Oracle® Communications EAGLE Database Administration - System Management User's Guide Release 46.6 E93319 Revision 1 |
|
![]() Previous |
![]() Next |
This procedure is used to configure the EAGLE to enhance its network security by discarding messages that should not be received. Four options are set using the chg-stpopts
command to support this feature.
SECMTPSID – The EAGLE should not receive a message where the OPC is equal to the EAGLE's own true, secondary or capability point codes.
SECMTPMATE – The EAGLE should not receive a message with the true, secondary, or capability point code of the mate STP other than across the C link.
SECMTPSNM – the EAGLE should not receive an MTP network management message unless:
The OPC is an adjacent point code
The EAGLE has a route to the OPC of the MTP network management message on the linkset which the message was received.
The EAGLE has a route to the destination field in the message (if applicable to the concerned message) on the linkset which the message was received.
SECMTPSCMG – the EAGLE should not receive an SCCP network management message unless:
The EAGLE has a route to the OPC of the SCMG message on the linkset, on which the message was received.
The EAGLE has a route to the affected point code in the message on the linkset on which the message was received.
This option will only apply to SSP and SOR messages. This feature will not affect the following messages: SSA, SST, SOG, SBR, SNR and SRT.
Each of these options have four values which determine how the EAGLE handles the messages controlled by the options.
NOTIFY – The specified option is active and UIMs are generated.
SILENT – The specified option is active, but no UIMs are generated.
TEST – The specified option is not active, but UIMS are generated as if the option was active.
OFF – The specified option is not active.
The system default value for each of these options is OFF.
To set these options, the Network Security Enhancements feature must be enabled and activated. This can be verified with the rtrv-ctrl-feat
command. To enable and activate the Network Security Enhancements feature, go to the Activating Controlled Features procedure.
If the Network Security Enhancements feature is not enabled and activated, the Network Security Enhancement options are not displayed in the rtrv-stpopts
output.
When the Network Security Enhancements feature is enabled and activated for the first time, each option is displayed in the rtrv-stpopts
output with the system default value (OFF). When the Network Security Enhancements feature is enabled and activated after the feature was disabled, each option is displayed in the rtrv-stpopts
output with the value that the option was assigned when the feature was disabled.
Figure 4-28 Configuring the Options for the Network Security Enhancements Feature