1. User's Guide
  2. Outbound Number Management

8 Outbound Number Management

Oracle® Communications Security Shield Cloud Service (Security Shield) Outbound Number Management provides tools to help you manage outbound calls for your enterprise. You can create a list of outbound phone numbers and specify how Security Shield validates and enforces their use.

Topics:

Use the following topics to create and manage your enterprise outbound calling number lists.

Fraud and Spam Mitigation Details

Oracle® Communications Security Shield Cloud Service (Security Shield) fraud and spam mitigation allows you to specify which of your telephone numbers your call recipients see. In this way, you can enforce the use of general numbers for outbound calls to replace the telephone numbers directly associated with an employee, agent, or associate.

Fraud and spam mitigation can also help you ensure that your outbound calls use the correct number format. Short numbers, for example from an internal dialing plan, can lead to blocked calls and lower answer rates. In addition, using the correct number format also supports call attestation performed by SIP trunk providers and other carriers (also known as STIR/SHAKEN) to combat Robocalls.

Use the following topics to create and manage your enterprise outbound calling number lists.

Trusted Enterprise Calls

In addition to the fraud and spam protection that Oracle® Communications Security Shield Cloud Service (Security Shield) provides, the Trusted Enterprise Calls service supports specifying which of your telephone numbers you want digitally signed using STIR/SHAKEN Authentication.

For more information, see:

Outbound Call Processing Behavior

To help manage your enterprise phone numbers allowed for outbound calls, you can create a list of allowed outbound phone numbers for Oracle® Communications Security Shield Cloud Service (Security Shield).

With Outbound Number Management, you can configure attributes and rules for phone numbers on the list to instruct how you want Security Shield to handle your outgoing calls.

  • When Security Shield finds a match on the list for an outbound calling number it handles the call according to the rules you set.
  • When Security Shield cannot find a match on the list for an outbound calling number it allows the call and sends the outbound INVITE with no changes, by default. When left in the default state, Security Shield cannot detect calls from numbers with a "Do Not Originate" policy, illegitimate numbers, or numbers that do not exist in your set of telephone numbers. You can change the behavior by setting the call treatment to block calls from phone numbers not on the list. Even when no match is found, and the respective setting is to allow the call, Security Shield can still block the outbound call because of the Access Control List. Outbound calls are also subject to reputation score and Toll Fraud either of which can influence the call treatment.
  • When you configure a presentation number for an outbound calling number, Security Shield replaces the original number in the FROM header of the outbound INVITE with the presentation number configured for the calling number. You can use the presentation number to ensure your outgoing calls present, for example, only the main company number, main toll-free number (for your contact center), switchboard number, and so on. This can help to shield your employees from a direct dial-in or callback.
  • When the calling number is on the list and you set the status for the number to Inactive, Security Shield handles the call based on the settings for Inactive (on the Settings tab).
  • When the original number is in the sip-uri format and you want Security Shield to use a presentation number, the Security Shield adds the presentation number in sip-uri format and preserves any header parameters or parameters as received.
  • When the original FROM contains Anonymous in the display name or elsewhere, Security Shield overrules it in the replaced FROM.
  • When the number is present in your enterprise number table, is marked active, and is marked to use PAI, Security Shield behaves as follows:
    • removes any preexisting headers, including anonymous information.
    • removes a received P-Preferred Identity (PPI)
    • does not take into account privacy headers related to the FROM and keeps the privacy header in the outbound INVITE.
    • adds a new PAI header to the outbound call.
    • populates the new PAI header with the presentation number when you provision PAI for the calling number or populates the PAI header with the original calling number when you do not configure a presentation number for the calling number.
      • if the original FROM is in tel-uri format, adds PAI in tel-uri format.
      • if the original FROM is in sip-uri, adds the PAI in sip-uri format where user name consists of presentation number, re-use the host name as received in the FROM and add tag user=phone.
      • if anonymous is present in the host name of the original FROM, uses the provisioned domain name.
  • For outbound calls, any Header Manipulation Rules that change the domain part of the FROM header will overwrite the domain name provided by Security Shield.

Outbound Number Management Controls and Actions

The Oracle® Communications Security Shield Cloud Service (Security Shield) Outbound Number Management page displays actions and controls for creating lists of outbound phone numbers and configuring how you want to control their use.

