AudioCodes Mediant 3000 User Manual page 181
Media gateway & enterprise session border
controller (e-sbc)
Hide thumbs
Also See for Mediant 3000:
- User manual (984 pages) ,
- Installation manual (90 pages) ,
- Hardware installation manual (88 pages)
Table of Contents
Advertisement
User's Manual
6.
Click Add; the following dialog box appears:
The figure above shows a configuration example. If 15 malformed SIP messages are
received within a period of 30 seconds, a minor alarm is sent. Every 30 seconds, the
rule's counters are cleared. In addition, if more than 25 malformed SIP messages are
received within this period, the device blacklists the remote IP host from where the
messages were received for 60 seconds.
7.
Configure an IDS Rule according to the parameters described in the table below.
8.
Click Add, and then save ("burn") your settings to flash memory.
Parameter
Index
[IDSRule_RuleID]
Reason
[IDSRule_Reason]
Version 7.0
Figure 14-6: IDS Rule Table - Add Record
Table 14-4: IDS Rule Table Parameter Descriptions
Defines an index number for the new table record.
Defines the type of intrusion attack (malicious event).
[0] Any = All events listed below are considered as attacks and are
counted together.
[1] Connection abuse = (Default) TLS authentication failure.
[2] Malformed message =
Message exceeds a user-defined maximum message length
(50K)
Any SIP parser error
Message Policy match (see ''Configuring SIP Message Policy
Rules'')
Basic headers not present
Content length header not present (for TCP)
Header overflow
[3] Authentication failure =
Local authentication ("Bad digest" errors)
Remote authentication (SIP 401/407 is sent if original
message includes authentication)
[4] Dialog establish failure =
Description
181
14. Security
Mediant 3000
Advertisement
Table of Contents
