4 Phone Number Formatting
Oracle® Communications Security Shield Cloud Service (Security Shield) uses the E.164 phone number conventions. The following topics describe how to apply the conventions and how to handle nonconforming numbers.
Security Shield Phone Number Format Requirements
Oracle® Communications Security Shield Cloud Service (Security Shield) requires the following conventions for phone numbers for inbound and outbound calls.
Note:
If your Session Border Controller does not use phone numbers in the E.164 format, Oracle may need to work with you before deploying Security Shield to determine how to normalize your phone numbers to work effectively with Security Shield.- Phone Number FormatThe general number format convention is country code followed by the subscriber phone number <country code><subscriber phone number>. The subscriber phone number may include an area code and is typically seven to eleven digits long, depending on the national number conventions. Enter Phone numbers in the following ten-digit format where N is any digit from 2-9 (first digit of the area code and the local exchange) and X is any digit from 0-9: NXX-NXX-XXXX .
Note:
The preceding example contains hyphens only to aid in understanding. Do not insert hyphens when entering the number in the "Number" field in the "Add Outbound Number" configuration. - Country CodeThe country code can be up to three digits long. For international formatting, you may format the number with a + character (+<country code><subscriber phone number>, for example, +15551234567) or without the + character. For outbound calls to international destinations you can use either the + character or the international dialing prefix for your country. Check with your SIP trunk provider for the number format convention it supports. When formatting phone numbers for the Trusted Enterprise Calls subscription, which is valid only in North America, use one of the following methods to add the country code.
- Manual—Add the +1 or 1 prefix to the number, for example +1NXXNXXXXXX or 1NXXNXXXXXX.
- Default to the United States and Canada—Skip adding +1 or 1 to the number. Go to the Settings page and click Autonomous Threat Protection. Select "United States and Canada" for the "Service Domain Home Country." Security Shield will consider all phone numbers without a country code as "United States and Canada."
- You can use wild cards at the end of the phone number to indicate a range, except for Trusted Enterprise Calls. For example: To specify a seven digit phone number that begins with 91920, enter 91920xx.
- If you choose to configure the Presentation Number, you must use only the number format convention supported by the SIP trunk provider. When you use multiple SIP trunk providers, you must use a Presentation Number format that each SIP Trunk provider can support. For example, in the United States you use [country code][area code][local phone number] or the more commonly used [area code][local phone number]. In the European Union and United Kingdom you use [+][country code][area code][local phone number].
Number Cleansing
- Try to map to a country code to set the country.
- Remove any leading zeros from the phone number without the country code that may occur from configuration issues with trunk code or international dialing prefixes that are not removed.
- Map the next digits (prefix after the country code, after removing any leading zeros) to a carrier.
- Determine if the number length matches with the number plan (length for the prefix range.
When you receive calling number information (SIP INVITE, FROM, or PAI fields) containing a short phone number, incorrect format, or alphanumeric text such as "Restricted or "Anonymous", the reputation score may by negatively affected and can cause false positives for Reputation Score (High risk categories) and Threat Detection (Call Type). Oracle recommends that you use Security Shield Number Normalization, Non-Conforming E.641 Numbers guidelines, and Access Control Lists to avoid processing numbers with incorrect formats or alphanumeric text.
How Security Shield Manages Nonconforming Calling Numbers
When a calling number does not conform to E.164 phone number conventions, even after normalization, Oracle® Communications Security Shield Cloud Service (Security Shield) provides you with ways to specify call treatment.
- The originating entity, originating Service Provider, or intermediate networks may have added the nonconforming phone number due to a configuration error, lack of validation, or incorrect or incomplete information. Some possible configuration errors include errors in one or more normalization rules, incorrect number length, or the number contains prefixes and suffixes. Typically, a nonconforming number seen in such scenarios is not malicious or ill-intended.
- A configuration error in the Number Normalization rules. This scenario is an error condition, and is not malicious by nature.
- Malicious use of nonconforming numbers to disguise the originator of the call or use of improperly formatted numbers to gain access or detect vulnerabilities. These are threat scenarios.
With any enforcement action other than Continue, Security Shield stops processing the call and performs the configured action. With Continue as the enforcement action, Security Shield continues call processing which includes the Access Control List and Threat Detection.
Reputation Score Call Classifications
Security Shield provides the following reputation score call classifications and scores for nonconforming calling numbers.
- Regular Call Activity
- Tenure (continuous long-term activity)
- Stable activity identified and the phone number is reachable
- Call Center-like activity
- Activity towards a high number of premium numbers
- Call duration (irregular call duration)
- Tenure (Sparse long-term activity or high short-term activity)
- Number types (Payphone, technical number,and virtual numbers)
- Probable Spam-risk calls
- When limited or no activity is detected for a phone number
- Activity towards a high number of different phone numbers
- Activity towards a high number of unassigned phone numbers
- Tenure (no long-term activity or high short-term activity)
- Number types (High-risk and medium-risk carriers, high-risk phone type, high-risk prefix, high-risk country, toll free number, pager number, voice mail number, premium number, payphone, technical number, virtual number, or invalid number)
- Time bucket (Seen more than three months ago)
- Invalid phone number
- Traffic pumping
- Fraud risk, spoofed calls, or some Spam calls
Enforcement Actions
Security Shield provides the following enforcement actions that you can specify for nonconforming calling numbers.
Allow—(Default) Security Shield processes the calling number against your Access Control List and Threat Detection settings.
Block—Security Shield denies the call.
Redirect—Security Shield redirects the call to the number you specify.
Configure Nonconforming Number Handling
Oracle® Communications Security Shield Cloud Service (Security Shield) defaults to the Nonconforming Number call classification and the Continue enforcement action for nonconforming numbers. You can change the enforcement action from the Call Type Classifications page on the Settings page.
- For more explanation of the parameters in the following procedure, see How Security Shield Manages Nonconforming Calling Numbers.
Note:
The classifications displayed for Call Type Classification depend on whether you own the Standard Edition or the Premium Edition.- Access the Settings page, and click Call Type Classification.
- On the Call Type Classification page, set the enforcement action for the call type. Default: Continue. Valid values: Continue | Block | Redirect.
- Click Save.