Outbound Numbers Tab

The Outbound Number Management page displays the Outbound Numbers tab by default. Use the Outbound Numbers tab to see information about existing numbers, add numbers, and search for numbers. The tab includes the search field, filter chips to refine a search, and the add numbers button. See Outbound Number Attributes for descriptions of the columns.

The Security Shield Outbound Numbers tab is where you create your outbound calling numbers list and later search for a phone number, for example, to edit its attributes or to delete the number.

Note:

The Call Signing column displays only for Trusted Enterprise Call subscribers.

This screen capture shows the Outbound Number tab which displays your list of managed phone numbers..

To add numbers to the list, click the Add button to display the Add Outbound Calling Number drawer, where you add phone numbers one at a time and specify their attributes. The only required field is the Number field. You can set any combination of the attributes or none at all. When you set no attributes, the phone number defaults to the Inactive state.

This screen capture shows the outbound numbers list add drawer.

See Outbound Number Attributes and Call Type Descriptions.

Settings Tab

Use the Settings tab to configure how you want Security Shield to handle outbound calls.

Note:

The Trusted Enterprise Call - Attested Call API Key attribute displays only for Trusted Enterprise Call - Bring Your Own License subscribers.

This screen capture shows the Setting tab for managing Outbound Numbers.

Outbound Numbers Management - Outbound Numbers Tab

The Oracle® Communications Security Shield Cloud Service (Security Shield) Outbound Numbers tab is where you create your outbound calling numbers list and later search for a phone number, for example, to edit its attributes or to delete the number.

The following screen capture shows the Outbound Numbers tab with sample data.

Note:

The Call Signing column displays only for Trusted Enterprise Call subscribers.

This screen capture shows the outbound numbers tab and its controls. The tab displays filter chips you can use to narrow a search. The tab also displays the add button. The table in the center pane lists the phone numbers and their attributes.

Use the Search field to find phone numbers on the list. See Search Operations on the Outbound Numbers List.

Click the "plus" character button to display the Add Outbound Calling Number drawer, where you add phone numbers one at a time and specify their attributes. See Add a New Phone Number to the Outbound Number Management List.

Outbound Number Attributes

In the Oracle® Communications Security Shield Cloud Service (Security Shield) Add Outbound Number drawer you can set the attributes that you want applied to an outbound calling phone number. Security Shield requires only the phone number. You can configure some, all, or none of the attributes. Reach the drawer from the Outbound Call Management tab.

The outbound call attributes you can set for a phone number include:
  • Number—The general number format convention is country code followed by the subscriber phone number <country code><subscriber phone number>. The country code can be up to three digits long. The subscriber phone number may include an area code and is typically seven to eleven digits long, depending on the national number conventions. For international formatting, you may format the number with a + character (+<country code><subscriber phone number>, for example, +15551234567) or without the + character. For outbound calls to international destinations you can use either the + character or the international dialing prefix for your country. Using the format as described helps to achieve the goal of call spam labeling and helps to elevate STIR-SHAKEN validation by Communications Service Providers.
  • Description (Optional)—A descriptive name for the number. For example, Enterprise Callback Number.
  • State (Optional)—Determines whether the rule applies to the number at a given moment. Default: Inactive.
    • Active—The rule you created for the number is executed for calls originating from the specified number. For example, adding P-Asserted Identity and using the Presentation Number either individually or together.
    • Inactive—The number remains on the list and Security Shield allows outbound calls from the number without executing the rules you created.
  • Presentation number (Optional)—The phone number you want the call recipient to see. When configuring the Presentation Number use the number format described above in the Number parameter. Depending on the SIP trunk providers you use, you may use the Country Code. For example, in the United States you use [country code][area code][local phone number] or the more commonly used [area code][local phone number]. In the European Union and United Kingdom you use [+][country code][area code][local phone number].
  • Use P-Asserted Identity header (PAI) (Optional)—Use to include the PAI header in the outbound call, so the SIP Trunk provider's spam solution analytics, and potentially the nuisance (robocall) analytics applications on smart phones, considers the call from a legitimate source. Using the PAI helps to achieve the goal of call spam labeling and helps to elevate STIR-SHAKEN validation by Communications Service Providers. Default: Deselected.
  • Call Signing (Optional)—Displays the enablement state for call signing. Requires the Trusted Enterprise Calls subscription. Default: Enabled. Valid values: Disabled | Enabled.
  • Call Type (Optional)—Select a label for the call. Default: None. Valid Values: Business | Debt Collection | Health | Informational | None | Survey | Telemarketing | Trusted.
  • Action—Click the pencil icon to edit a number. Click the trash can icon to delete a number.

