RedMax EXtreme EX-LRT Anleitung zur Fehlerbehebung Seite 121
- Seite / 142
- Inhaltsverzeichnis
- FEHLERBEHEBUNG
- LESEZEICHEN
Bewertet. / 5. Basierend auf Kundenbewertungen
Oracle SBC Security Guide
To simplify the use of this BCP, no other elements are configured in this case, so no redundancy or DDoS
prevention are configured in the configurations exposed. The configurations follow the guides of BCP for
access (using policy based realm bridging) and peering scenarios. For TLS, it is assumed single-side
authentication in all cases.
The configurations presented use SDES mechanism for SRTP encryption. If MIKEY is desired, the
configurations presented still apply, only the mikey-profile should apply instead of the sdes-profile for the
configuration, however consider that SDES-MIKEY interworking is currently not supported. No SRTP
pass-through cases are presented here, as there is nothing required for the SBC to be transparent to the
SRTP negotiation end-to-end.
Single-Ended SRTP Termination on secured networks.
This is the typical access scenario where SRTP is deployed completely in the access network, allowing
the users to use TLS for SIP and SRTP for media. In the core network, UDP is used for SIP and RTP is
used for media.
The IP used for SIP and SRTP in the SBC in the access network is 172.18.1.71, and the IP used for SIP
and RTP in the core network is 172.18.2.71. The SIP Registrar/Proxy in the core network is in
172.18.2.100.
In this case, secured-network is set to DISABLED under the access sip-interface and ENABLED on the
core sip-interface. Two security-policies are configured, one for SRTP and one that creates the exception
for SIP signaling. Also, two media-sec-policies are created, one in the access network with mode=SRTP
and one in the core with mode=RTP.
RTP and Single-Ended SRTP Termination on unsecured networks.
This is a very common architecture, where both RTP and SRTP endpoints reside in the access network,
especially while in transition from RTP to SRTP. This means that both UDP/RTP and TLS/SRTP can be
present in the access network. In the core network, UDP for SIP and RTP for media will be used.
In this case, in the access network we will use 172.18.1.71 for SIP traffic (UDP and TLS) and also for
RTP traffic. 172.18.1.72 will be used for SRTP traffic. In the core network, 172.18.2.71 will be used for
SIP and RTP. The SIP Proxy/Registrar uses 172.18.2.100.
- SECURITY GUIDE 1
- Contents 3
- Related Documentation 7
- Part 1: Overview 8
- Figure 1: Net-SAFE Framework 9
- General Security Principles 10
- Monitor System Activity 11
- Session Border Controller 13
- Unified Session Manager 14
- Core Session Manager 15
- Session Router 16
- Realm Design Considerations 16
- Management Interfaces 17
- Passwords 18
- Boot Flags 18
- System ACLs 19
- Telnet/SSH 19
- FTP/SFTP 19
- GUI Management 19
- Resiliency 20
- Physical Link Redundancy 21
- Part 3: Security Features 22
- Security Specific Licenses 24
- Features 26
- Configuring AAA Integration 27
- SIP Interface Security 28
- Service ACLs 29
- TLS for SIP 31
- IPsec for SIP 33
- Call Admission Control (CAC) 34
- Media Policing 35
- DoS/DDoS Prevention 35
- Attack Tool Prevention 36
- Lawful Interception 36
- Part 4: Appendices 37
- Appendix B: Port Matrix 38
- Configuration Models: 40
- Supported platforms 40
- Configuration Parameters 40
- Realm Configuration 41
- SIP Interface 41
- Observations/Limitations 49
- Overview 61
- Deployment Archetypes 61
- Scanner Mitigation 63
- Peering Environments 68
- IDS License Details 70
- Dependencies 70
- Statistics 71
- SNMP MIB OIDS 71
- SNMP Traps 72
- Constraints Limiting 75
- Session-Constraints 75
- Rate constraints 76
- Message Rejections 78
- SNMP support 79
- Log Action 79
- Blacklist Table Maintentance 86
- SNMP OIDs 88
- System Management Statistics 88
- Realm Statistics 89
- Environmental Statistics 90
- Enterprise SNMP Traps 90
- SNMP Traps in HA environment 93
- Appendix I: Syslog 94
- Call Detail Records (CDR) 102
- Oracle SBC Security Guide 103
- System Statistics 106
- Application Statistics 106
- Introduction 108
- SRTP Topologies 108
- Requirements 110
- Design Aspects 111
- Secured/Unsecured Network 114
- Troubleshooting 122
- References 142
Verwandte Produkte und Handbücher für Grasschneider RedMax EXtreme EX-LRT
Grasschneider RedMax EXZ2401S-BC Spezifikationen
(60 Seiten)
(60 Seiten)
Grasschneider RedMax GZ25N Spezifikationen
(32 Seiten)
(32 Seiten)
Grasschneider RedMax CHT2301 Spezifikationen
(36 Seiten)
(36 Seiten)
Grasschneider RedMax BC250 Spezifikationen
(52 Seiten)
(52 Seiten)
Grasschneider RedMax CHTZ2500 Spezifikationen
(36 Seiten)
(36 Seiten)
Grasschneider RedMax HE250F Wartungshandbuch
(26 Seiten)
(26 Seiten)
Grasschneider RedMax SRTZ2401F Spezifikationen
(56 Seiten)
(56 Seiten)
Grasschneider RedMax HE2601 Spezifikationen
(26 Seiten)
(26 Seiten)
Grasschneider RedMax CHTZ2400 Spezifikationen
(36 Seiten)
(36 Seiten)
Grasschneider RedMax BCZ3000SW Spezifikationen
(40 Seiten)
(40 Seiten)
Grasschneider RedMax HEZ2500F Spezifikationen
(36 Seiten)
(36 Seiten)
Grasschneider RedMax BCZ3001S Spezifikationen
(44 Seiten)
(44 Seiten)
Grasschneider RedMax CHT2200 Spezifikationen
(32 Seiten)
(32 Seiten)
Grasschneider RedMax LRT2300 Spezifikationen
(26 Seiten)
(26 Seiten)
Grasschneider RedMax EXtreme EX2-BC Spezifikationen
(112 Seiten)
(112 Seiten)
© 2020, manymanuals.de. Alle Rechte vorbehalten. | 0.490 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Kommentare zu diesen Handbüchern