Versions Compared

Old Version 1

changes.mady.by.user Ribbon Communications

Saved on

compared with

New Version Current

changes.mady.by.user Ribbon Communications

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Add_workflow_for_techpubs
AUTH1UserResourceIdentifier{userKey=8a00a0c85f4199b1015f7edf811e000e, userName='null'}
REV5UserResourceIdentifier{userKey=8a00a0c85f4199b1015f7ea6e836000d, userName='null'}
REV6UserResourceIdentifier{userKey=8a00a0c85f4199b1015f7ea6e836000d, userName='null'}
REV3UserResourceIdentifier{userKey=8a00a0c86d32712b016d406f77af0008, userName='null'}
REV4UserResourceIdentifier{userKey=8a00a0c8601a1bc701602339d1190006, userName='null'}
REV1UserResourceIdentifier{userKey=8a00a0c86b3e1ff4016b78bf44f70024, userName='null'}
REV2UserResourceIdentifier{userKey=8a00a0c8652ba79201656dbe5f14001b, userName='null'}

SIP Security is a system feature designed to identify SIP attacks. The SIP Security function provides an additional access layer for SIP security on the Edgemarc. If this function is not configured, the SIP proxy application still performs basic SIP security.

The feature has three methods for securing SIP system services:

  • The Static Blacklist option can be defined when a known SIP attack host has been identified and can be added statically to the system to drop all SIP messages from this host.
  • The Dynamic blacklist option allows the user to configure a set of rules in which the system will dynamically detect any host that violates these rule types and then create policies to drop these hosts for a set period.
  • The Whitelist SIP servers option only allows Edgemarc to permit traffic from servers configured in the SIP Server Address, List of SIP Servers, and List of Allowed SIP Servers fields on the VoIP → SIP page. This includes any servers derived from an SRV lookup of an FQDN on that page.

Adding SIP Security

This section outlines how to add SIP security.

To add SIP Security

  1. Choose Security > SIP Security.



  2. Configure settings using the information in the following table as a guide. When you have finished configuring SIP Security, click Commit to make your changes take effect.

    Caption
    0Table
    1SIP Security Parameters


    ItemDescription
    DisabledIf you select the Disabled option, EdgeMarc still enforces SIP security at the SIP proxy application level based on the settings on the SIP Security page of the GUI.

    Blacklist Static

    Click Blacklist Static when a known SIP attack host has been identified and can be added statically to the system to drop all SIP messages from this host.

    Blacklist Static/ Dynamic

    		Click Blacklist Static/ Dynamic to configure a set of rules in which the system will dynamically detect any host that violates these rule types and then creates policies to drop these hosts for a set period.
    Whitelist SIP servers

    When the Whitelist SIP servers checkbox is selected, Edgemarc will only permit traffic from servers configured in the SIP Server Address, List of SIP Servers, and List of Allowed SIP Servers fields on the VoIP → SIP page. This includes any servers derived from an SRV lookup of an FQDN on that page.



Pagebreak