Configuration Overview
Configuring OECB DoS protection includes masking source IP and port parameters to include more than one match and configuring guaranteed minimum bandwidth for trusted and untrusted signaling path. You can also configure signaling path policing parameters for individual source addresses. Policing parameters are defined as peak data rate (in bytes/sec), average data rate (in bytes/sec), and maximum burst size.
You can configure deny list rules based on the following:
- ingress realm
- source IP address
- source port
- transport protocol (TCP/UDP)
- application protocol (SIP)