CHAPTER 14 Security
●
●
➢
To configure SIPS:
1.
Configure a TLS Context as required (see
2.
Assign the TLS Context to a Proxy Set or SIP Interface (see
Configuring SIP
3.
Configure a SIP Interface with a TLS port number.
4.
Configure various SIPS parameters in the Security Settings page (Setup menu > IP Network
tab > Security folder > Security Settings).
For a description of the TLS parameters, see
5.
By default, the device initiates a TLS connection only for the next network hop. To enable TLS
all the way to the destination (over multiple hops), configure the 'SIPS' (EnableSIPS)
parameter to Enable on the Transport Settings page (Setup menu > Signaling & Media tab >
SIP Definitions folder > Transport Settings):
When a TLS connection with the device is initiated by a SIP client, the device also
responds using TLS, regardless of whether or not TLS was configured.
The device regulates the number of new concurrent TLS connections that can be
established per second. This protects the device from flooding (avalanches) of new
TLS connections which may be caused from TLS-based malicious attacks or
distributed denial-of-service (DDoS) attacks.
Interfaces, respectively).
Configuring TLS Certificate
Configuring Proxy Sets
TLS
Parameters.
- 144 -
Mediant 4000 SBC | User's Manual
Contexts).
and