8 Outbound Number Management
Oracle® Communications Security Shield Cloud Service (Security Shield) Outbound Number Management provides tools to help you manage outbound calls for your enterprise. You can create a list of outbound phone numbers and specify how Security Shield validates and enforces their use.
Topics:
Use the following topics to create and manage your enterprise outbound calling number lists.
Fraud and Spam Mitigation Details
Oracle® Communications Security Shield Cloud Service (Security Shield) fraud and spam mitigation allows you to specify which of your telephone numbers your call recipients see. In this way, you can enforce the use of general numbers for outbound calls to replace the telephone numbers directly associated with an employee, agent, or associate.
Fraud and spam mitigation can also help you ensure that your outbound calls use the correct number format. Short numbers, for example from an internal dialing plan, can lead to blocked calls and lower answer rates. In addition, using the correct number format also supports call attestation performed by SIP trunk providers and other carriers (also known as STIR/SHAKEN) to combat Robocalls.
Trusted Enterprise Calls
In addition to the fraud and spam protection that Oracle® Communications Security Shield Cloud Service (Security Shield) provides, the Trusted Enterprise Calls service supports specifying which of your telephone numbers you want digitally signed using STIR/SHAKEN Authentication.
Outbound Call Processing Behavior
To help manage your enterprise phone numbers allowed for outbound calls, you can create a list of allowed outbound phone numbers for Oracle® Communications Security Shield Cloud Service (Security Shield).
With Outbound Number Management, you can configure attributes and rules for phone numbers on the list to instruct how you want Security Shield to handle your outgoing calls.
- When Security Shield finds a match on the list for an outbound calling number it handles the call according to the rules you set.
- When Security Shield cannot find a match on the list for an outbound calling number it allows the call and sends the outbound INVITE with no changes, by default. When left in the default state, Security Shield cannot detect calls from numbers with a "Do Not Originate" policy, illegitimate numbers, or numbers that do not exist in your set of telephone numbers. You can change the behavior by setting the call treatment to block calls from phone numbers not on the list. Even when no match is found, and the respective setting is to allow the call, Security Shield can still block the outbound call because of the Access Control List. Outbound calls are also subject to reputation score and Toll Fraud either of which can influence the call treatment.
- When you configure a presentation number for an outbound calling number, Security Shield replaces the original number in the FROM header of the outbound INVITE with the presentation number configured for the calling number. You can use the presentation number to ensure your outgoing calls present, for example, only the main company number, main toll-free number (for your contact center), switchboard number, and so on. This can help to shield your employees from a direct dial-in or callback.
- When the calling number is on the list and you set the status for the number to Inactive, Security Shield handles the call based on the settings for Inactive (on the Settings tab).
- When the original number is in the sip-uri format and you want Security Shield to use a presentation number, the Security Shield adds the presentation number in sip-uri format and preserves any header parameters or parameters as received.
- When the original FROM contains Anonymous in the display name or elsewhere, Security Shield overrules it in the replaced FROM.
- When the number is present in your enterprise number table, is marked
active, and is marked to use PAI, Security Shield behaves as follows:
- removes any preexisting headers, including anonymous information.
- removes a received P-Preferred Identity (PPI)
- does not take into account privacy headers related to the FROM and keeps the privacy header in the outbound INVITE.
- adds a new PAI header to the outbound call.
- populates the new PAI header with the presentation number when
you provision PAI for the calling number or populates the PAI header with
the original calling number when you do not configure a presentation number
for the calling number.
- if the original FROM is in tel-uri format, adds PAI in tel-uri format.
- if the original FROM is in sip-uri, adds the PAI in sip-uri format where user name consists of presentation number, re-use the host name as received in the FROM and add tag user=phone.
- if anonymous is present in the host name of the original FROM, uses the provisioned domain name.
- For outbound calls, any Header Manipulation Rules that change the domain part of the FROM header will overwrite the domain name provided by Security Shield.
Outbound Number Management Controls and Actions
The Oracle® Communications Security Shield Cloud Service (Security Shield) Outbound Number Management page displays actions and controls for creating lists of outbound phone numbers and configuring how you want to control their use.
