Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Dial 1-800 plug Holes

Other potential customers include health care and financial companies concerned with patient and customer privacy, and any organization worried about potential "back-door" vulnerabilities via unsecured analog access points, such as service ports on LAN-connected PBXs and VRUs (voice response units) or modem-enabled field equipment, like oil rigs and irrigation controls. Excessive unauthorized toll charges are another motivator.

Back to School

Our test lab for this article was a production environment in a private boarding school in New England. We installed the SecureLogix equipment in-line on the ISDN PRI between a production PBX with 400-plus active extensions and the local telecom's central office. Our Real-World Labs® team then ran the ETM through a rigorous gamut of tests by autogenerating hundreds of thousands of voice calls over a 30-day period, creating large data sets for testing reporting while providing a consistent base level of background activity so our functionality testing would not occur on an idle platform (see "How We Tested"). We ran all tests with the ETM software version 3.03 (version 4.0 should be hitting the streets now--see "Sneak Peek at ETM 4.0").

A Fortune 500 company discovered more than 7,000 clandestine remote-access users--15 percent of its work force--even though the HR and IS departments believed that no remote access was available, according to Gartner. The company had to use war-dialer tools to discover unauthorized dial-up connections to computers, modems, fax machines and other devices.

Note that the SecureLogix ETM environment is a vendor-installed product suite. On-site installation and configuration are sold as a part of every contract; time and expense are based on complexity. SecureLogix technicians performed a standard installation of the test equipment under the guidelines normally associated with an enterprise installation. Because our test site had no pre-installed Oracle services, a Microsoft Windows 2000 database server running Oracle 9i was included in the installation. If an existing Oracle solution exists, SecureLogix will integrate the ETM platform within that infrastructure, if desired (the ETM suite plays only with Oracle; SQL shops will need to make the additional investment).

  • 1