (needed for SCCS Remote Database Backup & Restore feature if deployed)
Port 139
Microsoft NetBIOS Session Service (needed for SCCS Remote Database Backup & Restore feature if deployed)
Port 161
SNMP (needed if SNMP NMS is connected)
Port 162
SNMP Traps (needed if SNMP NMS is connected)
Port 530
Microsoft Windows RPC Courier Service.
Symposium Call Center Server 5.0 Security Guide for Windows 2000
7
Security Models
Nortel Networks Proprietary
Port Number
Functionality (needed if Symposium TAPI server is connected)
Port 1024 to 65535
This is range of ports that can be used by RPC dynamic ports. Note: There are other hard coded ports used by Symposium Call Center Server, however they all fall within the range of that need to be opened for RPC
It is the implementation personnel’s responsibility to provide and implement any firewalls. 2.1.2 Symposium Call Center Server server security layer The Symposium Call Center Server R5.0 server security layer defines the security settings and configuration on the Symposium Call Center Server PC. The server security layer protects the Symposium Call Center Server PC from various security attacks and vulnerabilities. The security layer is implemented through security features included in the Windows 2000 Server operating system and through the appropriate server configuration. The overall server security layer consists of the following main security strategies: •
Windows 2000 Server configuration
•
Windows 2000 security settings
•
Server configuration
2.1.2.1
Windows 2000 Server configuration
The Windows 2000 Server configuration security strategy relies on the default Windows 2000 Server operating system installation and configuration. The default installation and configuration only installs and configures those Windows 2000 components that are required for proper Symposium Call Center Server R5.0 operation. By not installing any unnecessary Windows 2000 components, you minimize the risk of possible security attacks and vulnerabilities through these components. The details of the default Windows 2000 Server configuration are documented in section 3 of this guide. For details installing Windows 2000 Server according to the default Symposium Call Center Server configuration, see the Nortel Networks Symposium Call Center Server Installation and Maintenance Guide for Release 5.0 [1]. 8
Symposium Call Center Server 5.0 Security Guide for Windows 2000
Issue 1.00
Security Models
2.1.2.2
Nortel Networks Proprietary
Windows 2000 security settings
The Windows 2000 security setting strategy includes a set of default security settings and a users policy designed to protect Symposium Call Center Server by minimizing possible unauthorized access and changes to the server. For details, see section 3 of this guide. 2.1.2.3
Server configuration
The server configuration strategy includes a set of default server configuration settings, such as file system type partitioning, file sharing etc., that help minimize the exposure of the server to potential attackers. For details, see section 3 of this guide. 2.1.3 Symposium Call Center Server application security layer The Symposium Call Center Server application security layer includes built-in security functions that protect critical information about the Symposium Call Center Server application, customer call center configuration and statistics from illegal access. The application security layer consists of the following major components: •
database access security
•
MAS security service
•
remote backup and restore security
2.1.3.1
Database access security
Database access security is controlled by the Sybase ASE 12 SQL Server access authorization component. Only authorized database user accounts with correct passwords can access the database through pre-assigned access rights. All critical call center configuration information and customer call statistics are stored in the database. Nortel Networks proprietary information is also stored in the database and can only be accessed by the “system administrator” (SA) account. Details of this account are considered Nortel Networks confidential and, therefore, are not released to any customers. Customers do not need to perform any database access or maintenance operations that require “SA” account access. Instead, customers use other Symposium Call Center Server user accounts to access the database and create custom call statistic reports. Customers can access the database through the pre-defined “sysadmin” account and other Symposium Call Center Server user accounts created by the Symposium Call Center Server administrators or supervisors. The sysadmin account is different from the SA account. Customers can change the passwords for all created Symposium Call Center Server user accounts, including the predefined sysadmin account. In fact, for security purposes, customers must change Issue 1.00
Symposium Call Center Server 5.0 Security Guide for Windows 2000
9
Security Models
Nortel Networks Proprietary
the default password for the sysadmin account when logging on to Symposium Call Center Server for the first time. The database access security model further protects database integrity from unauthorized access and updates by providing pre-defined database views from which customers retrieve database information. 2.1.3.2
MAS security server
The MAS security server is a Symposium Call Center Server service that provides security authentication for the connection between the server in Symposium Call Center Server and Symposium Call Center Server Client PC. The Symposium Call Center Server Client must log on to Symposium Call Center Server through the MAS security service using a valid Symposium Call Center Server user account and password. The MAS security server encrypts and decrypts Symposium Call Center user account passwords using a proprietary algorithm. Symposium Call Center Server user accounts are separate and different from the client PC’s local or network login account, and the server’s local Windows login accounts. The Symposium Call Center Server user account login does not require Windows login on the Symposium Call Center Server, nor does it require Windows Domain Controller or Windows 2000 Active Directory. 2.1.3.3
Remote backup and restore security
Symposium Call Center Server R5.0 supports database backup and restore on a remote network computer within the Symposium Call Center Server standalone server configuration. Procedures are provided to setup the proper local user account on both the remote backup computer and the server in Symposium Call Center Server to ensure that only assigned user accounts and privileges are used for the remote backup and restore. Customers must exercise proper security measures for the shared remote backup folder on the remote computer to prevent unauthorized access to the Symposium Call Center Server backup files. Remote backup and restore configuration procedures are documented in Nortel Networks Symposium Call Center Server Installation and Maintenance Guide for Release 5.0 [1].
10
Symposium Call Center Server 5.0 Security Guide for Windows 2000
Issue 1.00
Default R5.0 server security settings and configurationNortel Networks Proprietary
3
Default R5.0 server security settings and configuration Caution This guide contains sensitive security and configuration settings that a potential hacker could use to exploit the security risks of the Symposium Call Center Server. Therefore, you must exercise caution and only release security settings information to people on a need-to-know basis.
3.1
Default Windows 2000 Server configuration Symposium Call Center Server R5.0 includes a set of recommendations for the installation and configuration of the Windows 2000 Server operating system. When followed, these recommendations provide a security environment that satisfies most typical customer security requirements. To install and configure Windows 2000 Server according to these recommendations, follow the instructions listed in the Nortel Networks Symposium Call Center Server Installation and Maintenance Guide for Release 5.0[1]. The default configuration listed only covers the Windows 2000 Server operating system configuration and does not include any hardware platform-specific configuration or security settings. The Windows 2000 Server configuration and security settings listed in this guide include both the default Symposium Call Center Server settings (as installed when you follow the guidelines documented in Nortel Networks Symposium Call Center Server Installation and Maintenance Guide for Release 5.0 [1]), and the minimum Symposium Call Center Server settings (the minimum setting required for Symposium Call Center Server R5.0 operation). Nortel Networks has verified the default Windows 2000 Server configuration as listed to ensure its compatibility with the proper Symposium Call Center Server installation and operation. Therefore, if you choose to alter the default Windows 2000 Server configuration to meet specific customer requirements, note that Nortel Networks will not have verified the impact of such change on the Symposium Call Center Server installation and operation. Customers who deviate from the recommended default Windows 2000 Server configuration must not change or exceed any of the listed Symposium Call Center Server minimum requirements, and must test their Windows 2000 Server configuration with Symposium Call Center Server R5.0 in a non-production environment before putting the configuration online.