Note:

You must be a member of the OCSS ACL Editor, OCSS Configuration Editor, or CGBU OCSS Administrator user groups to work with the Outbound Number list. See "User Roles and Privileges" in the Security Shield Installation and Maintenance Guide.

Call Type Descriptions

The Oracle® Communications Security Shield Cloud Service (Security Shield) Outbound Number Management page supports the following call types that you can use to filter phone numbers.

  • Business—Calls placed by businesses, entities, or enterprises. Use when none of the other call tags apply and you want to add Call Tags to the outbound call.
  • Debt Collection—Calls related to collecting of debt, for example, loans, mortgages, and credit.
  • Health—Calls to provide health care-related information, for example, from health plans, health care clearinghouses, health care providers, prescriptions, and doctor calls.
  • Survey—Calls call that solicit opinions or data from the called party.
  • None—Omits call types from the search.
  • Informational—Calls intended to communicate information to the called party. For example, an order confirmation, an appointment reminder, or a notice from a utility.
  • Telemarketing—Calls placed to sell the call recipient a product or service, or donate to an organization.
  • Trusted—Calls from a trusted entity not covered by the other call types. For example, returned calls and messages from telecommunication carriers and utilities. An established business relationship must exist between the caller and the recipient.

Note:

Configuring call types with a value other than the default does not impact the outbound call INVITE.
The Call Type list on the Outbound Number Management tab shows all call types for configuration purposes. When you filter on call types, the filter menu displays only the call types you configured.

See Add a New Phone Number to the Outbound Number Management List

Outbound Call Signing

Oracle® Communications Security Shield Cloud Service (Security Shield) outbound call signing informs the terminating mobile service provider that the call originated from a legitimate source; you. Outbound call signing uses a cryptographic signature and JSON Web Token so the terminating mobile service provider can verify the call details to determine its origin.

For customers with the Trusted Enterprise Calls subscription, the Outbound Numbers table displays the Call Signing column and filter chip on the Outbound Numbers tab on the Outbound Number Management page. The tab lists your configured outbound numbers and whether or not they are enabled for outbound call signing, along with other information about each number.

To enable outbound call signing, select a phone number on the Outbound Numbers list to edit or add a new one. Security Shield displays the configuration drawer where you enable outbound call signing per phone number.

Note:

Security Shield logs enabling and disabling outbound call signing. On the Activity Log page, hover over the Timestamp to see the activity details.
  • Customers who purchase call attestation from Oracle—Enter the phone number, select the Active state, optionally enter a presentation number, and select Enable Call Signing.
  • Customers who want to use their own call signing and attestation vendor or solution—Enter the phone number, select the Active state, optionally enter a presentation number, select Enable Call Signing, and enter your Neustar API key (on the Settings tab).

Note:

When you enter a presentation number, Security Shield uses that number for outbound call signing and attestation. See Security Shield Phone Number Format Requirements for special presentation number requirements for outbound call signing.

When searching for an existing phone number when the list is long, use the Call Signing filter chip to find phone numbers with Call Signing enabled or disabled.

Search Operations on the Outbound Numbers List

After you create a list of outbound calling numbers for Oracle® Communications Security Shield Cloud Service (Security Shield), you might need to edit the list or search for phone numbers for other reasons. For example, you might want to change the settings for one or more of the attributes or delete a number.

Note:

You must be a member of the OCSS ACL Editor, OCSS Configuration Editor, or CGBU OCSS Administrator user groups to edit or delete numbers in Outbound Numbers Management.

You can search in the following ways:

Search by Phone Number

Use the following guidelines to search for a number.
  • The general number format convention is country code followed by the subscriber phone number <country code><subscriber phone number>. The country code can be up to three digits long. The subscriber phone number may include an area code and is typically seven to eleven digits long, depending on the national number conventions. For international formatting, you may format the number with a + character (+<country code><subscriber phone number>, for example, +15551234567) or without the + character. For outbound calls to international destinations you can use either the + character or the international dialing prefix for your country. Check with your SIP trunk provider for the number format convention it supports.
  • Enter numbers using a wild card suffix. For example: +1919555xxxx.

