Beta Draft Confidential
Port Security Screening
Configuration Overview
ATM Services Configuration Guide for CBX 3500, CBX 500, GX 550, and B-STDX 9000 1/19/0520-5
Table 20-2 describes some examples using the port security screens.
Port Security Screening Sample Configuration
Once you assign security screens to a logical port, if you set the ingress and egress
screen modes to All Screens (Figure 20-4 on page 20-11), the port checks
incoming/outgoing SVCs for the matching criteria specified in each assigned screen.
If an SVC meets the criteria specified in at least one screen, then the SVC is screened
according to the action this screen recommends. The SVC is further checked for the
matching criteria of this screen’s default behavior. If it meets the matching criteria
specified in at least one of these screens, then the SVC exhibits the default behavior
(either pass or block).
Although you can apply multiple screens to a single port, the decision on whether the
port should block or pass an SVC is made based on:
• The combined effect of the default screens specified for the logical port.
• The security screens you assign to that port.
• The matching address criteria defined in each screen (if applicable).
If you set the ingress/egress screen mode to Default Screens, the port does not check
SVCs for the matching criteria specified in an assigned security screen. It takes the
action (either pass or block) specified in the Default Screen.
The following example provides a logical port configuration that blocks all incoming
SVCs, except incoming 1800 SVCs, with one additional exception. You want to block
all incoming SVCs that contain the 234 exchange number.
Table 20-2. Security Screens
SVC
Direction
Screen
Type
Calling
Address
Calling
Subaddress
Called
Address
Called
Subaddress
Description
Ingress Pass Ignore Ignore 1800*
Type: E.164
Ignore Pass all incoming calls to 1800
numbers.
Ingress Block Ignore Ignore 1800*
Type: E.164
Ignore Block all incoming calls to 1800
numbers.
Egress Block Ignore Ignore *
Type: E.164
Ignore Block all outgoing calls with E.164
called addresses.
Egress Block 15089700705
Type: E.164
Ignore 1908870*
Type: E.164
Ignore Block all calls to called address
1908870* from calling address
15089700705.
To Next Page
Loading...
Need help?
General
