3 years ago



184 SecuritySIP Denial

184 SecuritySIP Denial of Service mitigationSIP Denial of Service (DoS) attacks have a serious impact on systemperformance. To protect the AS system, the Session Manager monitorsrepeated SIP requests to the Session Manager, IP Client Manager,Provisioning Client, and Personal Agent. After the configured thresholdnumber of requests is exceeded, subsequent requests are temporarilyblocked and the AS drops all SIP requests from the request source. Theactivity from the particular IP address is blocked for a configurable amountof time before access is restored.Use the System Management Console to configure the threshold detectionand lockout characteristics for the Session Manager, IP Client Manager,Provisioning Client, and Personal Agent. Alarms and logs are generated atcertain thresholds. OMs are also pegged.EncryptionWeb transactions for the Provisioning Client and Personal Agent usesecure socket layer (SSL) for authentication, data confidentiality, and dataintegrity protection. As well, the use of digital certificates improves security.SIP interface transactions can be protected by TLS, which ensuresintegrity, authentication, and confidentiality.Authentication, password, and user managementThe AS uses authentication to confirm the identity of the users. Each userand administrator logs in with a user name and password. Log on rulespermit the administrator to specify the following items for each useraccount:• idle session timeout• maximum number of time a user can log on after a password expires• number of failed log on attempts permitted before the account is locked• duration of the lock out, which includes the requirement for anadministrator to unlock the accountPasswords for users and administrators are encrypted before they arestored in the database. The passwords are used for authentication by theSystem Management Console, the Provisioning Client, and the PersonalAgent. Password rules are configured using the System ManagementConsole. The rules specify• minimum password length• minimum number of lowercase letters• minimum number of uppercase characters• minimum number of digits15 August 2014 EXPERiUS Application Server NN48111-111 09.02Copyright © 2010-2014 GENBAND. All Rights Reserved.

Security 185• minimum number of nondigit (special) characters• password history (number of passwords stored, used to ensure thatpasswords are not reused)• whether a user name can form part of the associated password• password expiry• password minimum life• password expiry notificationLogs are generated after an administrator accesses (successfully orunsuccessfully) the System Management Console or the ProvisioningClient, or uses the Open Provisioning Interface. The AS system alsogenerates logs after passwords are changed.User administration provides the ability to:• create or delete a user account• assign a role to a user• force the user to change the password on next log on• designate a user password to never expire• enable or disable a user account• unlock a user account if it becomes locked due to failed log on attempts• view the last time a user logged onAccess controlAS controls access using IPsec.AS uses Transport Layer Security (TLS) to secure the signaling interfacesto:• MG3200 PRI Gateway• IAD clients• GENCom for Windows• Media Application ServerThe IPCM and IP Phones communicate using Secure UNIStim.AttentionThe secure debug port is for GENBAND use only. A log is generated every timethe port is accessed.15 August 2014 Product Description NN48111-111 09.02Copyright © 2010-2014 GENBAND. All Rights Reserved.

Nexus8620 Brochure - EN4TEL
ITS enables network operator differentiation through value-added ...
A Seamless Migration from WiMAX to LTE Using ... - Sonus Networks
Nokia Mobile VPN Web-based configuration for Symbian devices
Lalcode service For Bangladesh
Feature Overview - Wiki
Investigations Involving the Internet and Computer Networks
2012_Tableau_ODK_Sli.. - Yaw Anokwa
DynaStar Maintenance Management News - Coe Manufacturing Co.
March 2010 - Coe Manufacturing Co.
Now available - The new LG-Nortel IP System range - Wood ...
HP-UX Security Features - OpenMPE
Free Avaya 7003 Braindumps - Pass 7003 Exam - Dumps4download
AccuROAM Mobile Client Product Overview.pdf - Accuris Networks
70-412 VCE Dumps
ERI's 2006 - ERI Economic Research Institute