SIP Security is a system feature designed to identify SIP attacks. The SIP Security function provides an additional access layer for SIP security on the Edgemarc. If this function is not configured, the SIP proxy application still performs basic SIP security.
The feature has three methods for securing SIP system services:
- The Static Blacklist option can be defined when a known SIP attack host has been identified and can be added statically to the system to drop all SIP messages from this host.
- The Dynamic blacklist option allows the user to configure a set of rules in which the system will dynamically detect any host that violates these rule types and then create policies to drop these hosts for a set period.
- The Whitelist SIP servers option only allows Edgemarc to permit traffic from servers configured in the SIP Server Address, List of SIP Servers, and List of Allowed SIP Servers fields on the VoIP → SIP page. This includes any servers derived from an SRV lookup of an FQDN on that page.
Adding SIP Security
This section outlines how to add SIP security.
To add SIP Security
Choose Security > SIP Security.
Configure settings using the information in the following table as a guide. When you have finished configuring SIP Security, click Commit to make your changes take effect.
Overview
Content Tools