DO NOT SHARE THESE DOCS WITH CUSTOMERS!

This is an LA release that will only be provided to a select number of PLM-sanctioned customers (PDFs only). Contact PLM for details.

Use the Dynamic Black List window to remove specific entries from the dynamic blacklist (DBL) based on source IP address.

Dynamic blacklisting is a feature that detects abnormal events from endpoints and blocks the traffic from those endpoints for a configured period of time. This feature is designed to detect misbehaving endpoints rather than prevent malicious attacks, for which the system already has other mechanisms. The DBL events and the actions to take for each event are configured by the user in a DBL profile with a set of DBL rules. The DBL profile is then assigned to a SIP trunk group. Any packets that come in to the system from that trunk group will be compared against the DBL rules configured in that DBL profile. When a source violates the conditions in a rule it can be added to the DBL, depending on the definition of the rule. Refer to Dbl Profile - Rule for more information.

To Remove an Entry from the Dynamic Blacklist

  1. On the SBC main screen, go to Monitoring > Security > Dynamic Black List or
    All > Address ContextDynamic Black List
  2. Select the address context from the Address Context list. The Commands list appears as shown below.

    Dynamic Black List Commands

  3. Select Remove Entry from the Commands list and click Select. The removeEntry window opens.

    removeEntry Window

  4. In Source IP Address, enter the source IP address associated with the DBL entry you want to remove.

  5. Click removeEntry.

  • No labels