RedMax EXtreme EX-LRT Instrukcja Naprawy Strona 64
- Strona / 142
- Spis treści
- ROZWIĄZYWANIE PROBLEMÓW
- BOOKMARKI
Oceniono. / 5. Na podstawie oceny klientów
Oracle SBC Security Guide
Basic DDoS configuration settings are outlined in the other appendices. However, for the best DDoS
protection, the configuration should be customized based on the customer environment and the traffic
levels they actually receive.
DoS settings that help mitigate SIP scanning risks are also depicted below.
Header Manipulation Rules for Scanner Mitigation
SIP Header Manipulation Rule Logic
One way to drop all packets sent from an endpoint running an SIP scanner is to use a combination of SIP
Manipulation Rules in conjunction with a dummy Session Agent. In this case, a dummy session agent is
defined that is not an externally routable target.
As a message enters the SBC it is passed by the SIP interface to the incoming HMR. The HMR applies a
regular expression against the message to determine if it is a scanning tool. If there is a match, the HMR
can take action to mark it as invalid by inserting an additional route header and forwarding it to a
“dummy” session agent. Provisioning the dummy session agent with the state disabled will cause the call
to be refused. Custom mapping this to a unique error response can in turn be used in conjunction with a
sip-interface option configurable to drop specific error responses.
Below is a flow diagram of how a SIP REGISTER message with a User-Agent header of “friendly-
scanner” will be dropped.
REGISTER Message
User-Agent: friendly-scanner
SIP Interface – drop response
Access Realm
Core Realm
hostname 10.12.13.14
State disabled
local-response-map 503Rogue
Inbound Realm
SIP Manipulation Rule
if “User-Agent: friendly-scanner”
Add a new Route header
"< sip:10.12.13.14;lr >"
Session Agent
Create to dummy
address specified in
the HMR added
Route header.
Disable to create
“503” response
SIP Response Map
503Rogue
503 -> 677 (Rogue)
Drop
Options
dropResponse=677
SIP Interface
Map the “503”
response to a new
response code
“677”, that can be
dropped at the
access SIP
Interface
Configure options to
drop all “677”
responses
- SECURITY GUIDE 1
- Contents 3
- Related Documentation 7
- Part 1: Overview 8
- Figure 1: Net-SAFE Framework 9
- General Security Principles 10
- Monitor System Activity 11
- Session Border Controller 13
- Unified Session Manager 14
- Core Session Manager 15
- Session Router 16
- Realm Design Considerations 16
- Management Interfaces 17
- Passwords 18
- Boot Flags 18
- System ACLs 19
- Telnet/SSH 19
- FTP/SFTP 19
- GUI Management 19
- Resiliency 20
- Physical Link Redundancy 21
- Part 3: Security Features 22
- Security Specific Licenses 24
- Features 26
- Configuring AAA Integration 27
- SIP Interface Security 28
- Service ACLs 29
- TLS for SIP 31
- IPsec for SIP 33
- Call Admission Control (CAC) 34
- Media Policing 35
- DoS/DDoS Prevention 35
- Attack Tool Prevention 36
- Lawful Interception 36
- Part 4: Appendices 37
- Appendix B: Port Matrix 38
- Configuration Models: 40
- Supported platforms 40
- Configuration Parameters 40
- Realm Configuration 41
- SIP Interface 41
- Observations/Limitations 49
- Overview 61
- Deployment Archetypes 61
- Scanner Mitigation 63
- Peering Environments 68
- IDS License Details 70
- Dependencies 70
- Statistics 71
- SNMP MIB OIDS 71
- SNMP Traps 72
- Constraints Limiting 75
- Session-Constraints 75
- Rate constraints 76
- Message Rejections 78
- SNMP support 79
- Log Action 79
- Blacklist Table Maintentance 86
- SNMP OIDs 88
- System Management Statistics 88
- Realm Statistics 89
- Environmental Statistics 90
- Enterprise SNMP Traps 90
- SNMP Traps in HA environment 93
- Appendix I: Syslog 94
- Call Detail Records (CDR) 102
- Oracle SBC Security Guide 103
- System Statistics 106
- Application Statistics 106
- Introduction 108
- SRTP Topologies 108
- Requirements 110
- Design Aspects 111
- Secured/Unsecured Network 114
- Troubleshooting 122
- References 142
Powiązane produkty i podręczniki dla Podkaszarki do trawy RedMax EXtreme EX-LRT
Podkaszarki do trawy RedMax GZ25N Dokumentacja
(32 strony)
(32 strony)
Podkaszarki do trawy RedMax CHT2301 Dokumentacja
(36 strony)
(36 strony)
Podkaszarki do trawy RedMax BC250 Dokumentacja
(52 strony)
(52 strony)
Podkaszarki do trawy RedMax HE2601 Dokumentacja
(26 strony)
(26 strony)
Podkaszarki do trawy RedMax CHT2200 Dokumentacja
(32 strony)
(32 strony)
Podkaszarki do trawy RedMax LRT2300 Dokumentacja
(26 strony)
(26 strony)
© 2020, manymanuals.pl. Wszelkie prawa zastrzeżone. | 0.044 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Komentarze do niniejszej Instrukcji