Issue 1.00
Symposium Call Center Server 5.0 Security Guide for Windows 2000
11
Default R5.0 server security settings and configurationNortel Networks Proprietary
3.1.1 Default installed Windows 2000 Server components For proper Symposium Call Center Server R5.0 operation, Nortel Networks recommends installing only the required Windows 2000 Server operating system components. Table 3 lists the default Windows 2000 Server installed components and the minimum component requirements for proper Symposium Call Center Server R5.0 operation. Table 3 Default Installed Windows 2000 Server Components
Windows 2000 component
Windows 2000 sub-component
Default Symposium Call Center Server configuration
Symposium Call Center Server minimum requirement
Accessories and Utilities
Accessibility Wizard
Installed
No dependency
Accessories
Installed
No dependency
Communications
Installed
No dependency
Games
Installed
No dependency
Multimedia
Installed
No dependency
Certificate Service CA
Not installed
No dependency
Certificate Web Enrollment Support
Not installed
No dependency
Installed
No dependency
Common Files
Not installed
No dependency (must not be installed for security and performance consideration)
Documentation
Not installed
No dependency (must not be installed for security and performance
Certificates Service
Indexing Service Internet Information Service (IIS)
12
Symposium Call Center Server 5.0 Security Guide for Windows 2000
Issue 1.00
Default R5.0 server security settings and configurationNortel Networks Proprietary
Windows 2000 component
Issue 1.00
Windows 2000 sub-component
Default Symposium Call Center Server configuration
Symposium Call Center Server minimum requirement consideration)
File Transfer Protocol (FTP) Server
Not installed
No dependency (must not be installed for security and performance consideration)
FrontPage 2000 Server Extension
Not installed
No dependency (must not be installed for security and performance consideration)
Internet Not installed Information Service Snap-In
No dependency (must not be installed for security and performance consideration)
Internet Service Manager (HTML)
Not installed
No dependency (must not be installed for security and performance consideration)
NNTP Service
Not installed
No dependency (must not be installed for security and performance consideration)
SMTP Service
Not installed
No dependency (must not be installed for security and performance
Symposium Call Center Server 5.0 Security Guide for Windows 2000
13
Default R5.0 server security settings and configurationNortel Networks Proprietary
Windows 2000 component
Management and Monitoring Tools
Networking Service
14
Windows 2000 sub-component
Default Symposium Call Center Server configuration
Symposium Call Center Server minimum requirement consideration)
Visual InterDev RAD Remote Development Support
Not installed
No dependency (must not be installed for security and performance consideration)
World Wide Web Server
Not installed
No dependency (must not be installed for security and performance consideration)
Connection Manager Components
Not installed
No dependency (must not be installed for security and performance consideration)
Network Monitor Tools
Not installed
No dependency
Simple Network Management Protocol
Installed
Must be installed for sending Symposium Call Center Server event traps
COM Internet Service Proxy
Not installed
No dependency (must not be installed for security and performance consideration)
Domain Name System (DNS)
Not installed
No dependency (must not be installed for
Symposium Call Center Server 5.0 Security Guide for Windows 2000
Issue 1.00
Default R5.0 server security settings and configurationNortel Networks Proprietary
Windows 2000 component
Issue 1.00
Windows 2000 sub-component
Default Symposium Call Center Server configuration
Symposium Call Center Server minimum requirement security and performance consideration)
Dynamic Host Configuration Protocol (DHCP)
Not installed
Must not be installed
Internet Authentication Service
Not installed
No dependency (must not be installed for security and performance consideration)
QoS Admission Control Service
Not installed
No dependency (must not be installed for security and performance consideration)
Simple TCP/IP Services
Not installed
No dependency (must not be installed for security and performance consideration)
Site Server ILS Services
Not installed
No dependency (must not be installed for security and performance consideration)
Windows Internet Name Service (WINS)
Not installed
No dependency (must not be installed for security and performance consideration)
Symposium Call Center Server 5.0 Security Guide for Windows 2000
15
Default R5.0 server security settings and configurationNortel Networks Proprietary
Windows 2000 component
Windows 2000 sub-component
Default Symposium Call Center Server configuration
Symposium Call Center Server minimum requirement
Other Network File and Print Services
File Service for Macintosh
Not installed
No dependency (must not be installed for security and performance consideration)
Print Service for Macintosh
Not installed
No dependency (must not be installed for security and performance consideration)
Print Service for Unix
Not installed
No dependency (must not be installed for security and performance consideration)
Remote Installation Service
Not installed
No dependency
Remote Storage
Not installed
No dependency
Script Debugger
Installed
No dependency
Terminal Services Client Creator Files
Not installed
No dependency (recommend not to be installed for security and performance consideration)
Not installed
No dependency (recommend not to be installed for security and performance
Enable Terminal Services
16
Symposium Call Center Server 5.0 Security Guide for Windows 2000
Issue 1.00
Default R5.0 server security settings and configurationNortel Networks Proprietary
Windows 2000 component
Windows 2000 sub-component
Default Symposium Call Center Server configuration
Symposium Call Center Server minimum requirement consideration)
Not installed
No dependency (must not be installed for security and performance consideration)
Windows Media Service
Not installed
No dependency
Windows Media Service Admin
Not installed
No dependency
Terminal Service Licensing
Windows Media Services
3.1.2 Default Windows 2000 services When you install Windows 2000, the installation program creates and configures default Windows services that run when the system is started. Table 4 lists the default Windows 2000 services and the minimum service configuration for Symposium Call Center Server if the Windows 2000 Server is installed with the default Windows components (as listed in Table 3). Table 4 Default Windows 2000 services
Issue 1.00
Windows 2000 service
Default Symposium Symposium Call Call Center Server Center Server configuration minimum requirement
Alerter
Automatic
No dependency
Application Management
Manual
No dependency
ASM_Service
Automatic (Disabled for NCC server)
Must be enabled for SCCS except for NCC server (builtin SCCS service)
Symposium Call Center Server 5.0 Security Guide for Windows 2000
17
Default R5.0 server security settings and configurationNortel Networks Proprietary
18
Windows 2000 service
Default Symposium Symposium Call Call Center Server Center Server configuration minimum requirement
AUDIT_Service
Automatic
Must be enabled for SCCS including NCC server (builtin SCCS service)
ClipBook
Manual
No dependency
COM+ Event System
Manual
No dependency
Computer Browser
Automatic
No dependency
DBNotifier_Service
Automatic
Must be enabled for SCCS including NCC server (builtin SCCS service)
DHCP Client
Automatic
No dependency
Distributed File System
Automatic
No dependency
Distributed Link Tracking Client
Automatic
No dependency
Distributed Link Tracking Server
Manual
No dependency
Distributed Transaction Coordinator
Automatic
No dependency
DNS Client
Automatic
Must be enabled for Symposium Call Center Server if the server NIC is DNS enabled
EB_Service
Automatic (Disabled for NCC server)
Must be enabled for SCCS except for NCC server (builtin SCCS service)
ES_Service
Automatic (Disabled for NCC server)
Must be enabled for SCCS except for NCC server (builtin SCCS service)
Symposium Call Center Server 5.0 Security Guide for Windows 2000
Issue 1.00
Default R5.0 server security settings and configurationNortel Networks Proprietary
Issue 1.00
Windows 2000 service
Default Symposium Symposium Call Call Center Server Center Server configuration minimum requirement
Event Log
Automatic
Must be enabled for Symposium Call Center Server
Fax Service
Manual
No dependency
File Replication
Manual
No dependency
HDC_Service
Automatic (Disabled for NCC server)
Must be enabled for SCCS except for NCC server (builtin SCCS service)
HDM_Service
Automatic
Must be enabled for SCCS including NCC server (builtin SCCS service)
Host Application Integration
Automatic (Disabled for NCC server)
Must be enabled for Symposium Call Center Server if Data Integration Wizard is enabled in keycode (built-in SCCS service)
Indexing Service
Manual
No dependency
Internet Connection Sharing
Manual
No dependency
Intersite Messaging
Disabled
No dependency
IPSEC Policy Agent
Automatic
No dependency
IS_Service
Automatic (Disabled for NCC server)
Must be enabled for SCCS except for NCC server (builtin SCCS service)
Kerberos Key Distribution Center
Disabled
No dependency
Licensing Logging Service
Automatic
No dependency
Symposium Call Center Server 5.0 Security Guide for Windows 2000
19
Default R5.0 server security settings and configurationNortel Networks Proprietary
20
Windows 2000 service
Default Symposium Symposium Call Call Center Server Center Server configuration minimum requirement
Logical Disk Manager
Automatic
Must be enabled for Symposium Call Center Server
Logical Disk Manager Administrative Service
Manual
No dependency
MAS Backup/Restore
Automatic
Must be enabled for SCCS including NCC server (builtin SCCS service)
MAS Configuration Manager
Automatic
Must be enabled for SCCS including NCC server (builtin SCCS service)
MAS Event Scheduler
Automatic
Must be enabled for SCCS including NCC server (builtin SCCS service)
MAS Fault Manager
Automatic
Must be enabled for SCCS including NCC server (builtin SCCS service)
MAS LinkHandler Port #2
Automatic
Must be enabled for SCCS including NCC server (builtin SCCS service)
MAS OM Server
Automatic
Must be enabled for SCCS including NCC server (builtin SCCS service)
MAS Security
Automatic
Must be enabled for SCCS including NCC server (builtin SCCS service)
Symposium Call Center Server 5.0 Security Guide for Windows 2000
Issue 1.00
Default R5.0 server security settings and configurationNortel Networks Proprietary
Issue 1.00
Windows 2000 service
Default Symposium Symposium Call Call Center Server Center Server configuration minimum requirement
MAS Service Daemon
Automatic
Must be enabled for SCCS including NCC server (builtin SCCS service)
MAS Service Manager
Automatic
Must be enabled for SCCS including NCC server (builtin SCCS service)
MAS Time Service
Automatic
Must be enabled for SCCS including NCC server (builtin SCCS service)
Messenger
Disabled
No dependency
MLSM_Service
Automatic (Disabled for NCC server)
Must be enabled for SCCS except for NCC server (builtin SCCS service)
NameService
Automatic (Not applicable to NCC server)
Must be enabled for Symposium Call Center Server (built-in SCCS Visibroker service)
NBNM_Service
Automatic
