RedMax EXtreme EX-LRT Anleitung zur Fehlerbehebung Seite 81
- Seite / 142
- Inhaltsverzeichnis
- FEHLERBEHEBUNG
- LESEZEICHEN
Bewertet. / 5. Basierend auf Kundenbewertungen
Oracle SBC Security Guide
Appendix G: Blacklisting with Local Routing Tables
Several industry groups such as the GSMA Fraud Forum and the Communications Fraud Control
Association (CFCA) track phone numbers and number prefixes that have been verified as participating in
various types of fraud. These numbers are published as a list for their members. Many organizations also
track numbers that abuse their network on a regular basis.
While it can be more of an art than a science, some customers wish to blacklist incoming or outgoing calls
based on a dialed number prefix, or the entire dialed number. While complex or expensive fraud
management solutions can be used, this Appendix provides a simple way to perform this blacklisting on
the SBC.
WARNING: This procedure will end up denying calls coming into your network. Be sure to test your
local route tables (LRT) in a test environment before deploying in production.
It is assumed that as calls have been sent to the SBC or as they enter the SBC that they will be
“normalized” by either the directly connected agent or an incoming HMR to match the local dial plan. For
example in North America it is necessary to include the leading “1” for NANP and remove the “011” for
calls outside of the NANP. If this is not possible, then the “011” can be pre-pended onto the number
matches in the LRT file.
Depending on what you are trying to prevent, you may want to check both the FROM and TO fields in
SIP messages. This same strategy can be used on your access realm, or even your core realm if you so
choose.
To create the blacklist for routing you need to:
1. Enter your FROM or TO blacklist numbers into one or more LRTs - and save them with an
“.xml” extension. Next gzip them (.gz format). A sample LRT format is found below.
2. Upload the .xml.gz file to the to SBC in the /code/lrt directory (which will need to be created the
first time)
3. Update SBC config as depicted below
Apply an LRT check for the SIP From and To headers as the first two policy-attributes on all incoming
realms, and on the core side if you want to detect outgoing fraudulent calls.
local-policy
from-address
*
to-address
*
source-realm
access
description
activate-time N/A
deactivate-time N/A
state enabled
policy-priority none
last-modified-date 2012-10-26 17:13:15
(The first policy checks the FROM field. Note that the .xml.gz file extension is not specified.)
- SECURITY GUIDE 1
- Contents 3
- Related Documentation 7
- Part 1: Overview 8
- Figure 1: Net-SAFE Framework 9
- General Security Principles 10
- Monitor System Activity 11
- Session Border Controller 13
- Unified Session Manager 14
- Core Session Manager 15
- Session Router 16
- Realm Design Considerations 16
- Management Interfaces 17
- Passwords 18
- Boot Flags 18
- System ACLs 19
- Telnet/SSH 19
- FTP/SFTP 19
- GUI Management 19
- Resiliency 20
- Physical Link Redundancy 21
- Part 3: Security Features 22
- Security Specific Licenses 24
- Features 26
- Configuring AAA Integration 27
- SIP Interface Security 28
- Service ACLs 29
- TLS for SIP 31
- IPsec for SIP 33
- Call Admission Control (CAC) 34
- Media Policing 35
- DoS/DDoS Prevention 35
- Attack Tool Prevention 36
- Lawful Interception 36
- Part 4: Appendices 37
- Appendix B: Port Matrix 38
- Configuration Models: 40
- Supported platforms 40
- Configuration Parameters 40
- Realm Configuration 41
- SIP Interface 41
- Observations/Limitations 49
- Overview 61
- Deployment Archetypes 61
- Scanner Mitigation 63
- Peering Environments 68
- IDS License Details 70
- Dependencies 70
- Statistics 71
- SNMP MIB OIDS 71
- SNMP Traps 72
- Constraints Limiting 75
- Session-Constraints 75
- Rate constraints 76
- Message Rejections 78
- SNMP support 79
- Log Action 79
- Blacklist Table Maintentance 86
- SNMP OIDs 88
- System Management Statistics 88
- Realm Statistics 89
- Environmental Statistics 90
- Enterprise SNMP Traps 90
- SNMP Traps in HA environment 93
- Appendix I: Syslog 94
- Call Detail Records (CDR) 102
- Oracle SBC Security Guide 103
- System Statistics 106
- Application Statistics 106
- Introduction 108
- SRTP Topologies 108
- Requirements 110
- Design Aspects 111
- Secured/Unsecured Network 114
- Troubleshooting 122
- References 142
Verwandte Produkte und Handbücher für Grasschneider RedMax EXtreme EX-LRT
Grasschneider RedMax EXZ2401S-BC Spezifikationen
(60 Seiten)
(60 Seiten)
Grasschneider RedMax GZ25N Spezifikationen
(32 Seiten)
(32 Seiten)
Grasschneider RedMax CHT2301 Spezifikationen
(36 Seiten)
(36 Seiten)
Grasschneider RedMax BC250 Spezifikationen
(52 Seiten)
(52 Seiten)
Grasschneider RedMax CHTZ2500 Spezifikationen
(36 Seiten)
(36 Seiten)
Grasschneider RedMax HE250F Wartungshandbuch
(26 Seiten)
(26 Seiten)
Grasschneider RedMax SRTZ2401F Spezifikationen
(56 Seiten)
(56 Seiten)
Grasschneider RedMax HE2601 Spezifikationen
(26 Seiten)
(26 Seiten)
Grasschneider RedMax CHTZ2400 Spezifikationen
(36 Seiten)
(36 Seiten)
Grasschneider RedMax BCZ3000SW Spezifikationen
(40 Seiten)
(40 Seiten)
Grasschneider RedMax HEZ2500F Spezifikationen
(36 Seiten)
(36 Seiten)
Grasschneider RedMax BCZ3001S Spezifikationen
(44 Seiten)
(44 Seiten)
Grasschneider RedMax CHT2200 Spezifikationen
(32 Seiten)
(32 Seiten)
Grasschneider RedMax LRT2300 Spezifikationen
(26 Seiten)
(26 Seiten)
Grasschneider RedMax EXtreme EX2-BC Spezifikationen
(112 Seiten)
(112 Seiten)
© 2020, manymanuals.de. Alle Rechte vorbehalten. | 0.061 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Kommentare zu diesen Handbüchern