Outbound Numbers Tab
The Outbound Number Management page displays the Outbound Numbers tab by default. Use the Outbound Numbers tab to see information about existing numbers, add numbers, and search for numbers. The tab includes the search field, filter chips to refine a search, and the add numbers button. See Outbound Number Attributes for descriptions of the columns.
The Security Shield Outbound Numbers tab is where you create your outbound calling numbers list and later search for a phone number, for example, to edit its attributes or to delete the number.
Note:
The Call Signing column displays only for Trusted Enterprise Call subscribers.To add numbers to the list, click the Add button to display the Add Outbound Calling Number drawer, where you add phone numbers one at a time and specify their attributes. The only required field is the Number field. You can set any combination of the attributes or none at all. When you set no attributes, the phone number defaults to the Inactive state.
Settings Tab
Note:
The Trusted Enterprise Call - Attested Call API Key attribute displays only for Trusted Enterprise Call - Bring Your Own License subscribers.Outbound Numbers Management - Outbound Numbers Tab
The Oracle® Communications Security Shield Cloud Service (Security Shield) Outbound Numbers tab is where you create your outbound calling numbers list and later search for a phone number, for example, to edit its attributes or to delete the number.
Note:
The Call Signing column displays only for Trusted Enterprise Call subscribers.Use the Search field to find phone numbers on the list. See Search Operations on the Outbound Numbers List.
Click the "plus" character button to display the Add Outbound Calling Number drawer, where you add phone numbers one at a time and specify their attributes. See Add a New Phone Number to the Outbound Number Management List.
Outbound Number Attributes
In the Oracle® Communications Security Shield Cloud Service (Security Shield) Add Outbound Number drawer you can set the attributes that you want applied to an outbound calling phone number. Security Shield requires only the phone number. You can configure some, all, or none of the attributes. Reach the drawer from the Outbound Call Management tab.
- Number—The general number format convention is country code followed by the subscriber phone number <country code><subscriber phone number>. The country code can be up to three digits long. The subscriber phone number may include an area code and is typically seven to eleven digits long, depending on the national number conventions. For international formatting, you may format the number with a + character (+<country code><subscriber phone number>, for example, +15551234567) or without the + character. For outbound calls to international destinations you can use either the + character or the international dialing prefix for your country. Using the format as described helps to achieve the goal of call spam labeling and helps to elevate STIR-SHAKEN validation by Communications Service Providers.
- Description (Optional)—A descriptive name for the number. For example, Enterprise Callback Number.
- State (Optional)—Determines whether the rule applies to the number
at a given moment. Default: Inactive.
- Active—The rule you created for the number is executed for calls originating from the specified number. For example, adding P-Asserted Identity and using the Presentation Number either individually or together.
- Inactive—The number remains on the list and Security Shield allows outbound calls from the number without executing the rules you created.
- Presentation number (Optional)—The phone number you want the call recipient to see. When configuring the Presentation Number use the number format described above in the Number parameter. Depending on the SIP trunk providers you use, you may use the Country Code. For example, in the United States you use [country code][area code][local phone number] or the more commonly used [area code][local phone number]. In the European Union and United Kingdom you use [+][country code][area code][local phone number].
- Use P-Asserted Identity header (PAI) (Optional)—Use to include the PAI header in the outbound call, so the SIP Trunk provider's spam solution analytics, and potentially the nuisance (robocall) analytics applications on smart phones, considers the call from a legitimate source. Using the PAI helps to achieve the goal of call spam labeling and helps to elevate STIR-SHAKEN validation by Communications Service Providers. Default: Deselected.
- Call Signing (Optional)—Displays the enablement state for call signing. Requires the Trusted Enterprise Calls subscription. Default: Enabled. Valid values: Disabled | Enabled.
- Call Type (Optional)—Select a label for the call. Default: None. Valid Values: Business | Debt Collection | Health | Informational | None | Survey | Telemarketing | Trusted.
- Action—Click the pencil icon to edit a number. Click the trash can icon to delete a number.
