In this section:

Dynamic blacklisting is a feature that detects abnormal events from endpoints and blocks the traffic from those endpoints for a configured period of time. This feature is designed to detect misbehaving endpoints rather than prevent malicious attacks, for which the system already has other mechanisms.

The DBL events and the actions to take for each event are configured by the user in a DBL profile with a set of DBL rules. The DBL profile is then assigned to a SIP trunk group. Any packets that come in to the system from that trunk group will be compared against the DBL rules configured in that DBL profile.

To View DBL Profile

On the SBC main screen, go to Configuration > System Provisioning > Security Configuration > DBL Profile. The DBL Profile window is displayed.

To Edit DBL Profile

To edit any of the DBL Profile in the list, click the radio button next to the specific DBL Profile name.

The Edit Selected DBL Profile window is displayed.

Make the required changes and click Save.

To Create DBL Profile

To create a new DBL Profile, click New Dbl Profile tab on the DBL Profile List panel.

The Create New DBL Profile window is displayed.


DBL Profile Parameters:

Parameter

Description

Name

Specifies the name of the Dynamic Black List (DBL) profile.

Type

Specifies the type of application being monitored.

  • SIP (default)

State

Specifies the administrative state of this rule.

  • Disabled (default)
  • Enabled

To Delete DBL Profile

To delete any of the created DBL Profile, click the radio button next to the specific DBL Profile.

Click Delete at the end of the highlighted row. A delete confirmation message appears seeking your decision.

Click Yes to remove the specific DBL Profile from the list.


  • No labels