DISA Direct In System Access (at least that is what I was always told it means
)
Yes, it is a package on the switch but I don't know off the top of my head where to print out the access features.
Disa is an access for incoming calls to terminate on the switch and get local dial tone. This then allows the caller to place a call from your switch as if they were in the office.
DIAS is a BAD thing in my books and we have disabled it in all of our switches. All you need to know is the access DN and password and you have local dial tone. This opens up your system to all sorts of potential hacking. Especially since there is only one pwd to access so everyone that uses it, uses the same password. Even if you change it on a regular basis, you will have to distribute it to everyone that uses it leaving you wide open for social engineering.
As for your being able to forward an internal phone to a cell phone. You need to make sure the set is capable of forwarding to an outside line (CLS CFXA). This also opens up security holes and I would not recomend this option turned on unless you have a very select group of people who require it. If you do enable it, I would write yourself a note to check each phone when you make a change to it so you can disable the feature if you set up a new user on the phone. I would also do a yearly check with the users that have it enabled to ensure they still use / require it and disable it (CLS CFXD) if they don't.
This should start you off on your investigations....