Must be enabled for SCCS including NCC server (builtin SCCS service)
NBTSM_Service
Automatic (Disabled for NCC Server)
Must be enabled for SCCS except for NCC server (builtin SCCS service)
NCCOAM_Service
Disabled (Automatic if it is a NCC server)
Must be disabled for SCCS except for NCC server (built-
Symposium Call Center Server 5.0 Security Guide for Windows 2000
21
Default R5.0 server security settings and configurationNortel Networks Proprietary
22
Windows 2000 service
Default Symposium Symposium Call Call Center Server Center Server configuration minimum requirement in SCCS service)
NDLOAM_Service
Automatic (Disabled for NCC server)
Must be enabled for SCCS except for NCC server (builtin SCCS service)
Net Logon
Manual
No dependency
Net Meeting Remote Desktop Sharing
Manual
No dependency
Network Connections
Manual
No dependency
Network DDE
Manual
No dependency
Network DDE DSDM
Manual
No dependency
NITSM_Service
Automatic (Disabled for NCC server)
Must be enabled for SCCS except for NCC server (builtin SCCS service)
NT LM Security Support Provider
Manual
No dependency
OAM_Service
Automatic
Must be enabled for SCCS including NCC server (builtin SCCS service)
pcAnywhere Host Service
Automatic
Must be enabled for Symposium Call Center Server remote support connection (built-in pcAnywhere service)
Performance Logs and Alerts
Manual
No dependency
Plug and Play
Automatic
No dependency
Print Spooler
Automatic
No dependency
Symposium Call Center Server 5.0 Security Guide for Windows 2000
Issue 1.00
Default R5.0 server security settings and configurationNortel Networks Proprietary
Issue 1.00
Windows 2000 service
Default Symposium Symposium Call Call Center Server Center Server configuration minimum requirement
Protected Storage
Automatic
No dependency
QoS RSVP
Manual
No dependency
RDC_Service
Automatic (Disabled for NCC server)
Must be enabled for SCCS except for NCC server (builtin SCCS service)
Remote Access Auto Communication Manager
Manual
No dependency
Remote Access Connection Manager
Manual
No dependency
Remote Procedure Call (RPC)
Automatic
Must be enabled for Symposium Call Center Server
Remote Procedure Call (RPC) Locator
Manual
Must be enabled for Symposium Call Center Server
Remote Registry Service
Automatic
No dependency
Remote Storage
Automatic
No dependency
Routing and Remote Access
Disabled
No dependency
RSM_Service
Automatic (Disabled for NCC server)
Must be enabled for SCCS except for NCC server (builtin SCCS service)
RunAs Service
Automatic
Must be enabled for Symposium Call Center Server
SDMCA_Service
Automatic (Disabled for NCC server)
Must be enabled for SCCS except for NCC server (builtin SCCS service)
Symposium Call Center Server 5.0 Security Guide for Windows 2000
23
Default R5.0 server security settings and configurationNortel Networks Proprietary
24
Windows 2000 service
Default Symposium Symposium Call Call Center Server Center Server configuration minimum requirement
SDP_Service
Automatic (Disabled for NCC server)
Must be enabled for SCCS except for NCC server (builtin SCCS service)
Security Accounts Manager
Automatic
Must be enabled for Symposium Call Center Server
Server
Automatic
Must be enabled for Symposium Call Center Server
Smart Card
Manual
No dependency
Smart Card Helper
Manual
No dependency
SNMP Service
Automatic
Must be enabled for sending Symposium Call Center Server traps
SNMP Trap Service
Manual
Must be enabled for sending Symposium Call Center Server traps
Sybase BCKServer_
_BS
Automatic
Must be enabled for SCCS including NCC server (builtin Sybase service)
Sybase Manual MONServer__MS
Must be enabled for SCCS including NCC server (builtin Sybase service)
Sybase SQLServer_
Must be enabled for SCCS including NCC server (builtin Sybase service)
Automatic
Symposium Call Center Server 5.0 Security Guide for Windows 2000
Issue 1.00
Default R5.0 server security settings and configurationNortel Networks Proprietary
Issue 1.00
Windows 2000 service
Default Symposium Symposium Call Call Center Server Center Server configuration minimum requirement
Sybase XPServer__XP
Manual
Must be enabled for SCCS including NCC server (builtin Sybase service)
System Event Notification
Automatic
No dependency
Task Scheduler
Automatic
Must be enabled for Symposium Call Center Server
TCP/IP NetBIOS Helper Service
Automatic
Must be enabled for Symposium Call Center Server Remote Network Database Backup & Restore feature to function
Telephony
Manual
No dependency
Telnet
Manual
No dependency
Terminal Service
Disabled
No dependency (recommend Disabled for Symposium Call Center Server)
TFA_Service
Automatic (Disabled for NCC server)
Must be enabled for SCCS except for NCC server (builtin SCCS service)
TFABRIDGE_Service
Automatic (Disabled for NCC server)
Must be enabled for SCCS except for NCC server (builtin SCCS service)
TFE Bridge Connector
Manual (Disabled for NCC server)
Must be enabled for SCCS except for
Symposium Call Center Server 5.0 Security Guide for Windows 2000
25
Default R5.0 server security settings and configurationNortel Networks Proprietary
3.2
Windows 2000 service
Default Symposium Symposium Call Call Center Server Center Server configuration minimum requirement NCC server (builtin SCCS service)
TFE_Service
Automatic (Disabled for NCC server)
Must be enabled for SCCS except for NCC server (builtin SCCS service)
Uninterrupted Power Supply
Manual
No dependency
Utility Manager
Manual
No dependency
VSM_Service
Automatic (Disabled for NCC server)
Must be enabled for SCCS except for NCC server (builtin SCCS service)
Windows Installer
Manual
Must be enabled for Symposium Call Center Server
Windows Management Instrumentation
Manual
No dependency
Windows Management Instrumentation Driver Extension
Manual
No dependency
Windows Time
Manual
No dependency
Workstation
Automatic
Must be enabled for Symposium Call Center Server
Default Windows 2000 security settings The Windows 2000 Server operating system on the Symposium Call Center Server R5.0 server is protected by the Windows 2000 local security policy. Since Symposium Call Center Server R5.0 does not require Active Directory to work, Windows 2000 Group Policies will not be discussed in this guide.
26
Symposium Call Center Server 5.0 Security Guide for Windows 2000
Issue 1.00
Default R5.0 server security settings and configurationNortel Networks Proprietary
As part of Symposium Call Center Server R5.0, Nortel Networks recommends a set of default security settings for the Windows 2000 local security policy that provides a security environment for most typical customer security requirements. Nortel Networks has verified that this default Windows 2000 local security policy is compatible with the proper Symposium Call Center Server installation and operation. Therefore, if you choose to alter the default Windows 2000 security policy (both local and group policy) to meet specific customer security requirements, note that Nortel Networks will not have verified the impact of such a change on the Symposium Call Center Server installation and operation. Customers who deviate from the recommended default Windows 2000 Server security policy (both local and group policy) must not change or exceed any of the listed Symposium Call Center Server minimum requirements, and must test their Windows 2000 Server security policy with Symposium Call Center Server R5.0 in a non-production environment before putting the policy online. 3.2.1 Default password policy Symposium Call Center Server R5.0 recommends the following default password policy (applicable to the installed Windows 2000 user accounts). Table 5 Default Password Policy
Issue 1.00
Policy
Default Windows 2000 setting
Symposium Call Center Server minimum requirement
Enforce password history
0 password remembered
No dependency
Maximum password age
42 days
No dependency
Minimum password age
0 days
No dependency
Minimum password length
0 characters
Must be less than 6 characters for Symposium Call Center Server installation. Password length can be changed after Symposium Call Center Server installation.
Password must meet complexity requirements
Disabled
Disabled for Symposium Call Center Server installation
Store password using
Disabled
No dependency
Symposium Call Center Server 5.0 Security Guide for Windows 2000
27
Default R5.0 server security settings and configurationNortel Networks Proprietary
Policy
Default Windows 2000 setting
reversible encryption for all users in the domain
Symposium Call Center Server minimum requirement (recommend Disabled)
Since the installation of the Symposium Call Center Server application creates additional Windows accounts with default passwords, the Windows 2000 password policy should be in the default setting (as listed in Table 5) before you install Symposium Call Center Server. Customers can change the Windows 2000 password policy as required after the Symposium Call Center Server application, in which case, they must also make appropriate password changes for all local Windows accounts that are created with the Symposium Call Center Server installation. Nortel Networks recommends that all local Windows account passwords (including accounts created by Symposium Call Center Server) be changed from their default values immediately after installing Symposium Call Center Server. 3.2.2 Default account lockout policy Table 6 lists the default account lockout security setting and the minimum requirements for Symposium Call Center Server R5.0. Table 6 Default Account Lockout Policy
Policy
Default Windows 2000 setting
Symposium Call Center Server minimum requirement
Account lockout threshold
0 invalid logon attempts
No dependency
Account lockout duration Not defined
No dependency
Reset account lockout counter after
No dependency
Not defined
3.2.3 Default user rights assignments Table 7 lists the default user rights assignments security setting and the minimum requirements for Symposium Call Center Server R5.0. 28
Symposium Call Center Server 5.0 Security Guide for Windows 2000
Issue 1.00
Default R5.0 server security settings and configurationNortel Networks Proprietary Table 7 Default User Rights Assignments
Policy
Default groups with this policy
Default accounts with this policy
Symposium Call Center Server minimum requirement
Access this computer from the network
NGen System, NGen Distributor, Everyone, Users, Power Users, Backup Operators, Administrator
Administrator, NGenSys, NGenDist, NGenDesign
Must be set for the NGen System, NGen Distributor, and Administrator groups. Must be set for the Administrator, NGenSys, NGenDist, and NGenDesigner accounts.
Act as part of the operating system
NGen System, NGen Design
NGenSys, NGenDesign
Must be set for the NGen System, and NGen Design groups. Must be set for the NGenSys, and NGenDesign accounts.
Add workstations to domain
NGen Distributor
NGenDist, NGenDesign
Must be set for the NGen Distributor group. Must be set for the NGenDist, and NGenDesign accounts.
Back up files and directory
Administrators, Ngen System, Ngen Distributor, Backup Operator
Administrator, NgenSys, NGenDist, NGenDesign
Must be set for the NGen System, NGen Distributor groups. Must be set for the NGenSys,
Issue 1.00
Symposium Call Center Server 5.0 Security Guide for Windows 2000
29
Default R5.0 server security settings and configurationNortel Networks Proprietary
Policy
Default groups with this policy
Default accounts with this policy
Symposium Call Center Server minimum requirement NGenDist, and NGenDesign accounts.
