RedMax EXtreme EX-LRT Anleitung zur Fehlerbehebung Seite 108
- Seite / 142
- Inhaltsverzeichnis
- FEHLERBEHEBUNG
- LESEZEICHEN
Bewertet. / 5. Basierend auf Kundenbewertungen
Oracle SBC Security Guide
Appendix L: SRTP Configuration and Troubleshooting
Introduction
The Secure Real-time Transport Protocol (SRTP) provides encryption and authentication for the call
content and call signaling streams. Authentication provides assurance that packets are from the purported
source, and that the packets have not been tampered with during transmission. Encryption provides
assurance that the call content and associated signaling has remained private during transmission.
SRTP/SDES-MIKEY is supported on the Net-Net 3800 and 4500 SBC.
RTP and RTCP traffic are encrypted as described in RFC 3711: The Secure Real-time Transport Protocol
(SRTP). The negotiation and establishment of keys and other cryptographic materials that support SRTP
is described in RFC 4568: Session Description Protocol (SDP) Security Description for Media Streams.
Cryptographic parameters are established with only a single message or in single round-trip exchange
using the offer/answer model defined in RFC 3264: An Offer/Answer Model with the Session Description
Protocol.
MIKEY defined in RFC 3830, and Session Description Protocol Security Descriptions for Media Streams
(SDES), defined in RFC 4568, provide alternative methods for creating keys used to encrypt Real-time
Transport Protocol (RTP) and Real-time Transport Control Protocol (RTCP) transactions.
This document should be used as a base reference only, outlining procedures to configure SRTP on the
SBC node from its base configuration. An Oracle Systems Engineer should be consulted with regards to
specific concerns as they apply to customer specific SBC configurations.
This document is based on features available in S-CX6.2.0m2 software release, unless noted otherwise,
and refers to other Oracle documentation for configuration detail. Configuration guides are available for
download from the Oracle Customer Support Portal (https://support.acmepacket.com). Please contact
your Oracle Systems Engineer for Best Current Practice (BCP) documentation.
SRTP Topologies
End-to-end SRTP was supported in previous releases, and the SBC was transparent to the SRTP key
negotiation and the SRTP flow. It was just adding its own IP to the media path and then relaying the
SRTP packets as it does with RTP flows, so in terms of functionality, RTP and SRTP caused no
difference in the SBC configuration and functionality.
However, release S-CX6.2.0 and higher includes support for termination of SRTP. This includes special
configuration and treatment of RTP and SRTP flows.
SRTP topologies can be reduced to three basic topologies:
Single Ended SRTP Termination
SRTP enabled on inbound interface, disabled on outbound interface (or vice versa)
- SECURITY GUIDE 1
- Contents 3
- Related Documentation 7
- Part 1: Overview 8
- Figure 1: Net-SAFE Framework 9
- General Security Principles 10
- Monitor System Activity 11
- Session Border Controller 13
- Unified Session Manager 14
- Core Session Manager 15
- Session Router 16
- Realm Design Considerations 16
- Management Interfaces 17
- Passwords 18
- Boot Flags 18
- System ACLs 19
- Telnet/SSH 19
- FTP/SFTP 19
- GUI Management 19
- Resiliency 20
- Physical Link Redundancy 21
- Part 3: Security Features 22
- Security Specific Licenses 24
- Features 26
- Configuring AAA Integration 27
- SIP Interface Security 28
- Service ACLs 29
- TLS for SIP 31
- IPsec for SIP 33
- Call Admission Control (CAC) 34
- Media Policing 35
- DoS/DDoS Prevention 35
- Attack Tool Prevention 36
- Lawful Interception 36
- Part 4: Appendices 37
- Appendix B: Port Matrix 38
- Configuration Models: 40
- Supported platforms 40
- Configuration Parameters 40
- Realm Configuration 41
- SIP Interface 41
- Observations/Limitations 49
- Overview 61
- Deployment Archetypes 61
- Scanner Mitigation 63
- Peering Environments 68
- IDS License Details 70
- Dependencies 70
- Statistics 71
- SNMP MIB OIDS 71
- SNMP Traps 72
- Constraints Limiting 75
- Session-Constraints 75
- Rate constraints 76
- Message Rejections 78
- SNMP support 79
- Log Action 79
- Blacklist Table Maintentance 86
- SNMP OIDs 88
- System Management Statistics 88
- Realm Statistics 89
- Environmental Statistics 90
- Enterprise SNMP Traps 90
- SNMP Traps in HA environment 93
- Appendix I: Syslog 94
- Call Detail Records (CDR) 102
- Oracle SBC Security Guide 103
- System Statistics 106
- Application Statistics 106
- Introduction 108
- SRTP Topologies 108
- Requirements 110
- Design Aspects 111
- Secured/Unsecured Network 114
- Troubleshooting 122
- References 142
Verwandte Produkte und Handbücher für Grasschneider RedMax EXtreme EX-LRT
Grasschneider RedMax EXZ2401S-BC Spezifikationen
(60 Seiten)
(60 Seiten)
Grasschneider RedMax GZ25N Spezifikationen
(32 Seiten)
(32 Seiten)
Grasschneider RedMax CHT2301 Spezifikationen
(36 Seiten)
(36 Seiten)
Grasschneider RedMax BC250 Spezifikationen
(52 Seiten)
(52 Seiten)
Grasschneider RedMax CHTZ2500 Spezifikationen
(36 Seiten)
(36 Seiten)
Grasschneider RedMax HE250F Wartungshandbuch
(26 Seiten)
(26 Seiten)
Grasschneider RedMax SRTZ2401F Spezifikationen
(56 Seiten)
(56 Seiten)
Grasschneider RedMax HE2601 Spezifikationen
(26 Seiten)
(26 Seiten)
Grasschneider RedMax CHTZ2400 Spezifikationen
(36 Seiten)
(36 Seiten)
Grasschneider RedMax BCZ3000SW Spezifikationen
(40 Seiten)
(40 Seiten)
Grasschneider RedMax HEZ2500F Spezifikationen
(36 Seiten)
(36 Seiten)
Grasschneider RedMax BCZ3001S Spezifikationen
(44 Seiten)
(44 Seiten)
Grasschneider RedMax CHT2200 Spezifikationen
(32 Seiten)
(32 Seiten)
Grasschneider RedMax LRT2300 Spezifikationen
(26 Seiten)
(26 Seiten)
Grasschneider RedMax EXtreme EX2-BC Spezifikationen
(112 Seiten)
(112 Seiten)
© 2020, manymanuals.de. Alle Rechte vorbehalten. | 0.074 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Kommentare zu diesen Handbüchern