Contents

Title and Copyright Information

Related Documentation

1 General Security Principles

• Overview
• SBC Specific Security Principles

2 Secure Installation and Configuration

• Recommended Deployment Topologies
• Management Interfaces
• Resiliency

3 Security Features

• The Security Model
• R.226 Security Recommendations
• Net-SAFE Architecture: SBC & Core Infrastructure Protection
• Net-SAFE Architecture: Topology Hiding & SIP Manipulation
• Security Specific Feature Sets
• Configuring Monitoring and Performance Management Features
• Configuring AAA Integration
• Signaling and Media Interface Security Configuration

A Secure Deployment Checklist

B Port Matrix

C DDoS Prevention for Peering Environments

• Configuration Parameters for DDoS Prevention in Peering Environments
• DDoS Configuration Settings per Platform in Peering Environments

D DDoS Prevention for Access Environments

• DDoS Access - Configuration Parameters
• DDoS Configuration Settings per Platform in Access Environments

E Mitigating SIP Attacks

F Intrusion Detection System

G Blacklisting with Local Routing Tables

• Blacklist Table Maintenance

H SNMP Monitoring

I Syslog

J Call Detail Records (CDR)

K Historical Data Records (HDR)

L ACLI Commands for Monitoring

M SRTP Configuration and Troubleshooting