Bypass traverse checking
Administrators, NGen Distributor, Backup Operators, Power Users, Users, Everyone
Administrator, NGenSys, NGenDist, NGenDesign
Must be set for the NGen Distributor group.
NGen Distributor, Administrators, Power Users
Administrator, NGenSys, NGenDist, NGenDesign
Change the system time
Must be set for the NGenSys, NGenDist, and NGenDesign accounts Must be set for the NGen Distributor, and Administrators groups. Must be set for the Administrator, NGenSys, NGenDist, and NGenDesign accounts.
Create a pagefile
Administrators, NGen Design
Administrator, NGenSys, NGenDist, NGenDesign
Must be set for the Administrators, and NGen Design groups. Must be set for the Administrator, NGenSys, NGenDist, and NGenDesign accounts.
Create a token object
30
NGen System, NGen Design
NGenSys
Must be set for the NGen System, and NGen Design groups.
Symposium Call Center Server 5.0 Security Guide for Windows 2000
Issue 1.00
Default R5.0 server security settings and configurationNortel Networks Proprietary
Policy
Default groups with this policy
Default accounts with this policy
Symposium Call Center Server minimum requirement Must be set for the NGenSys account.
Create permanent shared objects
NGen System, NGen Design
NGenSys
Must be set for the NGen System, and NGen Design groups. Must be set for the NGenSys account
Debug programs
Administrators, NGen System, NGen Design
Administrator, NGenSys, NGenDist, NGenDesign
No dependency. If removed, Nortel Networks may request to set it again for diagnosing specific site problem.
Force shutdown from a remote system
Administrators, NGen Design
Administrator, NGenSys, NGenDist, NGenDesign
Must be set for the Administrators, and NGen Design groups. Must be set for the Administrator, NGenSys, NGenDist, and NGenDesign accounts.
Issue 1.00
Generate security audits
NGen Distributor
NGenDist, NGenDesign
No dependency
Increase quotas
Administrators, NGen Distributor
Administrator, NGenSys, NGenDist, NGenDesign
Must be set for the Administrators, and NGen Distrobutor groups.
Symposium Call Center Server 5.0 Security Guide for Windows 2000
31
Default R5.0 server security settings and configurationNortel Networks Proprietary
Policy
Default groups with this policy
Default accounts with this policy
Symposium Call Center Server minimum requirement Must be set for the Administrator, NGenSys, NGenDist, and NGenDesign accounts.
Increase scheduling priority
Administrators, NGen System, NGen Design
Administrator, NGenSys, NGenDist, NGenDesign
Must be set for the Administrators, NGen System, and NGen Design groups. Must be set for the Administrator, NGenSys, NGenDist, and NGenDesign accounts.
Load and unload device drivers
Administrators, NGen System, NGen Design
Administrator, NGenSys, NGenDist, NGenDesign
Must be set for the Administrators, NGen System, and NGen Design groups. Must be set for the Administrator, NGenSys, NGenDist, and NGen Design accounts.
Lock pages in memory
NGen System, NGen Design
NGenSys, NGenDesign
Must be set for the NGen System, and NGen Design groups. Must be set for the NGenSys, and NGenDesign
32
Symposium Call Center Server 5.0 Security Guide for Windows 2000
Issue 1.00
Default R5.0 server security settings and configurationNortel Networks Proprietary
Policy
Default groups with this policy
Default accounts with this policy
Symposium Call Center Server minimum requirement accounts.
Log on as a batch file
NGen System, NGen Distributor
NGenSys, NGenDist, NGenDesign
Must be set for the NGen System, and NGen Distributor groups. Must be set for the NGenSys, NGenDist, and NGenDesign accounts.
Log on as a service
NGen System, NGen Distributor
NGenSys, NGenDist, NGenDesign
Must be set for the NGen System, and NGen Distributor groups. Must be set for the NGenSys, NGenDist, and NGenDesign accounts.
Log on locally
Manage auditing and security log
Administrators, NGen Distributor, TSInternetUser, Guest, Users, Power Users, Backup Operators
Administrator, NGenSys, NGenDist, NGenDesign
Administrators, NGen Distributor
Administrator, NGenSys, NGenDist, NGenDesign
Must be set for the Administrators, and NGen Distributor groups. Must be set for the Administrator, NGenSys, NGenDist, and NGenDesign accounts. Must be set for the Administrators, and NGen Distributor groups. Must be set for the
Issue 1.00
Symposium Call Center Server 5.0 Security Guide for Windows 2000
33
Default R5.0 server security settings and configurationNortel Networks Proprietary
Policy
Default groups with this policy
Default accounts with this policy
Symposium Call Center Server minimum requirement Administrator, NGenSys, NGenDist, and NGenDesign accounts.
Modify firmware environment values
Administrators, NGen System, NGen Design
Administrator, NGenSys, NGenDist, and NGenDesign
Must be set for the Administrators, NGen System, and NGen Design groups. Must be set for the Administrator, NGenSys, NGenDist, and NGenDesign accounts.
Profile single process
Administrators, NGen System, NGen Design, Power Users
Administrator, NGenSys, NGenDist, NGenDesign
Must be set for the Administrators, NGen System, and NGen Design groups. Must be set for the Administrator, NGenSys, NGenDist, and NGenDesign accounts.
Profile system performance
Administrators, NGen System, NGen Design
Administrator, NGenSys, NGenDist, NGenDesign
Must be set for for Administrators, NGen System, and NGen Design groups. Must be set for the Administrator, NGenSys, NGenDist, and
34
Symposium Call Center Server 5.0 Security Guide for Windows 2000
Issue 1.00
Default R5.0 server security settings and configurationNortel Networks Proprietary
Policy
Default groups with this policy
Default accounts with this policy
Symposium Call Center Server minimum requirement NGenDesign accounts.
Remove computer from docking station
Administrators, Users, Power Users
Administrator, NGenSys, NGenDist, NGenDesign
No dependency
NGenSys, NGenDesign
Must be set for the NGen System groups.
Replace a process NGen System, level token NGen Design
Must be set for the NgenSys accounts. Restore files and directories
Administrators, NGen System, NGen Dsitributor, Backup Operators
Administrator, NGenSys, NGenDist, and NGenDesign
Must be set for the Administrators, NGen System, and NGen Distributor groups. Must be set for the Administrator, NGenSys, NGenDist, and NGenDesign accounts.
Shut down the system
Administrators, NGen Distributor, Backup Operators, Power Users
Administrator, NGenSys, NGenDist, NGenDesign
Must be set for the Administrators, and NGen Distributor groups. Must be set for the Administrator, NGenSys, NGenDist, and NGenDesign accounts
Take ownership of files or other Issue 1.00
Administrators, NGen Distributor
Administrator, NGenSys,
Must be set for the Administrators,
Symposium Call Center Server 5.0 Security Guide for Windows 2000
35
Default R5.0 server security settings and configurationNortel Networks Proprietary
Policy
Default groups with this policy
objects
Default accounts with this policy
NGenDist, NGenDesign
Symposium Call Center Server minimum requirement and NGen Distributor groups. Must be set for the Administrator, NGenSys, NGenDist, and NGenDesign accounts.
Deny access to this computer from the network
Not defined
Not defined
No dependency
Deny logon as a batch job
Not defined
Not defined
No dependency
Deny logon as a service
Not defined
Not defined
No dependency
Deny logon locally
Not defined
Not defined
No dependency
Enable computer Not defined and user accounts to be trusted for delegation
Not defined
No dependency
3.2.4 Default security setting Table 8 lists the default security setting and minimum requirements for Symposium Call Center Server R5.0.
