1. User's Guide
  2. Denial of Service Protection and ACLs

12 Denial of Service Protection and ACLs

This section explains the Denial of Service (DoS) protection for the Oracle Enterprise Communications Broker (OECB). The OECB DoS protection functionality protects softswitches and gateways with overload protection, dynamic and static access control, and trusted device classification and separation at Layers 3-5. The OECB itself is protected from signaling and media overload, but more importantly the feature allows legitimate, trusted devices to continue receiving service even during an attack. DoS protection prevents the OECB host processor from being overwhelmed by a targeted DoS attack from the following:

  • IP packets from an untrusted source as defined by provisioned or dynamic ACLs
  • IP packets for unsupported or disabled protocols
  • Nonconforming/malformed (garbage) packets to signaling ports
  • Volume-based attack (flood) of valid or invalid call requests, signaling messages, and so on.
  • Overload of valid or invalid call requests from legitimate, trusted sources