Assigning Ids Policies - AudioCodes Mediant 1000B User Manual

Gateway & enterprise sbc

Hide thumbs Also See for Mediant 1000B:

User manual (1148 pages)

Hardware installation manual (92 pages)

Configuration note (52 pages)

Table of Contents

User's Manual

Major-Alarm Threshold

major-alrm-thr

[IDSRule_MajorAlarmThreshold]

Critical-Alarm Threshold

critical-alrm-thr

[IDSRule_CriticalAlarmThreshold]

Deny Threshold

[IDSRule_DenyThreshold]

[IDSRule_DenyPeriod]

13.3.3 Assigning IDS Policies

The IDS Matches table lets you implement your configured IDS Policies. You do this by

assigning IDS Policies to any, or a combination of the following configuration entities:

SIP Interface: For detection of malicious attacks on specific SIP Interface(s). To

configure SIP Interfaces, see ''Configuring SIP Interfaces'' on page 345.

Proxy Sets: For detection of malicious attacks from specified Proxy Set(s). To

configure Proxy Sets, see ''Configuring Proxy Sets'' on page 367.

Subnet addresses: For detection of malicious attacks from specified subnet

You can configure up to 20 IDS Policy-Matching rules.

The following procedure describes how to configure the IDS Match table through the Web

interface. You can also configure it through ini file (IDSMatch) or CLI (configure voip > ids

To configure an IDS Policy-Matching rule:

Open the IDS Matches table (Setup menu > Signaling & Media tab > Intrusion

Detection folder > IDS Matches).

Defines the threshold that if crossed a major severity alarm is

The valid range is 1 to 1,000,000. A value of 0 or -1 means not

Defines the threshold that if crossed a critical severity alarm is

The valid range is 1 to 1,000,000. A value of 0 or -1 means not

Defines the threshold that if crossed, the device blocks (blacklists)

the remote host (attacker).

The default is -1 (i.e., not configured).

Note: The parameter is applicable only if the 'Threshold Scope'

parameter is set to IP or IP+Port.

Defines the duration (in sec) to keep the attacker on the blacklist,

if configured using the 'Deny Threshold' parameter.

The valid range is 0 to 1,000,000. The default is -1 (i.e., not

configured).

Note: The parameter is applicable only if the 'Threshold Scope'

parameter is set to IP or IP+Port.

Mediant 1000B Gateway & E-SBC

13. Security

Show Quick Links

Quick Links:
Product Overview

Table of Contents

Assigning Ids Policies - AudioCodes Mediant 1000B User Manual

13.3.3 Assigning IDS Policies

Hide quick links:

Related Manuals for AudioCodes Mediant 1000B

Related Content for AudioCodes Mediant 1000B

Table of Contents