26 Chapter 2 System OverviewNN40020-200NN40020-200In enterprise network systems, the SIP feature provides the ability to support private numberingplans, optimizes the use of network traffic (TAT/TRO/ICCL), and provides support for centralizedvoice mail applications (NCRI, MWI) using the SIP messaging protocol. By making thesecapabilities available using the SIP protocol, you can begin to transition your network to the lateststandard.Security enhancementsThe following sections describe the security enhancements with BCM50 2.0:• “User account access management” on page 26• “Secure interface and audit logging” on page 27User account access managementThis feature significantly improves BCM user-account access management by enhancingpassword, session and account authentication, and access-management enhancements. Theseimprovements bring the BCM in alignment with the security enhancements being introduced withBCM50 and add incremental capabilities.Password Management and Policy Enhancements include:• Minimize the vulnerability of passwords— Password characteristics are now more stringent (length, criteria)— Password aging, history and change notification added— Forced password change on initial login— Password storage hashing with Secure Hashing Algorithm 1 (SHA1)Session Management Enhancements minimizes the vulnerability of logged-in sessions for idlesession time-outs.Account Management includes:• Minimize the vulnerability of User IDs— Automatic disabling of unused accounts— Set-based admin requires user ID and passwordAccount User ID Access Privilege Management includes the logged-in user ID session/accessdisplay.These enhancements to user-account access management provide a secure BCM accessenvironment, making it difficult for a malicious user to gain access to a BCM. Also, they allowowners of BCM to enforce secure account-access controls to the BCM to ensure secure BCMmanagement and increase protection against potential vulnerabilities.