Configuring General Security Settings; Intrusion Detection System - AudioCodes Mediant 1000 User Manual

User's Manual
13.2

Configuring General Security Settings

The device uses TLS over TCP to encrypt and optionally, authenticate SIP messages. This
is referred to as Secure SIP (SIPS). SIPS uses the X.509 certificate exchange process, as
described in ''Configuring SSL/TLS Certificates'' on page 103, where you need to configure
certificates (TLS Context).
Note:
also responds using TLS, regardless of whether or not TLS was configured.

To configure SIPS:
1. Configure a TLS Context as required (see ''Configuring TLS Certificate Contexts'' on
page 103).
2. Assign the TLS Context to a Proxy Set or SIP Interface (see ''Configuring Proxy Sets''
on page 346 and ''Configuring SIP Interfaces'' on page 326, respectively).
3. Configure a SIP Interface with a TLS port number.
4. Configure various SIPS parameters in the Security Settings page (Setup menu > IP
Network tab > Security folder > Security Settings).
For a description of the TLS parameters, see ''TLS Parameters'' on page 965.
5. By default, the device initiates a TLS connection only for the next network hop. To
enable TLS all the way to the destination (over multiple hops), configure the 'Enable
SIPS' (EnableSIPS) parameter to Enable on the Transport Settingspage (Setup menu
> Signaling & Media tab > SIP Definitions folder > Transport Settings):
13.3

Intrusion Detection System

The device's Intrusion Detection System (IDS) feature detects malicious attacks on the
device and reacts accordingly. A remote host is considered malicious if it has reached or
exceeded a user-defined threshold (counter) of specified malicious attacks.
If malicious activity is detected, the device can do the following:
Version 7.2
When a TLS connection with the device is initiated by a SIP client, the device
Figure 13-2: Configuring TLS
167 Mediant 1000B Gateway & E-SBC
13. Security