In this section:

Related articles:

Overview

The SBC Edge generates CDRs and logs what Ribbon Protect uses to identify bad actors (bad actors are identified as unwanted calls that attempt to threaten security, disrupt networks, perform fraudulent behavior, etc.). When Ribbon Protect suspects and identifies bad actors, the SBC Edge uses this data to blacklist and block these bad actors from entering your network. The REST API is used in addition to Ribbon Protect to enable bad actors to be blacklisted by the SBC Edge. When bad actors are identified by Ribbon Protect, they are reflected in the SBC Edge WebUI's "Bad Actors" table.  

SBC Edge supports blacklisting four types of bad actors:

  • Calling Number
  • Called Number
  • Source IPv4 Address
  • Source IPv6 Address

The steps below are required to configure and display bad actors via Ribbon SBC Edge.

The maximum number of Bad Actor listed by product is as follows:

Maximum Number of Bad Actors

ProductNumber of Bad Actors
SBC 1000/2000500
SBC SWe Lite1000

Prerequisites

Create REST user in SBC Edge

To use REST API, you must create a local user with REST access level.

Create a user in the SBC Edge as follows:

  1. Access the WebUI and login to the SBC Edge.
  2. In the Web GUI, click the Settings tab.

  3. In the left navigation pane, go to Security > Users > Local User Management.

    Local Users Table

  4. Click the Create Local User () icon at the top of the Local User View page. The Create Local User screen appears.

    Create Local User

  5. Enter user name in the User Name field.
  6. Enter and confirm the user’s new password in Password and Confirm Password fields.
  7. From the Access Level drop down list, select REST.

  8. Click OK. The REST user is created and the Local Users Table screen displays the newly created REST user.

Configure Country Code via WebUI

Through the WebUI, configure the country code the SBC Edge resides in; the SBC Edge uses the country code to convert a PSTN Calling/Called Number to E.164 format and search for it in the internal data structures.

Configure the Country Code via WebUI as follows: 

  1. In the WebUI, click the Settings tab.

  2. In the left navigation page, go to System > Node-Level Settings.

  3. From the Country Code drop down list, select the applicable country.

    Configure Country Code

  4. Click Apply.

Configure REST API to Create/Display/Delete "Bad Actors"

The commands listed in this section are used to create/display/delete bad actors from Ribbon Protect via REST API. After the bad actors are created, they can be viewed or displayed via REST API (alternatively, bad actors are viewed through the WebUI; see Display Bad Actors via SBC Edge WebUI). Configure REST API as follows: 

  1. Access the REST API. The REST API is based on open standards; you can use any Web Development Programming Language or HTTP Client Library to access the API. Refer to API Requirements for more details.
  2. Execute the specific commands. Refer to REST API User's Guide.

Working with Protect Bad Actors via SBC Edge WebUI

The SBC Edge WebUI displays the bad actors identified by Protect. Through the WebUI, you can view the bad actors and delete as necessary.

Display Bad Actors

The SBC Edge WebUI displays the bad actors identified by Protect.

View bad actors as follows:

  1. Access the WebUI.

  2. Click Settings > Security > Ribbon Protect Bad Actors

  3. Click the expand () next to the desired Bad Actor in which you want to view.

    Bad Actors Table

    Bad Actors Table - Field Definitions

    FieldDefinition
    Actor Type

    The bad actor type Valid entries:

    • Calling Number.
    • Called Number.
    • Source IPv4 Address.
    • Source IPv6 Address.
    Actor Data

    The valid data string according to actor type: Valid entries:

    • Calling Number: Valid string in E164 format.
    • Called Number: Valid string in E164 format
    • Source IPv4: Validated for correct IPv4 format, Precedence falls between 1-1000, and only one occurrence.
    • Source IPv6: Validated for correct IPv6 format, Precedence falls between 1-1000, and only one occurrence.
    PrecedenceThis field validates if the actor type is in correct format, according to the actor type:
    • Calling Number: Not applicable.
    • Called Number: Not applicable
    • Source IPv4: Range 1-1000
    • Source IPv6: Range 1-1000
    Primary KeyValue set by the table entry.

Remove Bad Actors

Through the WebUI, you can delete bad actors identified by Protect and delete in the SBC WebUI, as necessary.

Delete bad actors as follows:

  1. Access the WebUI.

  2. Click Settings > Security > Ribbon Protect Bad Actors.

  3. Select the checkbox next to the entry you wish to delete.

  4. In the left corner, click the Delete () icon. 

    Delete Bad Actors