R226 Security Recommendation Compliance

The Oracle Communications Session Border Controller (OCSBC) provides functionality designed to comply with the R226 recommendations, a set of Information Technology Security Standard developed by the National Cybersecurity Agency of France (ANSSI)

This chapter presents the following features, which align with R226 recommendations to harden the operational security of the OCSBC. The features presented here require that you enable the ANSSI R226 Compliance entitlement.

• Bootparameter Security
• SIPREC Licensing—SIPREC cannot be used on a system without a license. The purpose of this is to present a barrier that requires external approval before an OCSBC user can configure and use SIPREC.
• SFTP Access Restrictions

OCSBC features associated with R226 compliance, but not requiring the ANSSI R226 Compliance entitlement are listed below with pointers to their description and configuration documentation:

• Restricting Logon to TACACS
• SHA-2 Authentication-Password Hashing
• Import Private SSH Key to Derive New SSH Host Keys
• Import a Private SSH Key for the OCSBC as an SFTP Client
• Delete an SSH Key
• Securing Communications Between the OCSBC and SDM with TLS