I'm using ECLIPSE 2.0.0 09/09/98
with 648 ports and the Att option (among others.)

Would setting the Forward and VMS Plans for a DVA to forward all calls to VMS (even if no box existed) still allow the DVA to work for auto-attendants and to play on-hold messages? I want to prevent unauthorized persons from deleting messages on a DVA, or (worse yet) recording new ones of their own, but still allow the DVAs to perform their intended function. (Obviously, whenever I wanted to change the recordings, I would turn the forwarding off.)

The manual never really discussed that, as far as I can tell (using the Issue F - October 1999 manual).

Yes, it did occur to me to just try it out-- but I hate doing it while the system is in use, and I don't want to think that it's working properly but then run into some strange hitch later.


------------------
We can forgive a child who is afraid of the dark; the real tragedy of life
is when men are afraid of the light.
- Plato

[This message has been edited by Orac (edited June 09, 2005).]

I think it would be a really remote chance anyone would do it.They would need to know the dva extension as well as how to do it.Plus I don't know if you can call a dva from an auto attendant maybe from disa never tried that either.I think it has to be an internal call to the dva.I wouldn't set up forwarding on the dva extensions.

Security by obscurity only works so well... I agree, they'd have to know the extension of the DVA as well as how to do it, but finding out how to do it isn't that hard.

Maybe I'll just experiment... I'll keep you updated with what I find out.

Can ONLY change (access) DVA's from On-site

I'm quite aware that you must be on-site to change the DVAs.

I'm also quite aware that disgruntled employees pose the biggest threat to IT systems.

NOW do you understand why I want to add that layer of security to the DVAs?

For one of the DVAs in question, I set the Forwarding and VMS Plans on the G screen to:
for both Day and Night sequences.

This particular DVA is for an Auto Attendant, not for an ACD queue (hold message), so it remains to be seen how those act-- but it seems that this method of locking down a DVA has promise, as I made test calls and the Att picked up and played the message, as well as allowed the pressing of # to repeat the message, and the caller options according to the Att scheme still worked properly.

------------------
We can forgive a child who is afraid of the dark; the real tragedy of life
is when men are afraid of the light.
- Plato

[This message has been edited by Orac (edited June 17, 2005).]

OK so that worked but what happens if you call it from an internal extension does it forward or not?It may well e that that will work or that dva's ignore call forwarding.

Yes, although it still functions as a DVA for the Auto Attendant, if you dial the extension, it forwards to the operator. Therefore, it now has the security I desired (and theorized could be done) with the functionality it needs.

And it's a very simple matter to temporarily change the setting back when there is an actual need to change the recordings on the DVA.

I'm just amazed that with the other security features in the IDS, that there is no way (other than the Fwd&VMS Plan) to restrict access to DVAs...

------------------
We can forgive a child who is afraid of the dark; the real tragedy of life
is when men are afraid of the light.
- Plato

[This message has been edited by Orac (edited June 17, 2005).]

I've been testing this new 'security' option now for a week and a half, on DVAs that work on Auto-Attendants and others that play messages for ACD queues-- no problems whatsoever.

Now I no longer have to worry that someone will, intentionally or not, erase the messages on the DVAs or rerecord them.

And, of course, I can turn the forwarding back off when I need to make changes, so this does not prevent the authorized modification of the messages.

For those that would still recommend against it, or don't see the potential threat-- just imagine that your company's website could be modified by anyone that works for your company, without requiring passwords or any other security. Obviously, you wouldn't that to happen-- so why are your phone messages any different?

Orac,

Thanks for posting this question and following up with the solution you used. I was about to ask the very same question, but did a search first and found this thread.

--Andrew

Glad it was of benefit to you-- thanks for taking the time out to let me know!


------------------
We can forgive a child who is afraid of the dark; the real tragedy of life
is when men are afraid of the light.
- Plato