Denial of Service Protection

This section explains the Denial of Service (DoS) protection for the Oracle® Enterprise Session Border Controller. The Oracle® Enterprise Session Border Controller DoS protection functionality protects softswitches and gateways with overload protection, dynamic and static access control, and trusted device classification and separation at Layers 3-5. The Oracle® Enterprise Session Border Controller itself is protected from signaling and media overload, but more importantly the feature allows legitimate, trusted devices to continue receiving service even during an attack. DoS protection prevents the Oracle® Enterprise Session Border Controller host processor from being overwhelmed by a targeted DoS attack from the following:

  • IP packets from an untrusted source as defined by provisioned or dynamic ACLs
  • IP packets for unsupported or disabled protocols
  • Nonconforming/malformed (garbage) packets to signaling ports
  • Volume-based attack (flood) of valid or invalid call requests, signaling messages, and so on.
  • Overload of valid or invalid call requests from legitimate, trusted sources

The following diagram illustrates DoS protection applied to the softswitch and to the Oracle® Enterprise Session Border Controller.

Previous
Previous 		Next
Next
Go To Table Of Contents
Contents