36
Symposium Call Center Server 5.0 Security Guide for Windows 2000
Issue 1.00
Default R5.0 server security settings and configurationNortel Networks Proprietary Table 8 Default Security Setting
Issue 1.00
Policy
Default Windows 2000 setting
Symposium Call Center Server minimum requirement
Number of previous logons to cache (in case domain controller is not available)
10 logons
No dependency
Prompt user to change 14 days password before expiration
No dependency
Amount of idle time required before disconnecting session
15 minutes
No dependency
Allowed to eject removal NTFS media
Administrator
No dependency
Allow system to be shut down without having to log on
Disabled
No dependency (recommend Disabled)
Audit the access of global system objects
Disabled
No dependency
Audit use of Backup and Restore privilege
Disabled
No dependency
Clear virtual memory pagefile when system shutdown
Disabled
No dependency
Digitally sign client communication (always)
Disabled
No dependency
Digitally sign server communication (always)
Disabled
No dependency (recommend Disabled)
Digitally sign server communication (when possible)
Disabled
No dependency (recommend Disabled)
Disable CTRL+ALT+DEL Disabled requirement for logon
No dependency (recommend Disabled)
Symposium Call Center Server 5.0 Security Guide for Windows 2000
37
Default R5.0 server security settings and configurationNortel Networks Proprietary
38
Policy
Default Windows 2000 setting
Symposium Call Center Server minimum requirement
Do not display last user name in logon session
Disabled
No dependency
Prevent system maintenance of computer account password
Disabled
No dependency (recommend Disabled)
Recovery Console: Allow automatic administrative logon
Disabled
No dependency
Recovery Console: Allow floppy copy and access to all drives and all folders
Disabled
No dependency
Restrict CD-ROM access to locally logged-on user only
Disabled
No dependency
Restrict floppy access to locally logged-on user only
Disabled
No dependency
Secure channel: Digitally encrypt or sign secure channel data (always)
Disabled
No dependency
Secure channel: Require strong (Windows 2000 or later) session key
Disabled
No dependency
Send unencrypted password to connect to third party SMB servers
Disabled
No dependency
Shut down system immediately if unable to log security audits
Disabled
No dependency (recommend Disabled)
Automatically log off users when logon time expires (local)
Enabled
No dependency (recommend Enabled)
Symposium Call Center Server 5.0 Security Guide for Windows 2000
Issue 1.00
Default R5.0 server security settings and configurationNortel Networks Proprietary
Issue 1.00
Policy
Default Windows 2000 setting
Symposium Call Center Server minimum requirement
Digitally sign client communication (when possible)
Enabled
No dependency
Prevent users from installing printer driver
Enabled
No dependency (recommend Enabled)
Secure channel: Digitally encrypt secure channel data (when possible)
Enabled
No dependency
Secure channel: Digitally sign secure channel data (when possible)
Enabled
No dependency
Strengthen default permissions of global system objects (e.g. Symbolic Links)
Enabled
No dependency
Smart card removal behavior
No Action
No dependency
Additional restrictions for anonymous connections
None. Rely on default permissions
No dependency
Allow server operators to schedule task (domain controllers only)
Not defined
No dependency (recommend Not defined)
Rename administrator account
Not defined
No dependency (recommend Not d1efined for Symposium Call Center Server installation)
Rename guest account
Not defined
No dependency
Unsigned driver installation behavior
Not defined
No dependency
Unsigned non-driver installation behavior
Not defined
No dependency
Symposium Call Center Server 5.0 Security Guide for Windows 2000
39
Default R5.0 server security settings and configurationNortel Networks Proprietary
Policy
Default Windows 2000 setting
Symposium Call Center Server minimum requirement
LAN Manager Authentication Level
Send LM & NTLM responses
No dependency (recommend remain in default setting)
Message text for users attempting to log on
On
No dependency
Message title for users attempting to log on
On
No dependency
3.2.5 Default IP security policy Table 9 lists the default IP security policies assigned and the minimum requirements for Symposium Call Center Server R5.0. Table 9 Default IP Security Policy
40
Name
Description
Default policy assigned
Symposium Call Center Server minimum requirement
Client (Respond Only)
Communicate normally No (unsecured). Use the default response rule to negotiate with servers that request security. Only the requested protocol and port traffic with that service is secured.
No dependency (recommend No)
Secure Server (Require Security)
For all IP traffic, always require security using Kerberos trust. Do NOT allow unsecured communication with untrusted clients.
No
No dependency (recommend No)
Server (Request Security)
For all IP traffic, always request security using Kerberos trust. Allow unsecured communication with clients that do not respond to
No
No dependency (recommend No)
Symposium Call Center Server 5.0 Security Guide for Windows 2000
Issue 1.00
Default R5.0 server security settings and configurationNortel Networks Proprietary
Name
Description
Default policy assigned
Symposium Call Center Server minimum requirement
request
3.2.6 Default audit policy Table 10 lists the default Windows 2000 audit policies and minimum requirements for Symposium Call Center Server R5.0. Table 10 Default Audit Policy
Issue 1.00
Policy
Default Windows 2000 setting
Symposium Call Center Server minimum requirement
Audit account logon events
No auditing
No dependency
Audit directory service access
No auditing
No dependency (recommend No Auditing to maximize Symposium Call Center Server performance)
Audit process tracking
No auditing
No dependency (recommend No Auditing to maximize Symposium Call Center Server performance)
Audit account management
No auditing
No dependency
Audit policy change
No auditing
No dependency
Audit privilege use
No auditing
No dependency
Audit object access
No auditing
No dependency (recommend No Auditing to maximize Symposium Call Center Server
Symposium Call Center Server 5.0 Security Guide for Windows 2000
41
Default R5.0 server security settings and configurationNortel Networks Proprietary
3.3
Policy
Default Windows 2000 setting
Symposium Call Center Server minimum requirement performance)
Audit logon events
No auditing
No dependency
Audit system events
No auditing
No dependency (recommend No Auditing to maximize Symposium Call Center Server performance)
Default Symposium Call Center Server server configuration Nortel Networks recommends a default configuration for the Symposium Call Center Server R5.0 server that provides additional security for the server. Nortel Networks has verified the default configuration as listed to ensure its compatibility with the proper Symposium Call Center Server installation and operation. Therefore, if you choose to alter the default server configuration to meet specific customer requirements, note that Nortel Networks will not have verified the impact of such a change on the Symposium Call Center Server installation and configuration. Customers who deviate from the recommended default server configuration must not change or exceed any listed Symposium Call Center Server minimum requirements, and must test their server configuration with Symposium Call Center Server R5.0 in a non-production environment before putting the server online. 3.3.1 Default disk partitioning type Symposium Call Center Server R5.0 supports Windows NTFS disk partitioning only. Windows NTFS provides additional security for server files. Symposium Call Center Server R5.0 requires that all disk partitions be NTFS. 3.3.2 Default Windows local users Symposium Call Center Server R5.0 installs three additional Windows 2000 local users during the Symposium Call Center Server software installation. Table 11 lists the three default Symposium Call Center Server Windows local users and how the accounts are used.
42
Symposium Call Center Server 5.0 Security Guide for Windows 2000
Issue 1.00
Default R5.0 server security settings and configurationNortel Networks Proprietary Table 11 Default Symposium Call Center Server Windows Local Users
Default Symposium Call Center Server Windows local user
Used for
Symposium Call Center Server minimum requirement
NGenSys
Used by customer to log in to Symposium Call Center Server for regular server maintenance (for example, PEP/SU installation etc.).
Must not be removed or renamed from Windows
NGenDist
Used by distribution channels and support personnel to log in to Symposium Call Center Server for maintenance and supports (for example, remote support login).
Must not be removed from Windows
NGenDesign
Used by Nortel Networks to Must not be removed log in to Symposium Call from Windows Center Server. This account is reserved for Nortel Networks usage only.
Since the Symposium Call Center Server application has a dependency on the NGenSys account, this account name must not be changed. Customers can change the account names for NGenDist and NGenDesign after the Symposium Call Center Server installation, but this will prevent distribution channels and Nortel support groups from using the default account names to perform Symposium Call Center Server maintenance or support. All three default Symposium Call Center Server Windows local users are initially created with default passwords. Customers are encouraged to change the default passwords after successful Symposium Call Center Server installation. Procedures for changing the passwords for these default accounts are documented in the Nortel Networks Symposium Call Center Server Installation and Maintenance Guide for Release 5.0[1].
Issue 1.00
Symposium Call Center Server 5.0 Security Guide for Windows 2000
43
Default R5.0 server security settings and configurationNortel Networks Proprietary
3.3.3 Default print server and file sharing configuration The Symposium Call Center Server R5.0 default network setting enables Print Server and File Sharing in the installed protocol stack, but the Symposium Call Center Server configuration does not include a default print server or a shared network folder or file. It is a Symposium Call Center Server R5.0 minimum requirement that no print server be configured on the Symposium Call Center Server R5.0 server. For security reasons, Nortel Networks recommends that customers do not share any Symposium Call Center Server folders or files over the network. In addition, Nortel Networks recommends that only the local Administrator and Symposium Call Center Server default Windows users be granted write access to Symposium Call Center Server folders. If customers need to download any Symposium Call Center Server files (for example, PEPs or SUs), then Nortel Networks recommends that they download them to a remote computer instead of directly to the Symposium Call Center Server. After downloading the file to the remote computer, the customer can then share it with the server in the Symposium Call Center Server over the network. 3.3.4 Default Internet access By default, Windows 2000 automatically includes a version of Internet Explorer that you can configure and use for Internet access. However, since Symposium Call Center Server does not require an Internet connection, it is a Symposium Call Center Server R5.0 minimum requirement that the Internet connection remain unconfigured. Nortel Networks stipulates that there should be no Internet or Intranet access directly from the Symposium Call Center Server R5.0 server. Failure to meet this requirement may expose the server to severe security risks.
44
Symposium Call Center Server 5.0 Security Guide for Windows 2000
Issue 1.00
Security recommendations
4
Nortel Networks Proprietary
Security recommendations This section includes recommended security practices for Symposium Call Center Server R5.0. Nortel Networks recommends that customers consider these suggestions when deciding on their own security policies and practices. This section is not intended to list security settings that meet specific customer requirements. Customers should review their security requirements and compare them with the default and minimum Symposium Call Center Server security settings and configuration (listed in section 3 of this guide), together with the security recommendations listed in this section, before deciding on the appropriate overall Symposium Call Center Server security configuration. The following security recommendations are not intended to be a comprehensive security guideline for all security-related issues that customers might need to consider. These security recommendations are only intended to be used as guidelines when planning and implementing the proper Symposium Call Center Server R5.0 security policies and practices within your specific environment and according to your security requirements.
