Views
3 years ago

nn48111-111_09.02_10.3_experius_as_product_description

nn48111-111_09.02_10.3_experius_as_product_description

184 SecuritySIP Denial

184 SecuritySIP Denial of Service mitigationSIP Denial of Service (DoS) attacks have a serious impact on systemperformance. To protect the AS system, the Session Manager monitorsrepeated SIP requests to the Session Manager, IP Client Manager,Provisioning Client, and Personal Agent. After the configured thresholdnumber of requests is exceeded, subsequent requests are temporarilyblocked and the AS drops all SIP requests from the request source. Theactivity from the particular IP address is blocked for a configurable amountof time before access is restored.Use the System Management Console to configure the threshold detectionand lockout characteristics for the Session Manager, IP Client Manager,Provisioning Client, and Personal Agent. Alarms and logs are generated atcertain thresholds. OMs are also pegged.EncryptionWeb transactions for the Provisioning Client and Personal Agent usesecure socket layer (SSL) for authentication, data confidentiality, and dataintegrity protection. As well, the use of digital certificates improves security.SIP interface transactions can be protected by TLS, which ensuresintegrity, authentication, and confidentiality.Authentication, password, and user managementThe AS uses authentication to confirm the identity of the users. Each userand administrator logs in with a user name and password. Log on rulespermit the administrator to specify the following items for each useraccount:• idle session timeout• maximum number of time a user can log on after a password expires• number of failed log on attempts permitted before the account is locked• duration of the lock out, which includes the requirement for anadministrator to unlock the accountPasswords for users and administrators are encrypted before they arestored in the database. The passwords are used for authentication by theSystem Management Console, the Provisioning Client, and the PersonalAgent. Password rules are configured using the System ManagementConsole. The rules specify• minimum password length• minimum number of lowercase letters• minimum number of uppercase characters• minimum number of digits15 August 2014 EXPERiUS Application Server NN48111-111 09.02Copyright © 2010-2014 GENBAND. All Rights Reserved.

Security 185• minimum number of nondigit (special) characters• password history (number of passwords stored, used to ensure thatpasswords are not reused)• whether a user name can form part of the associated password• password expiry• password minimum life• password expiry notificationLogs are generated after an administrator accesses (successfully orunsuccessfully) the System Management Console or the ProvisioningClient, or uses the Open Provisioning Interface. The AS system alsogenerates logs after passwords are changed.User administration provides the ability to:• create or delete a user account• assign a role to a user• force the user to change the password on next log on• designate a user password to never expire• enable or disable a user account• unlock a user account if it becomes locked due to failed log on attempts• view the last time a user logged onAccess controlAS controls access using IPsec.AS uses Transport Layer Security (TLS) to secure the signaling interfacesto:• MG3200 PRI Gateway• IAD clients• GENCom for Windows• Media Application ServerThe IPCM and IP Phones communicate using Secure UNIStim.AttentionThe secure debug port is for GENBAND use only. A log is generated every timethe port is accessed.15 August 2014 Product Description NN48111-111 09.02Copyright © 2010-2014 GENBAND. All Rights Reserved.

StoneFly HSC Series
IPECS-MG - B2B International
ř Pricing Information Corporate Fixed Voice - O2
PREPAID'S NEW CALLING CARD
The Dotcom Boom, 10 Years After - Wired
Solution - Ingram Micro
Developing software for IVI and the connected car
BLACKBERRY ENTERPRISE SERVER ... - Computerworld
Nexus8620 Brochure - EN4TEL
A Seamless Migration from WiMAX to LTE Using ... - Sonus Networks
GV-CMS Series
The_Internet_How_it_Works
FORGET - Pharmacy 4 Less
PDF download - ZTE
Wyse® X class™ - Thin Client LAB
Download Brochure - Brother
PDF - TESS - Smartronix
MM-MobileMix-August2.. - Prepaid MVNO
AX2mobile Newsletter August 2009 - ERP2mobile
2002 Local Negotiations - Branch 3825
Annual Report 2065/066 - Nepal Telecom
2 - Hewlett-Packard
Gtr11
Nokia Mobile VPN Web-based configuration for Symbian devices
Lalcode service For Bangladesh