Whitelist Learning

You can build your whitelist configuration based on the learning capabilities of the Oracle Communications Session Border Controller. When you enable the Oracle Communications Session Border Controller learning mode, it acquires the knowledge of the allowable elements (headers and parameters) currently incoming to your network. The Oracle Communications Session Border Controller collects the information about the headers received and the parameters that exist within each header. The information continues to be gathered until you disable the learning mode.

Once you disable the learning mode, the Oracle Communications Session Border Controller prompts you to enter a name for the allowed-elements-profile. If the profile name you entered does not exist, the captured information is written to the new allowed-elements-profile configuration. The administrator can then make changes to the configuration as applicable, save the configuration, and apply it to a logical remote entity.

The new allowed-elements-profile does not contain any wildcard rules. The Oracle Communications Session Border Controller cannot generate wildcard headers and parameters during the learning mode. The Methods object is populated from the list of methods seen by the Oracle Communications Session Border Controller while learning.

Note:

Oracle recommends running the learning mode during off-peak and/or light traffic times. This mode can operate in conjunction with the execution of an allowed-elements-profile. The learning occurs just before any configured allowed-elements-profile configuration.

Whitelist Learning Configuration

The ACLI interface provides two commands that allow a Superuser to start and stop whitelist learning on the Oracle Communications Session Border Controller:

Command	Description
start <argument> <options>	Starts whitelist learning on the Oracle Communications Session Border Controller. You must specify the argument learn-allowed-elements with this command to start the learning operation. Optionally, you can use method, msg-type, and params after the argument.
stop <argument> <identifier>	Stops the whitelist learning on the Oracle Communications Session Border Controller and writes the learned configuration to the editing configuration on the Oracle Communications Session Border Controller where it is saved and activated. You must specify the argument learn-allowed-elements with this command to stop the learning operation. You must specify a unique identifier that identifies the allowed-elements-profile name. If you specify an identifier name that already exists as a profile, the ACLI returns an error message and prompts you to enter a different name.

Command

Description

start <argument> <options>

Starts whitelist learning on the Oracle Communications Session Border Controller.

You must specify the argument learn-allowed-elements with this command to start the learning operation.

Optionally, you can use method, msg-type, and params after the argument.

stop <argument> <identifier>

Stops the whitelist learning on the Oracle Communications Session Border Controller and writes the learned configuration to the editing configuration on the Oracle Communications Session Border Controller where it is saved and activated.

You must specify the argument learn-allowed-elements with this command to stop the learning operation.

You must specify a unique identifier that identifies the allowed-elements-profile name.

If you specify an identifier name that already exists as a profile, the ACLI returns an error message and prompts you to enter a different name.

You can use these commands at the top level ACLI prompt as required on the Oracle Communications Session Border Controller.

You use these commands with the argument, learn-allowed-elements to start/stop the whitelist learning feature. By default, the learning mode creates a single rule-set under which all of the headers and their respective parameters are stored.

For example:

ORACLE# start learn-allowed-elements
Learning mode for allowed-elements-profile started.

In the above example, start is the top level ACLI command and learn-allowed-elements is the operation being performed.

Optionally, you can specify [method], [msg-type], and [params] in any order, for the Oracle Communications Session Border Controller to learn specific rule-set elements from incoming messages and save them to the whitelist configuration.

For example:

ORACLE# start learn-allowed-elements method msg-type params

The method option creates a new rule-set per unique method. The msg-type option creates a new rule-set per unique message-type seen. The params option performs URI and header parsing to examine parameters within the message. By default, parameter parsing is disabled.

To start the whitelist learning feature:

In Superuser mode, at the top level ACLI prompt, type start learn-allowed-elements and press Enter.

ORACLE# start learn-allowed-elements

The following message displays:

Learning mode for allowed-elements-profile started.

To specify the elements of rule-sets for whitelists:

In Superuser mode, at the top level ACLI prompt, type start learn-allowed-elements method msg-type params and press Enter.

ORACLE# start learn-allowed-elements method msg-type params

The following message displays:

Learning mode for allowed-elements-profile started.

Note:

If you try to start a whitelist learning operation while another learning operation is already running, the following message displays:

Learning mode restarted without saving
Learning mode for allowed-elements-profile started.

To stop the whitelist learning feature:

In Superuser mode, at the top level ACLI prompt, type stop learn-allowed-elements <identifier>, where <identifier> is the allowed-elements-profile name, and press Enter.

ORACLE# stop learn-allowed-elements whitelist1

The following message displays:

Learning mode for allowed-elements-profile stopped.

If you specify an identifier name that already exists as a profile, the ACLI returns an error message and prompts you to enter a different name.