4.1
Security risk management and policy Security threats are increasing constantly, and it is a high priority for all organizations to secure all resources on the network, including Symposium Call Center Server. There is no such thing as a completely secure Symposium Call Center Server that fully meets all the different customer security requirements. To secure Symposium Call Center Server, you must provide your own appropriate security risk management and policy plan. Symposium Call Center Server R5.0 comes with a set of default security settings that meet most common security protection requirements. Nortel Networks has verified the default Windows 2000 Server configuration as listed to ensure its compatibility with the proper Symposium Call Center Server installation and operation. Therefore, if you choose to alter the default Windows 2000 Server operating system configuration to meet specific customer requirements, note that Nortel Networks will not have verified the impact of such a change on the Symposium Call Center Server installation and configuration. Customers who deviate from the recommended Windows 2000 Server configuration (as listed in section 3 of this guide), and must test their Windows 2000 Server configuration with Symposium Call Center Server R5.0 in a non-production environment before putting the configuration online. 4.1.1 Risk management To provide a proper secure environment, you must examine your environment and assess the risks you currently face, determine an acceptable level of risk, and maintain the risk at or below acceptable level. Risk can be reduced by increasing
Issue 1.00
Symposium Call Center Server 5.0 Security Guide for Windows 2000
45
Security recommendations
Nortel Networks Proprietary
the security of your server and environment. As a general rule, the higher the level of security, the more costly the risk management policy is to implement and the more likely that reductions in functionality will occur. You must review the required security level and determine how it might impact Symposium Call Center Server. 4.1.2 Security policy The security policy defines the procedures for configuring and managing security in your environment. Organizations may have a predefined general server security policy that can conflict with the Symposium Call Center Server default setting. You must review your security policy and determine how it can be implemented with Symposium Call Center Server. Since Symposium Call Center Server is designed as a special real-time call processing platform instead of a general purpose IT server, certain IT server security policies may not be compatible with Symposium Call Center Server. In this case, you may need to relax your security settings to meet the Symposium Call Center Server minimum requirements. If you have additional local security policy changes for the Symposium Call Center Server, then you must apply the additional security policy after you install Symposium Call Center Server to minimize any possible conflict with the default setting that are made during installation.
4.2
Windows 2000 security patches and hot fixes Microsoft constantly identifies new Windows 2000 security vulnerabilities. Nortel Networks will monitor and validate newly issued Windows 2000 service packs, security patches and hot-fixes that are applicable to Symposium Call Center Server R5.0. The list of applicable Microsoft service packs and security hot-fixes is documented in the Symposium Products Service Packs Compatibility and Security Hotfixes Applicability List that is available on Nortel Networks Partner Information Center Web site: https://app12.nortelnetworks.com/cgibin/mynn/home/NN_prodDoc.jsp?BkMg=0&prodID=45280&progSrcID=8026&whereClause=23&curOid=12460 Nortel Networks will occasionally issue security bulletins to warn customers of critical security issues and provide recommended actions. Customers should apply all recommended security actions from Nortel Networks at the earliest possible time. Customers are encouraged to install the latest available Windows 2000 service packs that have been validated by Nortel Networks. You should schedule regular reviews of your configuration and apply the latest available Windows 2000 service pack as part of your security risk management plan.
46
Symposium Call Center Server 5.0 Security Guide for Windows 2000
Issue 1.00
Security recommendations
Nortel Networks Proprietary
Given the number of operating system security patches and the complexity inherent in any network, Nortel Networks recommends that you create a systematic and accountable process for identifying and applying security patches. To help create such a process, you can follow a series of best practices guidelines, as documented in the National Institute of Standards and Technology (NIST) Special Bulletin 800-40, Procedures for Handling a Security Patches. This bulletin suggests that if an organization does not have a centralized group to coordinate the storage, evaluation, and chronicling of security patches into a library, then system administrators or the contact center administrator must fulfill this role. In addition to these guidelines, whenever possible, Nortel Networks recommends that you follow Microsoft's recommendations regarding newly discovered vulnerabilities and that you promptly install any security patches issued by Microsoft. Whenever possible, Nortel Networks incorporates the latest OS security recommendations and patches in an integrated solutions testing strategy during each test cycle. However, due to the urgent nature of security patches when vulnerabilities are discovered, Nortel Networks recommends that customers follow Microsoft's guidelines as they are issued, including any Microsoft installation procedures and security patch rollback processes that may be in place. Finally, you must make a full system backup before patching the system to ensure that a rollback is possible, if required.
4.3
Windows 2000 user accounts and passwords Symposium Call Center Server R5.0 installs three default Windows 2000 local user accounts (NGenSys, NGenDist, and NGenDesign) with default passwords. The initial Symposium Call Center Server Windows account passwords include six characters (or less). To prevent Symposium Call Center Server software installation errors, you must ensure that the minimum password length in the Windows 2000 security policy does not exceed six characters before you install the software. You can change the password length and apply any additional changes to the account and password security policy after you install Symposium Call Center Server. If you increase the password length, you must also make the corresponding change to the passwords for the default Symposium Call Center Server Windows local user accounts. All three default Symposium Call Center Server Windows local user accounts are created for a specific purpose. You must not change the account name for the NGenSys account. You may change the account names for NGenDist and NGenDesign. However, if you do so, you must provide these new account names to the Distributor/Nortel Networks Support personnel or they will not be able to use these default accounts to access the server remotely. If you change any of the default Symposium Call Center Server Windows local user account names, the
Issue 1.00
Symposium Call Center Server 5.0 Security Guide for Windows 2000
47
Security recommendations
Nortel Networks Proprietary
changed accounts will not be removed by the Symposium Call Center Server R5.0 software uninstall program, and instead must be removed manually. For security reasons, customers are encouraged to change the passwords for these default accounts upon successful Symposium Call Center Server installation. If you change the password for the “NGenSys” account, then you must also update the Symposium Call Center Server Backup and Restore service password (refer to the Nortel Networks Symposium Call Center Server Installation & Maintenance Guide for Release 5.0[1] for the password change procedures). You must not add any additional Windows 2000 user accounts to Symposium Call Center Server (except the account for the R5.0 Remote Database Backup and Restore feature). With the exception of the Administrator account, other default Windows 2000 accounts (for example, Guest) can be disabled or removed to increase the security of the server. If you change the default Administrator account name, it has no impact on the normal operation of the Symposium Call Center Server R5.0 server. However, it will cause the Platform Vendor Independence Check (PVI Check) utility to notify you that an invalid administrator account is being used. Therefore, Nortel Networks recommends that you change the Administrator account name only after you install the Symposium Call Center Server R5.0 software.
4.4
Anonymous logon The Windows 2000 Server default installation allows you to log on remotely as “Anonymous,” a feature that can expose some server information. Since Symposium Call Center Server R5.0 does not require an Anonymous logon, Nortel Networks recommends that you disable the Anonymous logon by changing the Additional restriction for anonymous connections security policy to No access without explicit anonymous permission, or changing the “HKLM/SYSTEM/CurrentControlSet/Control/LSA/RestrictAnonymous” registry key value from the default value of “0” to “2”.
4.5
Third-party applications Due to the mission-critical, real-time processing performed by Symposium Call Center Server, Nortel Networks stipulates that no other “application” class software be installed on the server, but that certain “utility” class software may be installed, providing that it conforms to the guidelines listed below. •
48
“Application” class software generally requires a certain amount of system resources and is not to be installed on the Symposium Call Center Server. The addition of third-party applications may cause a real-time system, such as Symposium Call Center Server, to operate outside of the known engineering limits and hence create potential unknown system problems (for example, CPU contentions, increased network traffic loading, disk access degradations, etc.)
Symposium Call Center Server 5.0 Security Guide for Windows 2000
Issue 1.00
Security recommendations
•
Nortel Networks Proprietary
Certain third-party “utility” class software applications, such as hardware diagnostics or backup tools, generally require less system resources during the normal operations of Symposium Call Center Server and are, therefore, permitted. Exceptions are utilities that may cause system problems and degrade performance, such as screen savers. Anti-virus software is classed as a utility and is subject to the generic guidelines below, as well as to a specific series of recommendations detailed further in this guide.
Note: Third party backup software can only be used for offline full backups. The database backup must be performed using the utility provided by Symposium Call Center Server due to proprietary functions called upon during the backup routine. Guidelines for “utility” implementations 1. During run-time, the utility must not degrade the Symposium Call Center Server system beyond an average 50 percent CPU utilization. Furthermore, the utility must not lower the minimum amount of free hard disk space required by Symposium Call Center Server and the Windows operating system. 2. The utility must not cause any improper software shutdowns or out of sequence shutdowns. 3. The utility must not administer the Symposium Call Center Server software. 4. If the utility has its own database, it must not impact the Symposium Sybase database. 5. A Disk Compression utility must not be used. 6. Memory Tweaking utilities (for example, WinRAM Turbo, Memory Zipper, etc.) that are used to “reclaim” memory unused by Microsoft must not be used. 7. The installation or un-installation of the utility class software must not impact/conflict with the Symposium Call Center Server software (for example, DLL conflicts). If it does impact/conflict with the Symposium Call Center Server software, then you may need to rebuild the server. 8. The installation or un-installation of the utility class software must not impact/conflict with the Symposium Call Center Server minimum security settings and configuration (for example, enabling IIS service, conflicts in the Windows 2000 security settings, etc.). If it does impact/conflict with the Symposium Call Center Server minimum Issue 1.00
Symposium Call Center Server 5.0 Security Guide for Windows 2000
49
Security recommendations
Nortel Networks Proprietary
security settings and configuration, then you may need to rebuild the server. 9. The installation of the utility class software must be performed after the Symposium Call Center Server is installed. 10. The software must not be installed within the Symposium Call Center Server folder on the D: drive. Nortel Networks recommends that you install the software in its own folder on the C: drive. 11. The software must be virus free. Do not install any software when the origin of the software is not known. It is the implementation personnel’s responsibility to perform tests to ensure that these conditions and recommendations are met prior to putting the server into production. As part of the fault diagnostic process, the Distributor/End User may be asked to remove third-party software.