Search With Filter Chips

Security Shield provides a set of filter chips (located below the Search field), which are based on the column headers. To refine your search, click one or more filter chips to move them into the Search field. After you put a filter chip into the Search field you can further refine your search by clicking the filter chip to see a list of additional filters. You can add multiple filter chips to Search. You can remove filter chips from the search bar when you no longer want the filter applied, but you cannot delete them from Security Shield. The filter chips provide the following filters.
  • State―Default: Active. Filter Choices: Active | Inactive.
  • Use PAI―Default: Yes. Filter Choices: Yes | No.
  • Call Signing Enabled―(Displays only with the Trusted Enterprise Calls subscription.) Default: Enabled. Filter Choices: Enabled | Disabled.
  • Call Type―Default: None. Filter Choices: Business | Debt Collection | Health | Informational | None | Survey | Telemarketing | Trusted.

Add a New Phone Number to the Outbound Number Management List

Use the following procedure to add one or more phone numbers the Oracle® Communications Security Shield Cloud Service (Security Shield) outbound number management list.

Before You Begin
  • If your Session Border Controller does not use phone numbers in the E.164 format, you may need to work with Oracle before deploying Security Shield to determine how to normalize your phone numbers to work effectively with Security Shield.
  • You must be a member of the OCSS ACL Editor, OCSS Configuration Editor, or CGBU OCSS Administrator user groups to add numbers to the Outbound Numbers list. Only the CGBU OCSS Administrator can add, modify, or remove the API key.
  • See Security Shield Phone Number Format Requirements.
Procedure
Use the following procedure to add a phone number to the outbound number list. When you enable a phone number for Outbound Call Signing, allow about fifteen days for the service to take effect.

Note:

Customers who use their own call signing and attestation vendor or solution must provision and manage the account, users, phone numbers, and API keys on your vendor's portal.
  1. Access the Outbound Number Management page and click the Add icon.
  2. In the Add Outbound Number drawer, do the following:
    • Number—Enter the phone number you want to add. Enter 1-15 digits in E.164 international format. You can use the x character as a wild card representing any single digit. The field supports wild cards only for the suffix.
    • Description—(Optional) Enter a description about the purpose of the number. 256 character maximum.
    • State—Select Active when you want Security Shield to execute the rule for the outbound number. Select Inactive to use the Inactive Outbound Numbers enforcement action configured under the Settings tab. Default: Active. Valid values: Active | Inactive.
    • Presentation number—(Optional) Enter the number you want the call recipient to see in caller ID, if different from the calling number. Enter 1-15 digits in E.164 international format. Do not use wild cards.

      Note:

      Ensure that each of your SIP Trunk providers can use the format you use.
    • Use P-Asserted Identifier (PAI) (Optional)—Select to include the PAI header in the outbound call., so Security Shield analytics considers the call legitimate. Default: Deselected.
    • Enable Call Signing—(Requires the Trusted Enterprise Call subscription) Select to enable call signing for this phone number.
    • Call Type (Optional)—Select a call type from the drop-down list. Default: None. Valid values: Business | Debt Collection | Health | Informational | None | Survey | Telemarketing | Trusted.
  3. Do one of the following:
    • Click Add to close the drawer and add the phone number to the list.
    • Click Add Another to keep the drawer open to add another phone number to the list.
Next Steps
  • Customers who use their own call signing and attestation vendor or solution: Go to the Settings tab on the Outbound Number Management page, and enter your Attested Call API Key.

Edit Phone Number Attributes on the Outbound Number Management List

Use the following procedure to edit phone numbers on the Oracle® Communications Security Shield Cloud Service (Security Shield) outbound number management list.

Before You Begin
  • If your Session Border Controller does not use phone numbers in the E.164 format, Oracle or a partner may need to work with you before deploying Security Shield to determine how to normalize your phone numbers to work effectively with Security Shield.
  • You must be a member of the OCSS ACL Editor, OCSS Configuration Editor, or CGBU OCSS Administrator user groups to add numbers to the Outbound Number list. Only the CGBU OCSS Administrator can add, modify, or remove the API key.
  • See Security Shield Phone Number Format Requirements.
Procedure

Use the following procedure to edit phone numbers on the outbound numbers list.

