1. User's Guide
  2. Denial of Service Protection and ACLs
  3. Host Path Protection Process
  4. Host Path Traffic Management
  5. Malicious Source Blocking

Malicious Source Blocking

Malicious source blocking consists of monitoring the following metrics for each source:

  • SIP transaction rate (messages per second)
  • SIP call rate (call attempts per second)
  • Nonconformance/invalid signaling packet rate

Device flows that exceed the configured maximum signaling threshold, untrusted signaling threshold, invalid signaling threshold, or the configured valid signaling threshold within the configured time period are demoted, either from trusted to untrusted, or from untrusted to denied classification.