Where is toll fraud prevention configured in cucm

Range: 3 to Default: The following configuration allows only phones that have this ephone template applied to transfer to. In the following example, directory extension 10 1 is allowed to perform a call-forward to any extension that. Any call-forwards to destinations longer than four digits will fail. When the no forward local-calls command is used in ephone-dn configuration mode, internal calls to a.

If an internal caller rings this ephone-dn and the ephone-dn is busy, the caller hears a. If an internal caller rings this ephone-dn and it does not answer, the caller hears a ringback. The internal call is not forwarded even if call forwarding is enabled for the ephone-dn. In the following example, extension calls extension and hears a ringback or a busy signal. If an. In this configuration, a new Cisco Unified Communications Manager Express system is configured so that.

Disable auto-reg-ephone underneath telephony-service so that new IP phones connected to a Cisco. To do this, simply configure the following:. This prevents external users from dialing outbound to external numbers after they reach Cisco. If PSTN access from the auto-attendant is required, limit the numbers or range of numbers that are. A system administrator can use the Cisco Unity Express restriction tables to restrict the destinations that.

The restriction tables can be used to prevent. Using the. Applications that. To restrict the destination patterns that can be reached by Cisco Unity Express on an outbound external. Administrators can then use these records to retrace calls to see if abuse by internal or external.

The file-accounting feature introduced with Cisco Unified Communications Manager. It expands gateway accounting support, which also includes the. The accounting process collects accounting data for each call leg created on a Cisco voice gateway. Cisco voice gateways capture accounting data in the form of CDRs containing attributes defined.

Introduction The following document provides a configuration guide that can be used to help secure the Cisco Unified Communications Manager Express system and mitigate the threat of toll fraud. Cisco Unified Communications Manager Express is the Cisco router-based call-control solution that provides a smart, simple, and secure solution for organizations looking to implement unified communications.

It is highly recommended that value-added resellers VARs and systems engineers implement the security measures described in this application note to provide additional levels of security control and to reduce the possibility of toll fraud. Objective The objective of this application note is to educate systems engineers and VARs on the various security tools available on Cisco voice gateways and Cisco Unified Communications Manager Express.

The se tools can and should be implemented on the Cisco Unified Communications Manager Express system to help mitigate the threat of toll fraud by both internal and external parties.

Scope This application note provides instructions on how to configure the Cisco Unified Communications Manager Express system with various toll security and feature restriction tools.

The application note also outlines why certain security tools are used in certain deployments. Audience This document is targeted at Cisco system engineers and other personnel who assist in presales design of small and medium-sized business SMB voice solutions.

Thus you may be required to use a combination of the features described in this document to help lock down the Cisco Unified Communications Manager Express. This application note serves as a guideline for applying security tools on Cisco Unified Communications Manager Express and in no way guarantees that toll fraud or abuse by both internal and external parties will not occur.

Overview This document covers the most common security tools that can be used on the Cisco Unified Communications Manager Express system to help mitigate the threat of toll fraud.

The system security tools referenced in this paper include toll restriction tools and feature restriction tools. External Threats This document discusses threats from both internal and external parties. When DID is enabled, the Cisco gateway does not present a secondary dial tone to the caller and does not wait to collect additional digits from the caller. It forwards the call directly to the destination that matches the inbound Dialed Number Identification Service DNIS ; this is called one-stage dialing.

Upon hearing a secondary dial tone, the PSTN caller can enter digits to reach any internal extension. The caller can also dial long-distance or international numbers if the PSTN access code is known.

A potential problem can occur, however, because if the PSTN caller uses the Cisco Unified Communications Manager Express system to place outbound long-distance or international calls, the company gets charged for the calls. If the system administrator does not configure direct inward dialing on the system, an inbound PSTN caller will hear a secondary dial tone and will have to manually dial the internal extension.

Solution To mitigate this threat, the system administrator should configure direct inward dialing. This configuration causes the Cisco gateway to forward the inbound call directly to the destination that matches the inbound DNIS. Thus, all PSTN calls destined for 12 00 through 12 99 and through will be routed inbound to the Cisco Unified Communications Manager Express system.

Issues a cause-code when the incoming call is rejected to the IP address trusted authentication. If the IP address trusted authentication fails, a call-reject 21 cause-code is issued to disconnect the incoming VoIP call. Verifies a list of valid IP addresses for incoming H. Router show ip address trusted list. Enters ip address trusted list mode and allows to manually add additional valid IP addresses. Allows you to add up to IPv4 addresses in ip address trusted list.

Duplicate IP addresses are not allowed in the ip address trusted list. Optional network mask — allows to define a subnet IP address. Displays a list of valid IP addresses for incoming H. Direct-inward-dial isdn is not supported for incoming ISDN overlap dialing call. Enters voice service configuration mode with voice telephone-service encapsulation type pots. The called number is used to select the outgoing dial peer. No dial tone is presented to the caller.

Exits voice service pots configuration mode. Verifies that the secondary dial tone is disabled on the specific voice-port. You can monitor the failed or rejected calls using the IEC support. Follow these steps to monitor any rejected calls:. Use the show voice iec description command to find the text description of an IEC code. View the IEC statistics information using the voice statistics type iec command. The example below shows that 2 calls were rejected due to toll fraud call reject error code.

Verify the source address of an incoming VOIP call using the show call history voice last command. The following table provides release information about the feature or features described in this module.

This table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.

Introduced support for Toll Fraud Prevention feature. Call Forward All CFA is a feature in Cisco CallManager that allows an internal number for example, an employee office number to be forwarded to an external number for example, an international number, mobile number, or premium number. For example, an employee can call the office number, which is then forwarded to the number specified in the forwarding field.

This number can be an international or premium number. The user can configure the setting using the web interface, so the forwarding configuration can be set up and removed very easily from home or elsewhere.

By applying the calling search space to only this field, you have effectively restricted user forwarding. Voice-mail systems, which can transfer a call to an extension, can be misused in a similar way if they are configured to allow transfer of calls when the called party is not available.

Book Contents Book Contents. Find Matches in This Book. PDF - Complete Book 2. Updated: February 19, Chapter: Preventing Toll Fraud.

Using Restriction Tables to Help Prevent Toll Fraud Toll fraud is defined as any toll long distance call that is made at the expense of your organization and in violation of its policies. Best Practices: To prevent toll fraud by users, administrators, and even outside callers who have improperly gained access to a Cisco Unity Connection mailbox, implement the following changes: Set up all restriction tables to block calls to the international operator.

Restricting Collect Calling Options We recommend that you work with your telecommunications provider to restrict the collect calling option on your incoming phone lines, if appropriate.