Note:
You must be a member of the OCSS ACL Editor, OCSS Configuration Editor, or CGBU OCSS Administrator user groups to work with the Outbound Number list. See "User Roles and Privileges" in the Security Shield Installation and Maintenance Guide.Call Type Descriptions
The Oracle® Communications Security Shield Cloud Service (Security Shield) Outbound Number Management page supports the following call types that you can use to filter phone numbers.
- Business—Calls placed by businesses, entities, or enterprises. Use when none of the other call tags apply and you want to add Call Tags to the outbound call.
- Debt Collection—Calls related to collecting of debt, for example, loans, mortgages, and credit.
- Health—Calls to provide health care-related information, for example, from health plans, health care clearinghouses, health care providers, prescriptions, and doctor calls.
- Survey—Calls call that solicit opinions or data from the called party.
- None—Omits call types from the search.
- Informational—Calls intended to communicate information to the called party. For example, an order confirmation, an appointment reminder, or a notice from a utility.
- Telemarketing—Calls placed to sell the call recipient a product or service, or donate to an organization.
- Trusted—Calls from a trusted entity not covered by the other call types. For example, returned calls and messages from telecommunication carriers and utilities. An established business relationship must exist between the caller and the recipient.
Note:
Configuring call types with a value other than the default does not impact the outbound call INVITE.See Add a New Phone Number to the Outbound Number Management List
Outbound Call Signing
Oracle® Communications Security Shield Cloud Service (Security Shield) outbound call signing informs the terminating mobile service provider that the call originated from a legitimate source; you. Outbound call signing uses a cryptographic signature and JSON Web Token so the terminating mobile service provider can verify the call details to determine its origin.
For customers with the Trusted Enterprise Calls subscription, the Outbound Numbers table displays the Call Signing column and filter chip on the Outbound Numbers tab on the Outbound Number Management page. The tab lists your configured outbound numbers and whether or not they are enabled for outbound call signing, along with other information about each number.
Note:
Security Shield logs enabling and disabling outbound call signing. On the Activity Log page, hover over the Timestamp to see the activity details.- Customers who purchase call attestation from Oracle—Enter the phone number, select the Active state, optionally enter a presentation number, and select Enable Call Signing.
- Customers who want to use their own call signing and attestation vendor or solution—Enter the phone number, select the Active state, optionally enter a presentation number, select Enable Call Signing, and enter your Neustar API key (on the Settings tab).
Note:
When you enter a presentation number, Security Shield uses that number for outbound call signing and attestation. See Security Shield Phone Number Format Requirements for special presentation number requirements for outbound call signing.When searching for an existing phone number when the list is long, use the Call Signing filter chip to find phone numbers with Call Signing enabled or disabled.
Search Operations on the Outbound Numbers List
After you create a list of outbound calling numbers for Oracle® Communications Security Shield Cloud Service (Security Shield), you might need to edit the list or search for phone numbers for other reasons. For example, you might want to change the settings for one or more of the attributes or delete a number.
Note:
You must be a member of the OCSS ACL Editor, OCSS Configuration Editor, or CGBU OCSS Administrator user groups to edit or delete numbers in Outbound Numbers Management.You can search in the following ways:
Search by Phone Number
- The general number format convention is country code followed by the subscriber phone number <country code><subscriber phone number>. The country code can be up to three digits long. The subscriber phone number may include an area code and is typically seven to eleven digits long, depending on the national number conventions. For international formatting, you may format the number with a + character (+<country code><subscriber phone number>, for example, +15551234567) or without the + character. For outbound calls to international destinations you can use either the + character or the international dialing prefix for your country. Check with your SIP trunk provider for the number format convention it supports.
- Enter numbers using a wild card suffix. For example: +1919555xxxx.
Search With Filter Chips
- State―Default: Active. Filter Choices: Active | Inactive.
- Use PAI―Default: Yes. Filter Choices: Yes | No.
- Call Signing Enabled―(Displays only with the Trusted Enterprise Calls subscription.) Default: Enabled. Filter Choices: Enabled | Disabled.