4.6
Anti-virus scanning Noted that the risk of virus infection on the Symposium Call Center R5.0 server is minimal due to the following reasons:
50
•
The server requires limited access for support.
•
Typically, only maintenance personnel have local access to the server and remote access through pcAnywhere.
•
All Nortel Networks software distributions including PEPs and SUs are virus free.
•
Customers are discouraged from installing non-Symposium Call Center Server software on the server, which minimizes the risk of encountering infected software on the server.
•
Customers are discouraged from directly accessing the Internet from the server, which minimizes the risk of getting a virus through the Internet.
•
There should be no e-mail activity of any kind on the Symposium Call Center Server R5.0 server, which eliminates any chance of getting a virus through e-mail.
•
There should be no shared folders or files on the Symposium Call Center Server R5.0 server, which eliminates any chance of getting a virus through open file/folder sharing.
Symposium Call Center Server 5.0 Security Guide for Windows 2000
Issue 1.00
Security recommendations
Nortel Networks Proprietary
In spite of the above recommendations, Nortel Networks acknowledges the fact that many customers have security policies that may require that anti-virus software be installed on the Symposium Call Center Server R5.0 server. Nortel Networks has carried out testing on a representative sample of anti-virus software packages (Norton, McAfee, and Innoculate) in order to determine the following generic guidelines for the use of anti-virus software: •
The Symposium Call Center Server software must be installed on the server before you install the anti-virus software. When the anti-virus software is installed, it is the implementation personnel’s responsibility to perform testing with the anti-virus software, in accordance with the guidelines for “utility” implementations outlined in section 4.5 of this guide.
•
During PEP installations on both the client and server, all anti-virus functionality should be disabled (for example, firewalls, (passive) scanning, auto updates etc.) and should not be started up automatically until the entire Symposium Call Center Server installation procedure is complete. You may re-enable the anti-virus functionality afterwards, as required.
•
If personal firewalls are enabled on the Symposium Call Center Server client PC, then the Report Listener may be flagged as trying to access the Internet. You must configure the ‘Properties’ to allow the Report Listener to access the Symposium Call Center Server R5.0 server through the firewall.
•
Set virus scans to run on the server during off-peak hours, and not to start on the hour. Note that several maintenance tasks are automatically activated on Symposium Call Center Server at midnight, so an offmidnight time should be set for virus scans. Similarly, active virus scans should be disabled when running diagnostic traces or logs on the Symposium Call Center Server R5.0 server.
•
Infected file quarantine policy on the Server and Client: The anti-virus software should not be configured to deal automatically with suspected infected files. In the event that infected files are located, do not attempt to replace or remove them. Contact your local Nortel Networks Support representative for assistance in determining if the files are part of the Symposium Call Center Server application, or a critical system file.
•
Nortel Networks recommends that you exclude the following files from scanning: F:\Nortel\Database\ :\Nortel\Database
Issue 1.00
Symposium Call Center Server 5.0 Security Guide for Windows 2000
51
Security recommendations
Nortel Networks Proprietary
In addition, the following file should be excluded: D:\Nortel\ICCM\bin\Tools2.exe (You will encounter file access errors in the Scan Activity log if you do not exclude this file from scanning.) •
You must not connect the Symposium Call Center Server R5.0 server directly to the Internet to download virus definitions or updated files. In addition, Nortel Networks recommends that you do not connect the Symposium Call Center Server client PC to the Internet. Instead, you should download virus definitions and update files to another location on your network, and then manually upload to the Symposium Call Center Server R5.0 server. This is the same recommended procedure for downloading Symposium Call Center Server PEPs. This recommendation limits access to the Internet, and thus reduces the risk of downloading infected files.
•
In addition, all PEP files, CD-ROMs, and floppy disks should be scanned prior to installing or uploading to the server. This practice minimizes any exposure to infected files from outside sources.
•
SNMP alerting on virus confirmation: At this time, Nortel Networks has not tested this feature and is unable to ascertain whether it poses any potential risks to Symposium Call Center Server. It is, therefore, not recommended that you activate this feature.
•
Capacity considerations: Note that running virus scan software can place an additional load on server in Symposium Call Center Server. It is the implementation personnel’s responsibility to run the Windows 2000 Server Performance Monitor tool on the server to gauge CPU utilization. If the anti-virus software scan causes the server’s average CPU utilization to exceed 50 percent for longer than 20 minutes, then the anti-virus software should not be loaded onto the Symposium Call Center Server R5.0 server.
Note:
52
•
Nortel Networks does not provide support on the configuration of antivirus software, but it will endeavor to offer guidance where possible. Questions or problems on anti-virus software should be directed to the appropriate vendor.
•
The above recommendations are intended as guidelines only, and do not constitute a guarantee of compatibility. Nortel Networks does not plan to perform ongoing compatibility testing, or testing on other anti-virus packages.
Symposium Call Center Server 5.0 Security Guide for Windows 2000
Issue 1.00
Security recommendations
•
4.7
Nortel Networks Proprietary
If performance or functionality issues are raised to Nortel Networks Support, as part of the fault diagnosis process, the customer/distributor may be asked to remove third-party utility software or anti-virus software.
Internet access Internet access poses a major source of security risks, threats, and vulnerabilities to the server. By default, Windows 2000 Server installs Internet Explorer, which can be configured for accessing the Internet. Since Symposium Call Center Server R5.0 does not require Internet access, Nortel Networks recommends that you refrain from accessing the Internet or Intranet directly from the Symposium Call Center Server R5.0 server. Nortel Networks recommends that if you require access to the Nortel Networks Web site (for example, to obtain the latest PEP/SU etc.), then you should use a separate PC that is virus free.
4.8
E-mail access Electronic mail (e-mail) and applications using the SMTP service are a major source of security risks, threats, and vulnerabilities. By default, Windows 2000 Server installs Outlook Express, which can be configured to access an e-mail system. Since Symposium Call Center Server R5.0 does not require SMTP service, Nortel Networks recommends that you refrain from accessing any e-mail systems or installing any applications that will enable the SMTP service on the Symposium Call Center Server R5.0 server.
4.9
File and folder sharing One of the most common forms of malicious code attack (for example, the Code Red and Nimda viruses) occurs through file and folder sharing on the server. By default, Symposium Call Center Server R5.0 does not include any shared folders or files on the server. To help maintain a secure environment, you must not share any installed file or folder at any time. Nortel Networks recommends that you refrain from granting write access permissions to any files or folders (except for the default permissions granted by Symposium Call Center Server) on the Symposium Call Center Server R5.0 server. If there is an absolute need to share files or folders on the server, then you must be cautious when granting write access permission to users on your network and remove the shared access immediately after the user completes the required task.
4.10 File and folder permission By default, Windows 2000 grant “Everyone” group with Full Control permission for all disk drives without other account or group. This default permission allows everyone accessing the server can have full control on all files and folders, and it is considered as a high security risk. It is a common security policy and practice to Issue 1.00
Symposium Call Center Server 5.0 Security Guide for Windows 2000
53
Security recommendations
Nortel Networks Proprietary
remove the “Everyone” group permission for all disk drives and add specific Windows user account or group with specific permission. Symposium Call Center Server supports the removal of the “Everyone” group as long as the following recommended accounts and groups as listed in Table 12 are added to the specified disk. Symposium Call Center Server can fail to operate if these recommended accounts and groups are not added with the required permission. Table 12 Symposium Call Center Server File and Folder Permission
Account/Group Permission
Applied to
Granted Disk
Administrators
Full Control
This folder, Subfolders and files
All drives
SYSTEM
Full Control
This folder, Subfolders and files
All drives
Creator Owner
Full Control
Subfolders and files
C: drive only (Microsoft’s recommendation)
Everyone
Read & Execute
This folder only
Root of C: drive only (Microsoft’s recommendation)
Read
This folder, Subfolders and files
D: drive only (do not need this permission for normal Symposium Call Center operation, only needed for running automatic test suite by Nortel Networks product verification group)
4.11 Encryption Windows 2000 supports file and folder encryption. However, Symposium Call Center Server R5.0 does not support or require any form of file and folder encryption by Windows 2000. You must not attempt to encrypt any installed Symposium Call Center Server files or folders, including all Symposium Call Center Server database folders and files. If Windows 2000 encryption is enabled 54
Symposium Call Center Server 5.0 Security Guide for Windows 2000
Issue 1.00
Security recommendations
Nortel Networks Proprietary
on any Symposium Call Center Server database folders or files, it will corrupt the database. In this case, Symposium Call Center Server can only be recovered by re-installing and then restoring the database from the latest available database backup.
4.12 Microsoft Baseline Security Advisor Symposium Call Center Server R5.0 is compatible with the Microsoft Baseline Security Advisor (MBSA) security tool. You can use this tool to scan the Symposium Call Center Server R5.0 server to check if it meets the Microsoft baseline security recommendations for Windows 2000 Server. If you want to run the MBSA tool against the Symposium Call Center Server R5.0 server, then Nortel Networks recommends that you run this tool after the Symposium Call Center Server R5.0 software is installed. Due to the default configuration of Symposium Call Center Server R5.0, the MBSA may issue certain security noncompliance statements or warnings. Table 13 lists the typical MBSA version 1.2 scanning items and Nortel Networks recommendations for Symposium Call Center Server. Table 13 MBSA scanning items and Symposium Call Center Server recommendations
Issue 1.00
MBSA scanned item
Symposium Call Center Server recommendation
MSXML Security Updates
MBSA may indicate that latest security updates are out-of-date. Symposium Call Center Server has no dependency on the MSXML, and it is customer’s option to install the latest MSXML security update as recommended by Microsoft.
