In this section:

Use this screen to configure privacy profiles that govern how the SBC applies privacy services. Profiles are assigned to ingress or egress SIP trunk groups and therefore allow handling privacy independently on each call leg. Options in this profile determine how privacy:id and privacy:user are handled. Using this screen you can also remove non-essential headers that are added by the user agent, including the Subject, Call-Info, Organization, User-Agent, Reply-To, and In-Reply-To headers.

For details on the privacy handling that is governed by the Privacy Profile, refer to Caller Privacy Support.

Note

The SBC gives precedence to SIP Privacy handling when the SIP Adaptive Transparency Profile is enabled. For example, if the incoming SIP message contains "privacy: Id" and the flag applyPrivacyId under profiles services privacyProfile is set to enablethe SBC does not include P-ASSERTED-ID header in the egress message. 

For information on SIP Adaptive Transparency Profile, refer to SIP Adaptive Transparency Profile - CLI.

Command Syntax

% set profiles services privacyProfile <privacyProfile>
	applyPrivacyId <disabled | enabled>
	applyPrivacyUser <disabled | enabled>
	passThruPrivacyInfo <disabled | enabled>
	anonymizationValueforHostpart <anonymization string>
	anonymizationValueforUserpart <anonymization string>
	anonymizationValueforDispName <anonymization string>
	supportPrivacyId <disabled | enabled | ifRcvdPrivacyId>
	supportPrivacyUser <disabled | enabled | ifRcvdPrivacyUser>

Command Parameters

The Privacy Profile parameters are defined below:

Privacy Profile Parameters

ParameterLength/RangeDescription

privacyProfile <name>

1-23 characters

<privacyProfile name> – The unique name for this Privacy Profile. This profile is used to apply privacy services independently on each call leg.

NOTE: To attach this Privacy Profile to a trunk group, refer to SIP Trunk Group - Services - CLI.

applyPrivacyIdN/A

If the incoming SIP message contains "privacy: Id" and this flag is enabled, the SBC does not include P-Asserted-Id header in the egress message.

  • disabled (default)
  • enabled

applyPrivacyUser

N/A

If the incoming SIP message contains "privacy: user" and this flag is enabled, the SBC anonymizes FROM and Contact headers.

  • disabled (default)
  • enabled

passThruPrivacyInfo

N/A

NOTE: This flag overrides the other privacyProfile flags.

If this flag is enabled, the Privacy header is passed transparently to the outgoing message and the SBC sends P-Asserted-Id or FROM header as received.

  • disabled
  • enabled (default)
anonymizationValueforHostpartUCHAR (0..64)Values to use for anonymization Hostpart in "from" and "contact" headers while applying privacy semantics.
anonymizationValueforUserpartUCHAR (0..64)Values to use for anonymization Userpart in "from" and "contact" headers while applying privacy semantics.
anonymizationValueforDispNameUCHAR (0..64)Values to use for anonymization Display Name in "from" and "contact" headers while applying privacy semantics.

supportPrivacyId

N/A

If this flag is enabled, the outgoing SIP message from the SBC does not include the P-Asserted-Id (PAI) header even though the incoming message does not contain "privacy: id" header. When set to the option "ifRcvdPrivacyId", the SBC removes PAI/Privacy: id only if the ingress INVITE includes the "privacy: id" header.

  • disabled (default)
  • enabled
  • ifRcvdPrivacyId

supportPrivacyUser

N/A

If this flag is enabled, the outgoing SIP message from the SBC includes anonymized FROM and Contact headers even though the incoming message does not contain "privacy: user" header. When set to the option "ifRcvdPrivacyUser", the SBC anonymizes "from" and "contact" headers only if the ingress INVITE includes the "privacy: user" header.

  • disabled (default)
  • enabled
  • ifRcvdPrivacyUser

 


Command Examples

The following example configures a Privacy Profile and attaches it to a trunk group:

set profiles services privacyProfile Test applyPrivacyId enabled applyPrivacyUser enabled passThruPrivacyInfo disabled supportPrivacyId enabled supportPrivacyUser enabled
set addressContext default zone defaultSigZone sipTrunkGroup TG1 services privacyProfile Test
commit
 
show profiles services privacyProfile
privacyProfile Test {
    applyPrivacyId      enabled;
    applyPrivacyUser    enabled;
    supportPrivacyId    enabled;
    supportPrivacyUser  enabled;
    passThruPrivacyInfo disabled;
}
[ok]

The following examples configure a Privacy Profile using the fields anonymizationValueforUserpart, anonymizationValueforHostpart, and anonymizationValueforDispName in the privacy profile.

set profiles services privacyProfile <EGR_PRIV> anonymizationValueforHostpart <Anonymous.invalid >

set profiles services privacyProfile <EGR_PRIV> anonymizationValueforUserpart <Anonymous >

set profiles services privacyProfile <EGR_PRIV> anonymizationValueforDispName <Anonymous>

set profiles services privacyProfile EGR_PRIV supportPrivacyId <disabled/enabled/ifRcvdPrivacyId >

set profiles services privacyProfile EGR_PRIV supportPrivacyUser<disabled/enabled/ ifRcvdPrivacyUser>