- Call Type―Default: None. Filter Choices: Business | Debt Collection | Health | Informational | None | Survey | Telemarketing | Trusted.
Add a New Phone Number to the Outbound Number Management List
Use the following procedure to add one or more phone numbers the Oracle® Communications Security Shield Cloud Service (Security Shield) outbound number management list.
- If your Session Border Controller does not use phone numbers in the E.164 format, you may need to work with Oracle before deploying Security Shield to determine how to normalize your phone numbers to work effectively with Security Shield.
- You must be a member of the OCSS ACL Editor, OCSS Configuration Editor, or CGBU OCSS Administrator user groups to add numbers to the Outbound Numbers list. Only the CGBU OCSS Administrator can add, modify, or remove the API key.
- See Security Shield Phone Number Format Requirements.
Note:
Customers who use their own call signing and attestation vendor or solution must provision and manage the account, users, phone numbers, and API keys on your vendor's portal.- Customers who use their own call signing and attestation vendor or solution: Go to the Settings tab on the Outbound Number Management page, and enter your Attested Call API Key.
Edit Phone Number Attributes on the Outbound Number Management List
Use the following procedure to edit phone numbers on the Oracle® Communications Security Shield Cloud Service (Security Shield) outbound number management list.
- If your Session Border Controller does not use phone numbers in the E.164 format, Oracle or a partner may need to work with you before deploying Security Shield to determine how to normalize your phone numbers to work effectively with Security Shield.
- You must be a member of the OCSS ACL Editor, OCSS Configuration Editor, or CGBU OCSS Administrator user groups to add numbers to the Outbound Number list. Only the CGBU OCSS Administrator can add, modify, or remove the API key.
- See Security Shield Phone Number Format Requirements.
Use the following procedure to edit phone numbers on the outbound numbers list.
Delete a Phone Number From the Outbound Number Management List
The simple method for deleting a phone number from the Outbound Number Management list is to enter the number in the Search field and click the delete icon when Oracle® Communications Security Shield Cloud Service (Security Shield) finds the number.
- You must be a member of the OCSS ACL Editor, OCSS Configuration Editor, or CGBU OCSS Administrator user groups to delete numbers from Outbound Numbers Management.
Use the following procedure to delete a phone number without using the Search filters.
Outbound Number Management - Settings Tab
On the Oracle® Communications Security Shield Cloud Service (Security Shield) Outbound Number Management page, click the Settings tab to view and edit your current settings for outbound numbers.
Note:
The Trusted Enterprise Call - Attested Call API Key attribute displays only for Trusted Enterprise Call - Bring Your Own License subscribers.Configure Outbound Number Management Settings
Use the Settings tab on the Outbound Number Management page to configure how Oracle® Communications Security Shield Cloud Service (Security Shield) displays your domain name to outbound call recipients, enforces inactive outbound calling numbers, and enforces numbers not configured for Outbound Number Management.
Note:
The Trusted Enterprise Call - Attested Call API Key attribute displays only for customers who have the Trusted Enterprise Calls Bring Your Own License subscription.- Access the Outbound Number Management page, and click the Settings tab.
- On the Settings tab, do the following:
- Domain Name—Set the domain name you want the called party
to see to identify your company. 100 maximum characters.
Note:
For outbound calls, any Header Manipulation Rules that change the domain part of the FROM header may overwrite the domain name provided by Security Shield. - Inactive Outbound Calling Numbers—Set the enforcement action you want the session border controller to perform on inactive phone numbers configured for Outbound Number Management. Default: Allow Call. Valid values: Allow Call | Block
- Outbound Calling Numbers Not Configured—Set the enforcement action you want the session border controller to perform on phone numbers not configured in Outbound Number Management. Default: Allow Call. Valid values: Allow Call | Block
- Trusted Enterprise Call - Attested Call API Key—Enter your Neustar API Key, if you have the Security Shield Trusted Enterprise Call - Bring Your Own License subscription. 255 maximum characters.
- Domain Name—Set the domain name you want the called party
to see to identify your company. 100 maximum characters.
- Click Save.