RedMax EXtreme EX-LRT Guía para resolver problemas Pagina 114
- Pagina / 142
- Tabla de contenidos
- SOLUCIÓN DE PROBLEMAS
- MARCADORES
Valorado. / 5. Basado en revisión del cliente
Oracle SBC Security Guide
The main aspects treated here focused on which traffic is desired under a realm, so each design needs to
consider the following, previous to any configuration:
1. SIP Traffic: SIP over UDP/TCP (unsecured transport) or over TLS (secured transport protocol).
2. Media Traffic: media over RTP, media over SRTP or media over both RTP and SRTP allowed at
the same time. This would differentiate the IP design, since:
a. For media over RTP only or SRTP only, just one IP address will be used for them
b. For media over both RTP/SRTP allowed at the same time, then the recommendation is to
use two different IPs on the same network-interface. One will send RTP traffic and the
other IP will be used for SRTP traffic. This should be considered for correct IP plan
under the network.
Secured/Unsecured Network
By default, the SBC considers that SIP traffic, when SRTP is configured, should run over secured
transport protocol, TLS. If this is not the case, the SBC needs to be instructed to allow SIP traffic over
non-secured transport protocol (UDP/TCP).
sip-interface
state enabled
realm-id access1
description
sip-port
address 11.0.0.11
port 5060
transport-protocol UDP
tls-profile
allow-anonymous all
ims-aka-profile
carriers
…
secured-network enabled
When secured-network is set to DISABLED under a sip-interface where SRTP is configured, the sip-
interface will only allow SIP over TLS. If SIP is received over UDP/TCP, the SBC will reject the call
with “488 Not Acceptable Here”.
When secured-network is set to ENABLED, the SBC understands the network is secured and it accepts
SIP traffic on UDP/TCP.
Media traffic
Every realm under the configuration should be instructed to the type of media that should handle whether
that be RTP only, SRTP only or both RTP and SRTP. For each realm, it can be differentiated between the
inbound and outbound media type, giving the flexibility of having different protocols for inbound or for
outbound.
The “mode” parameter under the media-sec-policy controls the media protocol defined for each
inbound/outbound flow under a realm.
RTP Only
The “mode” parameter under the inbound/outbound section of the media-sec-policy should be set to RTP.
In this case, no profile should be defined, and the protocol should be set to “None”.
- SECURITY GUIDE 1
- Contents 3
- Related Documentation 7
- Part 1: Overview 8
- Figure 1: Net-SAFE Framework 9
- General Security Principles 10
- Monitor System Activity 11
- Session Border Controller 13
- Unified Session Manager 14
- Core Session Manager 15
- Session Router 16
- Realm Design Considerations 16
- Management Interfaces 17
- Passwords 18
- Boot Flags 18
- System ACLs 19
- Telnet/SSH 19
- FTP/SFTP 19
- GUI Management 19
- Resiliency 20
- Physical Link Redundancy 21
- Part 3: Security Features 22
- Security Specific Licenses 24
- Features 26
- Configuring AAA Integration 27
- SIP Interface Security 28
- Service ACLs 29
- TLS for SIP 31
- IPsec for SIP 33
- Call Admission Control (CAC) 34
- Media Policing 35
- DoS/DDoS Prevention 35
- Attack Tool Prevention 36
- Lawful Interception 36
- Part 4: Appendices 37
- Appendix B: Port Matrix 38
- Configuration Models: 40
- Supported platforms 40
- Configuration Parameters 40
- Realm Configuration 41
- SIP Interface 41
- Observations/Limitations 49
- Overview 61
- Deployment Archetypes 61
- Scanner Mitigation 63
- Peering Environments 68
- IDS License Details 70
- Dependencies 70
- Statistics 71
- SNMP MIB OIDS 71
- SNMP Traps 72
- Constraints Limiting 75
- Session-Constraints 75
- Rate constraints 76
- Message Rejections 78
- SNMP support 79
- Log Action 79
- Blacklist Table Maintentance 86
- SNMP OIDs 88
- System Management Statistics 88
- Realm Statistics 89
- Environmental Statistics 90
- Enterprise SNMP Traps 90
- SNMP Traps in HA environment 93
- Appendix I: Syslog 94
- Call Detail Records (CDR) 102
- Oracle SBC Security Guide 103
- System Statistics 106
- Application Statistics 106
- Introduction 108
- SRTP Topologies 108
- Requirements 110
- Design Aspects 111
- Secured/Unsecured Network 114
- Troubleshooting 122
- References 142
Relacionado con productos y manuales para Cortadoras De Césped RedMax EXtreme EX-LRT
Cortadoras De Césped RedMax GZ25N Especificaciones
(32 paginas)
(32 paginas)
Cortadoras De Césped RedMax CHT2301 Especificaciones
(36 paginas)
(36 paginas)
Cortadoras De Césped RedMax BC250 Especificaciones
(52 paginas)
(52 paginas)
Cortadoras De Césped RedMax HE2601 Especificaciones
(26 paginas)
(26 paginas)
Cortadoras De Césped RedMax CHT2200 Especificaciones
(32 paginas)
(32 paginas)
Cortadoras De Césped RedMax LRT2300 Especificaciones
(26 paginas)
(26 paginas)
© 2020, manymanuals.es. Todos los derechos reservados | 0.030 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentarios a estos manuales