Windows Security Updates
MBSA may indicate that the latest critical security updates are missing. Check against the latest Symposium Products Service Packs Compatibility and Security Hotfixes Applicability list for applicable Microsoft security updates and installed all applicable security updates.
Microsoft VM Security Updates
MBSA may indicate that latest security updates are out-of-date. Symposium Call Center Server has no dependency on the Microsoft VM, and it is customer’s option to install the latest Microsoft VM security update as recommended by Microsoft.
Office Security Updates
MBSA may indicate that latest security updates are out-of-date. Symposium Call Center Server has no dependency on the Microsoft Office, and it is
Symposium Call Center Server 5.0 Security Guide for Windows 2000
55
Security recommendations
56
Nortel Networks Proprietary
MBSA scanned item
Symposium Call Center Server recommendation customer’s option to install the latest Microsoft Office security update as recommended by Microsoft.
Windows Media Player Security Updates
MBSA may indicate that latest security updates are out-of-date. Symposium Call Center Server has no dependency on the Windows Media Player, and it is customer’s option to install the latest Windows Media Player security update as recommended by Microsoft.
MDAC Security Updates
MBSA may indicate that the latest critical security updates are missing. Check against the latest Symposium Products Service Packs Compatibility and Security Hotfixes Applicability list for applicable Microsoft security updates and installed all applicable security updates.
Restrict Anonymous
MBSA may indicate non-compliance. Restrict anonymous access as recommended by Microsoft.
Administrators
MBSA may warn that more than two administrators are found in the computer. Check and confirm that only the “Administrator”, “NGenSys”, “NGenDist”, “NGenDesign”, and the remote database backup and restore users are listed in the Administrator group. Remove any additional administrator accounts.
Password Expiration
MBSA may warn that all user accounts have nonexpiring passwords. “NGenSys” and the remote database backup and restore users must be configured with non-expiring passwords. Other users can be configured with password expiration, as required.
Internet Connection Firewall
Internet Connection Firewall is not available on Windows 2000 platform. MBSA should indicate Internet Connection Firewall is not installed or configured properly, or is not available on this version of Windows.
Local Account Password Test
MBSA may warn that some user accounts have blank or simple passwords, or could not be analyzed. The passwords for the Symposium Call Center Server default local accounts (NGenSys, NGenDist, and NGenDesign) should pass this test. Check and change user passwords if required.
Symposium Call Center Server 5.0 Security Guide for Windows 2000
Issue 1.00
Security recommendations
Issue 1.00
Nortel Networks Proprietary
MBSA scanned item
Symposium Call Center Server recommendation
Automatic Updates
MBSA may indicate non-compliance. Recommend to review and configure the server with the appropriate method to obtain the Microsoft updates.
File System
MBSA should indicate that all hard drives are using the NTFS system. Repartition and reinstall Symposium Call Center Server if any software or database drives used by Symposium Call Center Server are not using NTFS.
Autologon
MBSA should indicate that Autologon is not configured on this computer. Remove Autologon if configured.
Guest Account
MBSA should indicate that the Guest account is disabled on this computer. Disable or remove the Guest account if enabled.
Auditing
MBSA may suggest turning on Auditing. Follow the Symposium Call Center Server R5.0 guidelines on the auditing policy (section 3.2.6 of this guide).
Services
MBSA may suggest removing unneeded services (for example, Remote Access Connection Manager, Telnet etc.). Do not remove the Remote Access Connection Manager if the RAS method is used for a remote access (pcAnywhere) connection instead of direct modem. Since Symposium Call Center Server does not require the Telnet service, you can remove it as recommended by Microsoft. Review other listed unneeded services and disable them if they are not listed as Symposium Call Center Server required services (section 3.1.2 of this guide).
Shares
MBSA may suggest shares on the server. Ensure that only the system default shares are on the server with the proper permissions. Symposium Call Center Server does not require any additional share to work.
Windows Version
MBSA must list the Windows version as the Windows 2000 Server version.
IIS Status
MBSA should indicate that this service is not running on the computer. Remove the IIS service if it is
Symposium Call Center Server 5.0 Security Guide for Windows 2000
57
Security recommendations
Nortel Networks Proprietary
MBSA scanned item
Symposium Call Center Server recommendation running.
SQL Server/MSDE Status
MBSA should indicate that SQL Server and/or MSDE is not installed on this computer. Remove SQL Server and/or MSDE if it is installed.
IE Zones
MBSA may indicate that Internet Explorer zones do not have secure settings for access. It is acceptable for Symposium Call Center Server if IE is not configured and used for Internet access.
Macro Security
MBSA should indicate that no Microsoft Office products are installed. Remove all Microsoft Office products from the server.
4.13 SNMP Configuration Symposium Call Center Server R5.0 supports sending Symposium Call Center Server error and alarm events as SNMP traps only, and no other SNMP functions are provided. Nortel Networks recommends the following security configuration to reduce the security risk from SNMP service: •
If no SNMP service (including receiving Symposium Call Center Server SNMP traps) is required by a NMS on the customer network from the Symposium Call Center Server, Nortel Networks recommends you to disable or remove the SNMP Service and SNMP Trap Service from the Windows services. Disabling or removing the SNMP Service and SNMP Trap Service only disable the Symposium Call Center Server capability to send error and alarm events as SNMP traps and will not interfere with other Symposium Call Center Server functions.
•
Nortel Networks recommends using a customer defined community name instead of the well known “public” community name for SNMP traps.
•
Nortel Networks recommends configuring SNMP Service to accept SNMP packets only from a specified list of known SNMP hosts instead of accepting SNMP packets from any host.
4.14 Remote support access Symposium Call Center Server R5.0 supports remote connection to the server through pcAnywhere so that Distributors/Nortel Networks support groups can perform remote server maintenance. Customers can configure either a direct 58
Symposium Call Center Server 5.0 Security Guide for Windows 2000
Issue 1.00
Security recommendations
Nortel Networks Proprietary
modem, Remote Access Service (RAS), or VPN (with Nortel Networks Contivity product) connection method. Nortel Networks recommends the VPN connection method together with the proper firewall or subnet isolation between the Symposium Call Center Server network subnet and the corporate network, as it provides a secure connection that minimizes the risk of exposing other customer network resources to the remote connection. To prevent illegal access to the Symposium Call Center Server R5.0 server through the remote connection, you must configure the appropriate pcAnywhere and RAS (if configured) logon accounts and passwords. Nortel Networks recommends that you do not use any default or simple passwords for the pcAnywhere and RAS logon accounts. For security reason, a firewall may be placed before the Symposium Call Center Server in the network path for the remote connection. In order to allow pcAnywhere remote session to be successful, the port 5631 (TCP) and port 5632 (UDP) must be opened.
4.15 Symposium Call Center Server backup and restore strategy A proper Symposium Call Center Server backup and restore strategy is critical to recover the Symposium Call Center Server R5.0 sever in event of virus infection or server security damage beyond repair. The Symposium Call Center Server R5.0 Standby Server function does not replace the requirement of regular Symposium Call Center Server backup. It is important to note that Symposium Call Center Server backup and restore strategy must be included as part of your security risk management plan. Nortel Networks recommends that you schedule and perform regular Symposium Call Center Server database backups (local tape or remote database backups). In addition, you must have an up to date Symposium Call Center Server Platform Recovery Disk (PRD) stored in a secure place. Nortel Networks recommends that you create a new PRD whenever there is a Symposium Call Center Server platform configuration change (for example, if you run the Symposium Call Center Server R5.0 Server Setup Configuration Utility, Database Expansion utility, etc.).
Issue 1.00
Symposium Call Center Server 5.0 Security Guide for Windows 2000
59
Security recommendations
Nortel Networks Proprietary
[ This page is left intentionally blank ]
60
Symposium Call Center Server 5.0 Security Guide for Windows 2000
Issue 1.00
Glossary
5
Nortel Networks Proprietary
Glossary The glossary provided relates solely to this document.
CLAN
Customer Local Area Network
DHCP
Dynamic Host Connection Protocol
DNS
Domain Name Service
ELAN
Embedded Local Area Network
IT
Information Technology
LAN
Local Area Network
MAS
Meridian Application Server
NCC
Network Control Center
Nortel Networks Servers Subnet
Previously known as CLAN
PC
Personal Computer
PEP
Performance Enhancement Package
PRD
Platform Recovery Disk
RAS
Remote Access Service
SCCS
Symposium Call Center Server
SMTP
Simple Mail Transfer Protocol
SU
Service Update
WAN
Wide Area Network
Issue 1.00
Symposium Call Center Server 5.0 Security Guide for Windows 2000
61
Glossary
Nortel Networks Proprietary
[ This page is left intentionally blank ]
62
Symposium Call Center Server 5.0 Security Guide for Windows 2000
Issue 1.00
References
Nortel Networks Proprietary
6
References
[1]
Nortel Networks Symposium Call Center Server Installation and Maintenance Guide, Product release 4.2, Standard 1.0, April 2002
Issue 1.00
Symposium Call Center Server 5.0 Security Guide for Windows 2000
63
Nortel Networks Proprietary
[ Last Page ]
Issue 1.00
Symposium Call Center Server 5.0 Security Guide for Windows 2000
65