  1. Access the Outbound Call Management page.
  2. On the Outbound Numbers tab, use Search to find the phone number you want to edit.
  3. In the row of the phone number you want to edit, click the Edit icon.
    Security Shield displays the Edit Outbound Number Attributes drawer.
  4. In the Edit Outbound Number Attributes drawer, do the following:
    • Number—You cannot edit the phone number, only its attributes. To change the phone number, delete the existing record and add the one you want.
    • Description—Edit the description about the purpose of the number.
    • State—Select Active when you want Security Shield to execute the rule. Select Inactive when you want Security Shield to use the Inactive Outbound Number enforcement action configured on the Settings tab.
    • Presentation number—Edit the number you want the call recipient to see in caller ID. Enter 1-15 digits in E.164 international format. Do not use wild cards.

      Note:

      Ensure that each of your SIP Trunk providers can use the format you use.
    • Use P-Asserted Identifier (PAI)—Select or deselect to include or exclude the PAI header in the outbound call.
    • Enable Call Signing —(Requires the Trusted Enterprise Call subscription) Select or deselect to enable or disable call signing for this phone number.
    • Call Type—Select a different call type from the list. Valid values: Business | Debt Collection | Health | Informational | None | Survey | Telemarketing | Trusted.
  5. Click Save.

Delete a Phone Number From the Outbound Number Management List

The simple method for deleting a phone number from the Outbound Number Management list is to enter the number in the Search field and click the delete icon when Oracle® Communications Security Shield Cloud Service (Security Shield) finds the number.

Before You Begin
  • You must be a member of the OCSS ACL Editor, OCSS Configuration Editor, or CGBU OCSS Administrator user groups to delete numbers from Outbound Numbers Management.
Procedure

Use the following procedure to delete a phone number without using the Search filters.

  1. Access the Outbound Number Management page.
  2. On the Outbound Numbers tab, use Search to find the phone number you want to delete.
  3. In the row of the phone number you want to delete, click the Delete icon.
    Security Shield displays a confirmation dialog.
  4. Click Delete.

Outbound Number Management - Settings Tab

On the Oracle® Communications Security Shield Cloud Service (Security Shield) Outbound Number Management page, click the Settings tab to view and edit your current settings for outbound numbers.

The following screen capture shows the Settings tab, where you set the domain name, enforcement actions for outbound numbers, depending on your subscription, set the API Key for Trusted Enterprise Calls.

Note:

The Trusted Enterprise Call - Attested Call API Key attribute displays only for Trusted Enterprise Call - Bring Your Own License subscribers.

This screen capture shows the settings tab on the Outbound Number Management page..

See Configure Outbound Number Management Settings

Configure Outbound Number Management Settings

Use the Settings tab on the Outbound Number Management page to configure how Oracle® Communications Security Shield Cloud Service (Security Shield) displays your domain name to outbound call recipients, enforces inactive outbound calling numbers, and enforces numbers not configured for Outbound Number Management.

Procedure
Use the following procedure to set or edit outbound number settings.

Note:

The Trusted Enterprise Call - Attested Call API Key attribute displays only for customers who have the Trusted Enterprise Calls Bring Your Own License subscription.
  1. Access the Outbound Number Management page, and click the Settings tab.
  2. On the Settings tab, do the following:
    • Domain Name—Set the domain name you want the called party to see to identify your company. 100 maximum characters.

      Note:

      For outbound calls, any Header Manipulation Rules that change the domain part of the FROM header may overwrite the domain name provided by Security Shield.
    • Inactive Outbound Calling Numbers—Set the enforcement action you want the session border controller to perform on inactive phone numbers configured for Outbound Number Management. Default: Allow Call. Valid values: Allow Call | Block
    • Outbound Calling Numbers Not Configured—Set the enforcement action you want the session border controller to perform on phone numbers not configured in Outbound Number Management. Default: Allow Call. Valid values: Allow Call | Block
    • Trusted Enterprise Call - Attested Call API Key—Enter your Neustar API Key, if you have the Security Shield Trusted Enterprise Call - Bring Your Own License subscription. 255 maximum characters.
  3. Click Save.