CHAPTER18 Core Entities
Mediant 800 Gateway & E-SBC | User's Manual
Parameter Description
■ The device performs Pre-Parsing Manipulation
before Pre-Classification Manipulation and
Classification.
'CAC Profile'
cac-profile
[SIPInterface_AdmissionProfile]
Assigns a Call Admission Control Profile (CAC rules)
to the SIP Interface.
By default, no value is defined.
To configure CAC Profiles, see Configuring Call
Admission Control on page778.
Classification
'Classification Failure Response
Type'
classification_fail_
response_type
[SIPInterface_
ClassificationFailureResponseType]
Defines the SIP response code that the device sends
if a received SIP request (OPTIONS, REGISTER, or
INVITE) fails the SBC Classification process.
The valid value can be a SIP response code from 400
through 699, or it can be set to 0 to not send any
response at all. The default response code is 500
(Server Internal Error).
This feature is important for preventing Denial of
Service (DoS) attacks, typically initiated from the
WAN. Malicious attackers can use SIP scanners to
detect ports used by SIP devices. These scanners
scan devices by sending UDP packets containing a
SIP request to a range of specified IP addresses,
listing those that return a valid SIP response. Once
the scanner finds a device that supports SIP, it
extracts information from the response and identifies
the type of device (IP address and name) and can
execute DoS attacks. A way to defend the device
against such attacks is to not send a SIP reject
response to these unclassified "calls" so that the
attacker assumes that no device exists at such an IP
address and port.
Note:
■ The parameter is applicable only if you configure
the device to reject unclassified calls, which is
done using the 'Unclassified Calls' parameter
(see Configuring Classification Rules).
■ The parameter is applicable only to the SBC
application.
'Pre Classification Manipulation Set
ID'
preclassification-manset
[SIPInterface_
PreClassificationManipulationSet]
Assigns a Message Manipulation Set ID to the SIP
Interface. This lets you apply SIP message
manipulation rules on incoming SIP initiating-dialog
request messages (not in-dialog), received on this
SIP Interface, prior to the Classification process.
By default, no Message Manipulation Set ID is
defined.
To configure Message Manipulation rules, see
Configuring SIP Message Manipulation.
- 355 -
To Next Page
Loading...
