User's Manual 186 Document #: LTRT-10632
Mediant 800B Gateway & E-SBC
Parameter Description
Deny Threshold
deny-thr
[IDSRule_DenyThreshold]
Defines the threshold that if crossed, the device blocks (blacklists)
the remote host (attacker).
The default is -1 (i.e., not configured).
Note: The parameter is applicable only if the 'Threshold Scope'
parameter is set to IP or IP+Port.
Deny Period
deny-period
[IDSRule_DenyPeriod]
Defines the duration (in sec) to keep the attacker on the blacklist,
if configured using the 'Deny Threshold' parameter.
The valid range is 0 to 1,000,000. The default is -1 (i.e., not
configured).
Note: The parameter is applicable only if the 'Threshold Scope'
parameter is set to IP or IP+Port.
13.3.3 Assigning IDS Policies
The IDS Matches table lets you implement your configured IDS Policies. You do this by
assigning IDS Policies to any, or a combination of the following configuration entities:
SIP Interface: For detection of malicious attacks on specific SIP Interface(s). To
configure SIP Interfaces, see 'Configuring SIP Interfaces' on page
357.
Proxy Sets: For detection of malicious attacks from specified Proxy Set(s). To
configure Proxy Sets, see 'Configuring Proxy Sets' on page
380.
Subnet addresses: For detection of malicious attacks from specified subnet
addresses.
You can configure up to 20 IDS Policy-Matching rules.
The following procedure describes how to configure the IDS Match table through the Web
interface. You can also configure it through ini file (IDSMatch) or CLI (configure voip > ids
match).
To configure an IDS Policy-Matching rule:
1. Open the IDS Matches table (Setup menu > Signaling & Media tab > Intrusion
Detection folder > IDS Matches).
2. Click New; the following dialog box appears:
Figure 13-6: IDS Matches Table - Add Dialog Box
To Next Page
Loading...
